Ekultek / WhatWaf

Detect and bypass web application firewalls and protection systems
Other
2.65k stars 448 forks source link

Unknown Firewall (5006937b5) #55

Closed WhatWaf-Firewalls closed 6 years ago

WhatWaf-Firewalls commented 6 years ago

WhatWaf version: 0.5.3 Running context: ./whatwaf.py -f test.txt --ra --tamper-int 1 --verify-num 7 --pl payloads.txt --skip Fingerprint:

<!---
HTTP 1.1
Status code: 404
HTTP headers: {'Content-Length': '7076', 'X-Xss-Protection': '1', 'X-Powered-By': 'PHP/7.0.30', 'Set-Cookie': 'xf_session=ffacd40c9ebb0d8e42837268a296f2cc; path=/; HttpOnly', 'Accept-Ranges': 'bytes', 'Expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'Vary': 'Accept-Encoding', 'Server': 'LiteSpeed', 'Last-Modified': 'Wed, 16 May 2018 01:17:27 GMT', 'Connection': 'Keep-Alive', 'Cache-control': 'private, max-age=0', 'Date': 'Wed, 16 May 2018 01:17:27 GMT', 'X-Frame-Options': 'SAMEORIGIN', 'Content-Type': 'text/html; charset=UTF-8', 'Content-Encoding': 'gzip'}
--->
<!DOCTYPE html>

<html class="Public NoJs XenBase LoggedOut NoSidebar RightSidebar Responsive" dir="LTR" id="XenForo" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta charset="utf-8"/>
<meta content="IE=Edge,chrome=1" http-equiv="X-UA-Compatible"/>
<meta content="width=device-width, initial-scale=1" name="viewport"/>
<base href="http://illegalcrew.net/"/>
<script>
            var _b = document.getElementsByTagName('base')[0], _bH = "http://illegalcrew.net/";
            if (_b && _b.href != _bH) _b.href = _bH;
        </script>
<title>Error | Forum</title>
<noscript><style>.JsOnly, .jsOnly { display: none !important; }</style></noscript>
<link href="css.php?css=xenforo,form,public&amp;style=4&amp;dir=LTR&amp;d=1525858624" rel="stylesheet"/>
<link href="css.php?css=login_bar,xb,xb_footer_layouts,xb_offcanvas_menu,xb_quicksearch_nav&amp;style=4&amp;dir=LTR&amp;d=1525858624" rel="stylesheet"/>
<link href="https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:400,700,700italic,400italic" rel="stylesheet" type="text/css"/>
<link href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css" rel="stylesheet"/>
<script src="js/jquery/jquery-1.11.0.min.js"></script>
<script src="js/xenforo/xenforo.js?_v=9833eaf1"></script>
<script type="text/javascript">
//<![CDATA[
jQuery(document).ready(function($){

var aboveHeight = $('#logoBlock').outerHeight() + 20;

var navwrapper = $('.navFloatwrapper').outerHeight();
$(window).scroll(function(){
    if ($(window).scrollTop() > aboveHeight){
    $('.navFloatwrapper').addClass('fixed');

    $('.tabLinks').addClass('displaynone');

    } else {
    $('.navFloatwrapper').removeClass('fixed');

    $('.tabLinks').removeClass('displaynone');

    }
});

});

//]]>

</script>
<script type="text/javascript">
$(function() {
    var items = $('.xbOffCanvasMask, .slideLeft');
    var xbOffCanvasContent = $('.xbOffCanvasContent');

    var xbOffCanvasOpen = function() {
        $(items).removeClass('xbOffCanvasClose').addClass('xbOffCanvasOpen');
    }
    var xbOffCanvasClose = function() {
        $(items).removeClass('xbOffCanvasOpen').addClass('xbOffCanvasClose');
    }

    $('#xbOffCanvasToggle').click(function() {
        if (xbOffCanvasContent.hasClass('xbOffCanvasOpen')) {
            $(xbOffCanvasClose)
        } else {
            $(xbOffCanvasOpen)
        }
    });
    xbOffCanvasContent.click(function() {
        if (xbOffCanvasContent.hasClass('xbOffCanvasOpen')) {
            $(xbOffCanvasClose)
        }
    });

    $('#xbOffCanvasToggle,.xbOffCanvasMask').on('click', function() {
        $('.xbOffCanvasContainer').toggleClass("marginLeft");
    });

    $('.publicTabs li').has('.xbOffCanvasSubMenu').prepend('<span class="xbOffCanvasArrow"><i class="xbOffCanvasExpand fa fa-chevron-down"></i></span>');

