Minor update of safe3 WAF script

2025-12-09 14:11:29 +00:00 · 2019-01-10 14:19:03 +01:00
parent aa7af33fd5
commit 9fef4336b0
3 changed files with 5 additions and 4 deletions
--- a/waf/safe3.py
+++ b/waf/safe3.py
@@ -16,9 +16,10 @@ def detect(get_page):
    retval = False

    for vector in WAF_ATTACK_VECTORS:
-        _, headers, _ = get_page(get=vector)
+        page, headers, _ = get_page(get=vector)
        retval = re.search(r"Safe3WAF", headers.get(HTTP_HEADER.X_POWERED_BY, ""), re.I) is not None
        retval |= re.search(r"Safe3 Web Firewall", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval |= all(_ in (page or "") for _ in ("403 Forbidden", "Safe3waf/"))
        if retval:
            break