From 56733c107aad1c7f99a15885f18dd7ad1fd75d50 Mon Sep 17 00:00:00 2001 From: 0xlildoudou <67382584+0xlildoudou@users.noreply.github.com> Date: Tue, 29 Oct 2024 16:51:49 +0000 Subject: [PATCH 1/4] feat(tasks): add wafw00f --- secator/tasks/wafw00f.py | 61 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 secator/tasks/wafw00f.py diff --git a/secator/tasks/wafw00f.py b/secator/tasks/wafw00f.py new file mode 100644 index 00000000..f1ab08d2 --- /dev/null +++ b/secator/tasks/wafw00f.py @@ -0,0 +1,61 @@ +import os +import yaml + +from secator.decorators import task +from secator.runners import Command +from secator.definitions import (OUTPUT_PATH, HEADER, PROXY, URL) +from secator.output_types import Tag, Info, Error + +@task() +class wafw00f(Command): + cmd = 'wafw00f' + + input_type = URL + json_flag = '-f json' + encoding = 'ansi' + + opt_prefix = '-' + opts = { + 'l': {'is_flag': True, 'default': False, 'help': 'List all WAFs that WAFW00F is able to detect'}, + 't': {'type': str, 'help': 'Test for one specific WAF'}, + 'a': {'is_flag': True, 'default': False, 'help': 'Find all WAFs which match the signatures, do not stop testing on the first one'}, + 'r': {'is_flag': True, 'default': False, 'help': 'Do not follow redirections given by 3xx responses'} + } + + opt_key_map = { + HEADER: 'H', + PROXY: 'p' + } + + output_types = [Tag] + + install_cmd = 'pipx install git+https://github.com/EnableSecurity/wafw00f.git' + install_github_handle = 'EnableSecurity/wafw00f' + + @staticmethod + def on_init(self): + self.output_path = self.get_opt_value(OUTPUT_PATH) + if not self.output_path: + self.output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json' + self.cmd += f' -o {self.output_path} ' + + @staticmethod + def on_cmd_done(self): + # Skip parsing if -l is set + if '-l' in self.cmd: + pass + else: + if not os.path.exists(self.output_path): + yield Error(message=f'Could not find JSON results in {self.output_path}') + return + + yield Info(message=f'JSON results saved to {self.output_path}') + with open(self.output_path, 'r') as f: + results = yaml.safe_load(f.read()) + if results[0]['detected']: + yield Tag( + name=results[0]['firewall'], + match=results[0]['manufacturer'], + extra_data= {'trigger_url': results[0]['trigger_url']} + ) + pass \ No newline at end of file From 0fcc840bc5998f0ddfb653d17930d8be9e2e2a42 Mon Sep 17 00:00:00 2001 From: Olivier Cervello Date: Mon, 11 Nov 2024 07:37:32 -0500 Subject: [PATCH 2/4] fix lint --- secator/tasks/wafw00f.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/secator/tasks/wafw00f.py b/secator/tasks/wafw00f.py index f1ab08d2..68b220f1 100644 --- a/secator/tasks/wafw00f.py +++ b/secator/tasks/wafw00f.py @@ -1,11 +1,12 @@ import os import yaml -from secator.decorators import task +from secator.decorators import task from secator.runners import Command from secator.definitions import (OUTPUT_PATH, HEADER, PROXY, URL) from secator.output_types import Tag, Info, Error + @task() class wafw00f(Command): cmd = 'wafw00f' @@ -18,7 +19,7 @@ class wafw00f(Command): opts = { 'l': {'is_flag': True, 'default': False, 'help': 'List all WAFs that WAFW00F is able to detect'}, 't': {'type': str, 'help': 'Test for one specific WAF'}, - 'a': {'is_flag': True, 'default': False, 'help': 'Find all WAFs which match the signatures, do not stop testing on the first one'}, + 'a': {'is_flag': True, 'default': False, 'help': 'Find all WAFs which match the signatures, do not stop testing on the first one'}, # noqa: E501 'r': {'is_flag': True, 'default': False, 'help': 'Do not follow redirections given by 3xx responses'} } @@ -56,6 +57,5 @@ def on_cmd_done(self): yield Tag( name=results[0]['firewall'], match=results[0]['manufacturer'], - extra_data= {'trigger_url': results[0]['trigger_url']} + extra_data={'trigger_url': results[0]['trigger_url']} ) - pass \ No newline at end of file From 786fd67f7334d8cfb5c37edd22a722e6571a0a31 Mon Sep 17 00:00:00 2001 From: Olivier Cervello Date: Mon, 11 Nov 2024 07:55:52 -0500 Subject: [PATCH 3/4] update --- secator/tasks/wafw00f.py | 100 +++++++++++++++++++-------------------- 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/secator/tasks/wafw00f.py b/secator/tasks/wafw00f.py