    $('.xbOffCanvasArrow').click(function() {
        $(this).siblings('.xbOffCanvasSubMenu, .secondaryContent.blockLinksList').slideToggle('fast');
        $(this).children('.xbOffCanvasExpand').toggleClass('fa-flip-vertical ');
    });

});
</script>
<link href="http://illegalcrew.net/styles/fragzone/xenforo/logo.og.png" rel="apple-touch-icon">
<link href="index.php?forums/-/index.rss" rel="alternate" title="RSS feed for Forum" type="application/rss+xml">
<meta content="noindex" name="robots"/>
</link></link></head>
<body>
<div class="xbOffCanvasContent xbOffCanvasMask"></div>
<div class="xbOffCanvas slideLeft publicTabs">
<ul class="xbOffCanvasList">
<!-- home -->
<li class="navTab home"><a class="navLink" href="http://illegalcrew.net/">Home</a></li>
<!-- extra tabs: home -->
<!-- forums -->
<li class="navTab forums ">
<a class="navLink" href="http://illegalcrew.net/index.php">Forums</a>
<div class="xbOffCanvasSubMenu">
<ul>
<li><a href="index.php?search/&amp;type=post">Search Forums</a></li>
<li><a href="index.php?find-new/posts" rel="nofollow">Recent Posts</a></li>
</ul>
</div>
</li>
<!-- extra tabs: middle -->
<!-- members -->
<li class="navTab members ">
<a class="navLink" href="http://illegalcrew.net/index.php?members/">Members</a>
<div class="xbOffCanvasSubMenu">
<ul>
<li><a href="index.php?members/">Notable Members</a></li>
<li><a href="index.php?online/">Current Visitors</a></li>
<li><a href="index.php?recent-activity/">Recent Activity</a></li>
<li><a href="index.php?find-new/profile-posts">New Profile Posts</a></li>
</ul>
</div>
</li>
<!-- extra tabs: end -->
<li class="navTab xbOffCanvasExtraLink">
<a class="navLink NoPopupGadget" href="index.php?search/" rel="Menu"><i class="fa fa-search"></i> Search</a>
</li>
</ul>
</div>
<div class="xbOffCanvasContainer">
<script>
    XenForo.LoginBar = function(a){};
    </script>
<div id="loginBar">
<div class="pageWidth">
<div class="pageContent">
<h3 id="loginBarHandle">
<label for="LoginControl"><a class="OverlayTrigger concealed noOutline" href="index.php?login/">Log in or Sign up</a></label>
</h3>
<span class="helper"></span>
</div>
</div>
</div>
<div id="headerMover">
<div id="headerProxy"></div>
<div class="error" id="content">
<div class="pageWidth">
<div class="pageContent">
<!-- main content area -->
<div class="breadBoxTop ">
<nav>
<fieldset class="breadcrumb">
<a class="OverlayTrigger jumpMenuTrigger" data-cacheoverlay="true" href="index.php?misc/quick-navigation-menu" title="Open quick navigation"><i class="fa fa-sitemap"></i><!--Jump to...--></a>
<div class="boardTitle"><strong>Forum</strong></div>
<span class="crumbs">
<span class="crust homeCrumb" itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<a class="crumb" href="http://illegalcrew.net/" itemprop="url" rel="up"><span itemprop="title">Home</span></a>
<span class="arrow"><span></span></span>
</span>
</span>
</fieldset>
</nav>
</div>
<!--[if lt IE 8]>
                            <p class="importantMessage">You are using an out of date browser. It  may not display this or other websites correctly.<br />You should upgrade or use an <a href="https://www.google.com/chrome/browser/" target="_blank">alternative browser</a>.</p>
                        <![endif]-->
<!-- h1 title, description -->
<div class="titleBar">
<h1>Forum - Error

