Minor updates and removal of faulty denyall.py WAF script (junk - FP)

2025-12-09 14:11:29 +00:00 · 2019-01-10 15:35:52 +01:00
parent c74c58c47e
commit d31d2eeb27
8 changed files with 9 additions and 66 deletions
--- a/waf/360.py
+++ b/waf/360.py
@@ -5,8 +5,6 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

-import re
-
 from lib.core.settings import WAF_ATTACK_VECTORS

 __product__ = "360 Web Application Firewall (360)"
@@ -16,8 +14,9 @@ def detect(get_page):

    for vector in WAF_ATTACK_VECTORS:
        page, headers, code = get_page(get=vector)
-        retval = re.search(r"wangzhan\.360\.cn", headers.get("X-Powered-By-360wzb", ""), re.I) is not None
+        retval = headers.get("X-Powered-By-360wzb") is not None
        retval |= code == 493 and "/wzws-waf-cgi/" in (page or "")
+        retval |= all(_ in (page or "") for _ in ("eventID", "If you are the Webmaster", "<title>493</title>"))
        if retval:
            break