New WAF script

2025-12-08 13:41:29 +00:00 · 2019-01-12 01:56:18 +01:00
parent 0a3144ebb5
commit 660036c38b
6 changed files with 48 additions and 4 deletions
--- a/waf/nginx.py
+++ b/waf/nginx.py
@@ -0,0 +1,21 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.settings import WAF_ATTACK_VECTORS
+
+__product__ = "NGINX Web Application Firewall (NGINX Inc.)"
+
+def detect(get_page):
+    retval = False
+
+    for vector in WAF_ATTACK_VECTORS:
+        page, _, _ = get_page(get=vector)
+        retval = all(_ in (page or "") for _ in ("<center><h1>403 Forbidden</h1></center>", "<center>nginx</center>"))
+        if retval:
+            break
+
+    return retval