                                    </h1>
</div>
<!-- main template -->
<div class="errorOverlay">
<a class="close OverlayCloser"></a>
<div class="baseHtml">
<label class="OverlayCloser" for="ctrl_0">The requested page could not be found.</label>
</div>
</div>
<!-- login form, to be moved to the upper drop-down -->
<form action="index.php?login/login" class="xenForm " id="login" method="post" style="display:none">
<div class="ctrlWrapper">
<dl class="ctrlUnit">
<dt><label for="LoginControl">Your name or email address:</label></dt>
<dd><input class="textCtrl" id="LoginControl" name="login" tabindex="101" type="text"/></dd>
</dl>
<dl class="ctrlUnit">
<dt>
<label for="ctrl_password">Do you already have an account?</label>
</dt>
<dd>
<ul>
<li><label for="ctrl_not_registered"><input id="ctrl_not_registered" name="register" tabindex="105" type="radio" value="1"/>
                        No, create an account now.</label></li>
<li><label for="ctrl_registered"><input checked="checked" class="Disabler" id="ctrl_registered" name="register" tabindex="105" type="radio" value="0"/>
                        Yes, my password is:</label></li>
<li id="ctrl_registered_Disabler">
<input class="textCtrl" id="ctrl_password" name="password" tabindex="102" type="password"/>
<div class="lostPassword"><a class="OverlayTrigger OverlayCloser" href="index.php?lost-password/" tabindex="106">Forgot your password?</a></div>
</li>
</ul>
</dd>
</dl>
<dl class="ctrlUnit submitUnit">
<dt></dt>
<dd>
<input class="button primary" data-loginphrase="Log in" data-signupphrase="Sign up" tabindex="104" type="submit" value="Log in"/>
<label class="rememberPassword" for="ctrl_remember"><input id="ctrl_remember" name="remember" tabindex="103" type="checkbox" value="1"/> Stay logged in</label>
</dd>
</dl>
</div>
<input name="cookie_check" type="hidden" value="1"/>
<input name="redirect" type="hidden" value="/home.pl?Connection=close&amp;User-Agent=Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.0%3B+en-US%3B+rv%3A1.9.1.16%29+Gecko%2F20101130+MRA+5.4+%28build+02647%29+Firefox%2F3.5.16+%28.NET+CLR+3.5.30729%3B+.NET4.0C%29"/>
<input name="_xfToken" type="hidden" value=""/>
</form>
<div class="breadBoxBottom">
<nav>
<fieldset class="breadcrumb">
<a class="OverlayTrigger jumpMenuTrigger" data-cacheoverlay="true" href="index.php?misc/quick-navigation-menu" title="Open quick navigation"><i class="fa fa-sitemap"></i><!--Jump to...--></a>
<div class="boardTitle"><strong>Forum</strong></div>
<span class="crumbs">
<span class="crust homeCrumb">
<a class="crumb" href="http://illegalcrew.net/"><span>Home</span></a>
<span class="arrow"><span></span></span>
</span>
</span>
</fieldset>
</nav></div>
</div>
</div>
</div>
<header>
<div id="header">
<div class="navFloatwrapper">
<div class="pageWidth withSearch" id="navigation">
<div class="pageContent">
<nav>
<div class="navTabs">
<div class="xbOffCanvasControls">
<a class="slideLeft" href="#" id="xbOffCanvasToggle" onclick="return false;"><i class="fa fa-bars fa-fw"></i> <span class="menuText">Menu</span></a>
<a class="xbOffCanvasNew Tooltip" href="index.php?find-new/posts" rel="nofollow" title="Recent Posts"> <i class="fa fa-commenting fa-fw"></i><span>Recent Posts</span></a>
</div>
<ul class="publicTabs">
<li class="navTab xbNavLogo"><a class="navLink" href="http://illegalcrew.net/">
<span></span>
<img alt="Forum" class="desktopLogo" src="styles/fragzone/xenforo/logo.png"/>
</a>
</li>
<!-- home -->
<li class="navTab home PopupClosed"><a class="navLink" href="http://illegalcrew.net/">Home</a></li>
<!-- extra tabs: home -->
<!-- forums -->
<li class="navTab forums Popup PopupControl PopupClosed">
<a class="navLink" href="http://illegalcrew.net/index.php">Forums</a>
<a class="SplitCtrl" href="http://illegalcrew.net/index.php" rel="Menu"></a>
<div class="xbTabPopupArrow">
<span class="arrow"><span></span></span>
</div>
<div class="Menu JsOnly tabMenu forumsTabLinks">
<div class="primaryContent menuHeader">
<h3>Forums</h3>
<div class="muted">Quick Links</div>
</div>
<ul class="secondaryContent blockLinksList">
<li><a href="index.php?search/&amp;type=post">Search Forums</a></li>
<li><a href="index.php?find-new/posts" rel="nofollow">Recent Posts</a></li>
</ul>
</div>
</li>
<!-- extra tabs: middle -->
<!-- members -->
<li class="navTab members Popup PopupControl PopupClosed">
<a class="navLink" href="http://illegalcrew.net/index.php?members/">Members</a>
<a class="SplitCtrl" href="http://illegalcrew.net/index.php?members/" rel="Menu"></a>
