Open darcosion opened 10 months ago
darcosion
commented
7 months ago Hi @sandrogauci, @0xInfection
Woulf you like to merge my pull request or there is something that isn't right ?
I would like to implement some other WAF technologies (vmware, datadome, ...) but not sure if it's interesting for the community ^^"
0xInfection
commented
2 months ago Hi @darcosion, do you think you can provide us with the source of the waf error page? Would be helpful for us to extract more matchers and add to the plugin. Simply relying on server header checks might make this a bit false positive prone.
darcosion
commented
2 months ago Hi @0xInfection, there is a lot of header for Envoy, but they are added on specific configurations : https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers
If we think about other matchers, well... This is a load balancer, we could use load balancing header to ensure identification ?
0xInfection
commented
2 months ago hmm, I understand your perspective. but I am not sure if the presence of this specific server header ensures that a WAF is in place, we do not want to detect generic load balancers, rather WAFs.
I looked up a couple of hosts on Shodan with this same server header and I do not see any WAF for those same hosts.
Which category is this pull request?
Where has this been tested?
Does this close any currently open issues?
No
Does this add any new dependency?
No
Does this add any new command line switch/argument?
No
Any other comments you would like to make?
I've added the plugin but I have just seen the header server envoy, so I would improve that because my first scan doesn't seem to detect it...
I've followed the documentation here : https://github.com/EnableSecurity/wafw00f/wiki/Writing-New-WAF-Checks