index 68b220f1..ab764068 100644 --- a/secator/tasks/wafw00f.py +++ b/secator/tasks/wafw00f.py @@ -5,57 +5,57 @@ from secator.runners import Command from secator.definitions import (OUTPUT_PATH, HEADER, PROXY, URL) from secator.output_types import Tag, Info, Error +from secator.tasks._categories import OPTS @task() class wafw00f(Command): - cmd = 'wafw00f' - - input_type = URL - json_flag = '-f json' - encoding = 'ansi' - - opt_prefix = '-' - opts = { - 'l': {'is_flag': True, 'default': False, 'help': 'List all WAFs that WAFW00F is able to detect'}, - 't': {'type': str, 'help': 'Test for one specific WAF'}, - 'a': {'is_flag': True, 'default': False, 'help': 'Find all WAFs which match the signatures, do not stop testing on the first one'}, # noqa: E501 - 'r': {'is_flag': True, 'default': False, 'help': 'Do not follow redirections given by 3xx responses'} - } - - opt_key_map = { - HEADER: 'H', - PROXY: 'p' - } - - output_types = [Tag] - - install_cmd = 'pipx install git+https://github.com/EnableSecurity/wafw00f.git' - install_github_handle = 'EnableSecurity/wafw00f' - - @staticmethod - def on_init(self): - self.output_path = self.get_opt_value(OUTPUT_PATH) - if not self.output_path: - self.output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json' - self.cmd += f' -o {self.output_path} ' - - @staticmethod - def on_cmd_done(self): - # Skip parsing if -l is set - if '-l' in self.cmd: - pass - else: - if not os.path.exists(self.output_path): - yield Error(message=f'Could not find JSON results in {self.output_path}') - return - - yield Info(message=f'JSON results saved to {self.output_path}') - with open(self.output_path, 'r') as f: - results = yaml.safe_load(f.read()) - if results[0]['detected']: - yield Tag( - name=results[0]['firewall'], - match=results[0]['manufacturer'], - extra_data={'trigger_url': results[0]['trigger_url']} - ) + cmd = 'wafw00f' + input_type = URL + json_flag = '-f json' + encoding = 'ansi' + opt_prefix = '-' + meta_opts = { + PROXY: OPTS[PROXY] + } + opts = { + 'l': {'is_flag': True, 'default': False, 'help': 'List all WAFs that WAFW00F is able to detect'}, + 't': {'type': str, 'help': 'Test for one specific WAF'}, + 'a': {'is_flag': True, 'default': False, 'help': 'Find all WAFs which match the signatures, do not stop testing on the first one'}, # noqa: E501 + 'r': {'is_flag': True, 'default': False, 'help': 'Do not follow redirections given by 3xx responses'}, + } + opt_key_map = { + HEADER: 'H', + PROXY: 'p' + } + output_types = [Tag] + install_cmd = 'pipx install git+https://github.com/EnableSecurity/wafw00f.git' + install_github_handle = 'EnableSecurity/wafw00f' + proxy_http = True + + @staticmethod + def on_init(self): + self.output_path = self.get_opt_value(OUTPUT_PATH) + if not self.output_path: + self.output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json' + self.cmd += f' -o {self.output_path}' + + @staticmethod + def on_cmd_done(self): + # Skip parsing if -l is set + if '-l' in self.cmd: + pass + else: + if not os.path.exists(self.output_path): + yield Error(message=f'Could not find JSON results in {self.output_path}') + return + + yield Info(message=f'JSON results saved to {self.output_path}') + with open(self.output_path, 'r') as f: + results = yaml.safe_load(f.read()) + if len(results) > 0 and results[0]['detected']: + yield Tag( + name=results[0]['firewall'], + match=results[0]['manufacturer'], + extra_data={'trigger_url': results[0]['trigger_url']} + ) From 536c43cf568daf58054306048d1b51a970da9315 Mon Sep 17 00:00:00 2001 From: 0xlildoudou <67382584+0xlildoudou@users.noreply.github.com> Date: Tue, 24 Dec 2024 07:59:47 +0000 Subject: [PATCH 4/4] Add HEADER suggested by @LighTend3r --- secator/tasks/wafw00f.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/secator/tasks/wafw00f.py b/secator/tasks/wafw00f.py index ab764068..f31d03cf 100644 --- a/secator/tasks/wafw00f.py +++ b/secator/tasks/wafw00f.py @@ -16,7 +16,8 @@ class wafw00f(Command): encoding = 'ansi' opt_prefix = '-' meta_opts = { - PROXY: OPTS[PROXY] + PROXY: OPTS[PROXY], + HEADER = OPTS[HEADER] } opts = { 'l': {'is_flag': True, 'default': False, 'help': 'List all WAFs that WAFW00F is able to detect'},