<div class="xbTabPopupArrow">
<span class="arrow"><span></span></span>
</div>
<div class="Menu JsOnly tabMenu membersTabLinks">
<div class="primaryContent menuHeader">
<h3>Members</h3>
<div class="muted">Quick Links</div>
</div>
<ul class="secondaryContent blockLinksList">
<li><a href="index.php?members/">Notable Members</a></li>
<li><a href="index.php?online/">Current Visitors</a></li>
<li><a href="index.php?recent-activity/">Recent Activity</a></li>
<li><a href="index.php?find-new/profile-posts">New Profile Posts</a></li>
</ul>
</div>
</li>
<!-- extra tabs: end -->
<li class="navTab searchMini Popup PopupControl PopupClosed">
<a class="navLink NoPopupGadget" href="index.php?search/" rel="Menu"><i class="fa fa-search"></i> Search</a>
<div class="Menu xbSearchPopup">
<div class="pageWidth" id="searchBar">
<fieldset id="QuickSearchNav">
<form action="index.php?search/search" class="formPopup" method="post">
<div class="primaryControls">
<input class="textCtrl" id="QuickSearchQuery" name="keywords" placeholder="Search..." results="0" title="Enter your search and hit enter" type="search" value=""/>
</div>
<div class="secondaryContent secondaryControls">
<dl class="ctrlUnit">
<dt></dt>
<dd><ul>
<li><label><input class="AutoChecker" data-uncheck="#search_bar_thread" id="search_bar_title_only" name="title_only" type="checkbox" value="1"/> Search titles only</label></li>
</ul></dd>
</dl>
<dl class="ctrlUnit">
<dt><label for="searchBar_users">Posted by Member:</label></dt>
<dd>
<input class="textCtrl AutoComplete" id="searchBar_users" name="users" type="text" value=""/>
<p class="explain">Separate names with a comma.</p>
</dd>
</dl>
<dl class="ctrlUnit">
<dt><label for="searchBar_date">Newer Than:</label></dt>
<dd><input class="textCtrl" id="searchBar_date" name="date" type="date" value=""/></dd>
</dl>
</div>
<div class="ctrlUnit sectionFooter submitUnit">
<input class="button primary Tooltip" title="Find Now" type="submit" value="Search"/>
<a class="button moreOptions Tooltip" href="index.php?search/" title="Advanced Search">More...</a>
<div id="commonSearches"><span class="button"><i class="fa fa-arrow-circle-down fa-fw"></i></span>
<ul class="primaryContent blockLinksList">
<!-- block: useful_searches -->
<li><a href="index.php?find-new/posts&amp;recent=1" rel="nofollow">Recent Posts</a></li>
<!-- end block: useful_searches -->
</ul>
</div>
</div>
<input name="_xfToken" type="hidden" value=""/>
</form>
</fieldset>
</div>
</div>
</li>
<!-- responsive popup -->
<li class="navTab navigationHiddenTabs Popup PopupControl PopupClosed" style="display:none">
<a class="navLink NoPopupGadget" rel="Menu"><span class="menuIcon">Menu</span></a>
<div class="Menu JsOnly blockLinksList primaryContent" id="NavigationHiddenMenu"></div>
</li>
<!-- no selection -->
<li class="navTab selected"><div class="tabLinks"></div></li>
</ul>
</div>
<span class="helper"></span>
</nav>
</div>
</div>
</div>
</div>
</header>
</div>
<footer>
<div class="footer">
<div class="pageWidth">
<div class="pageContent">
<dl class="choosers">
</dl>
<ul class="footerLinks">
<li><a class="OverlayTrigger" data-overlayoptions='{"fixed":false}' href="index.php?misc/contact"><i class="fa fa-envelope-o fa-fw"></i> <span>Contact Us</span></a></li>
<li><a href="index.php?help/"><i class="fa fa-life-ring fa-fw"></i> <span>Help</span></a></li>
<li><a class="homeLink" href="http://illegalcrew.net/"><i class="fa fa-home fa-fw"></i> <span>Home</span></a></li>
<li><a class="topLink" href="/home.pl?Connection=close&amp;User-Agent=Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.0%3B+en-US%3B+rv%3A1.9.1.16%29+Gecko%2F20101130+MRA+5.4+%28build+02647%29+Firefox%2F3.5.16+%28.NET+CLR+3.5.30729%3B+.NET4.0C%29#headerMover"> <i class="fa fa-arrow-up fa-fw"></i><span>Top</span></a></li>
<li><a href="index.php?help/terms"><i class="fa fa-gavel fa-fw"></i> <span>Terms and Rules</span></a></li>
<li><a class="globalFeed" href="index.php?forums/-/index.rss" rel="alternate" target="_blank" title="RSS feed for Forum"><i class="fa fa-rss fa-fw"></i></a></li>
</ul>
<span class="helper"></span>
</div>
</div>
</div>
<div class="pageWidth">
<div class="extraFooter">
<ul class="footerBlockContainer">
<li class="footerBlock footerBlockOne">
<h3><i class="fa fa-anchor"></i> About Us!</h3>
<p>IllegalCrew Biggest Hack and Security Platform <p>
Here you can find Cracking Tutorials - Hacking Tools - Hacking Security - Hacking Programming - Trojan /Viruses / Bonet - Brute-Force , Password Cracking - Learn to Hack

