search

EnableSecurity / wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
https://www.enablesecurity.com/
BSD 3-Clause "New" or "Revised" License
5.17k stars 924 forks source link

Change param name of request #178

Closed mikhailevtikhov closed 1 year ago

mikhailevtikhov commented 1 year ago

The problem is that the parameter name of url which wafw00f generate is too simple, for example "s", and there are applications for which this parameter is really significant and the page that returns to the request with such a parameter is different from the "malicious request" without such a parameter, which leads to a false trigger, because wafw00f believes that this behavior indicates the triggering of the WAF, but in fact, it is the backend server that processed the request.

In order to exclude the possibility of such an event, a function was implemented that returns a random sequence of 8 ascii lowercases letters and this string is used as a parameter for the request, thereby the probability that this parameter will be significant for the server is being streamed to 0.

Random string of 8 ascii lowercases letters and used it as a parameter for the request is implemented in this PR - https://github.com/vulnspace/wafw00f/pull/2

0xInfection commented 1 year ago

Good catch! Will merge in the changes.