            </p></p></li>
<li class="footerBlock footerBlockTwo">
<h3><i class="fa fa-share"></i> Site Functions</h3>
<ul class="footerList">
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Web &amp; Server Security</a></li>
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Spammers - Bombers - Flooders</a></li>
<li><a href="#"><i class="fa fa-dot-circle-o"></i>Trojan and Viruses </a></li>
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Serial and Crack</a></li>
</ul>
</li>
<li class="footerBlock footerBlockThree">
<h3><i class="fa fa-bars"></i> Useful Links</h3>
<ul class="footerList">
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Help Center</a></li>
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Cyber Security</a></li>
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Exploits</a></li>
<li><a href="#"><i class="fa fa-dot-circle-o"></i> Web Programming </a></li>
</ul>
</li>
<li class="footerBlock footerBlockFour">
<h3><i class="fa fa-ring"></i> SUPPORT SITE !</h3>
<p>Illegalcrew welcomes hearing from our readers and members. If you have any comments, critiques, suggestions or just want to tell us how good we are doing then we want to hear from you</p></li></ul></div></div></footer></div></body></html>
* E-mail: illegalcrew.forum@gmail.com

<div class="footerLegal">
<div class="pageWidth">
<div class="pageContent">
<span class="helper"></span>
</div>
</div>
</div>

<script>

jQuery.extend(true, XenForo,
{
    visitor: { user_id: 0 },
    serverTimeInfo:
    {
        now: 1526433447,
        today: 1526425200,
        todayDow: 3
    },
    _lightBoxUniversal: "0",
    _enableOverlays: "1",
    _animationSpeedMultiplier: "1",
    _overlayConfig:
    {
        top: "10%",
        speed: 200,
        closeSpeed: 100,
        mask:
        {
            color: "rgb(22, 22, 22)",
            opacity: "0.9",
            loadSpeed: 200,
            closeSpeed: 100
        }
    },
    _ignoredUsers: [],
    _loadedScripts: {"xb":true,"xb_offcanvas_menu":true,"login_bar":true,"xb_quicksearch_nav":true,"xb_footer_layouts":true},
    _cookieConfig: { path: "/", domain: "", prefix: "xf_"},
    _csrfToken: "",
    _csrfRefreshUrl: "index.php?login/csrf-token-refresh",
    _jsVersion: "9833eaf1",
    _noRtnProtect: false,
    _noSocialLogin: false
});
jQuery.extend(XenForo.phrases,
{
    cancel: "Cancel",

    a_moment_ago:    "A moment ago",
    one_minute_ago:  "1 minute ago",
    x_minutes_ago:   "%minutes% minutes ago",
    today_at_x:      "Today at %time%",
    yesterday_at_x:  "Yesterday at %time%",
    day_x_at_time_y: "%day% at %time%",

    day0: "Sunday",
    day1: "Monday",
    day2: "Tuesday",
    day3: "Wednesday",
    day4: "Thursday",
    day5: "Friday",
    day6: "Saturday",

    _months: "January,February,March,April,May,June,July,August,September,October,November,December",
    _daysShort: "Sun,Mon,Tue,Wed,Thu,Fri,Sat",

    following_error_occurred: "The following error occurred",
    server_did_not_respond_in_time_try_again: "The server did not respond in time. Please try again.",
    logging_in: "Logging in",
    click_image_show_full_size_version: "Click this image to show the full-size version.",
    show_hidden_content_by_x: "Show hidden content by {names}"
});

// Facebook Javascript SDK
XenForo.Facebook.appId = "";
XenForo.Facebook.forceInit = false;

</script>
<script src="styles/xenbase/jquery.backstretch.min.js"></script>
<script>
            $.backstretch(["styles/fragzone/xenforo/sources/bgmap.jpg"], {duration: 5500, fade: 1500});
    </script>
<!--XenBase Current Version : 1.5.7 -->
<!--Style Version : 1.5.7 -->
Ekultek commented 6 years ago

not a firewall