search

EnableSecurity / wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
https://www.enablesecurity.com/
BSD 3-Clause "New" or "Revised" License
5.3k stars 934 forks source link

[tor] -p --proxy problem #42

Closed mIcHyAmRaNe closed 7 years ago

mIcHyAmRaNe commented 7 years ago

Hello i installed wafw00f using sudo pip install wafw00f command but while trying to use it ( wafw00f -p socks5://localhost:9050 -v -a http://example.com ) i got an error message : 

Checking http://example.com
Traceback (most recent call last):
  File "/usr/local/bin/wafw00f", line 4, in <module>
    __import__('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f')
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 719, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1504, in run_script
    exec(code, namespace, namespace)
  File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/EGG-INFO/scripts/wafw00f", line 8, in <module>
    main.main()
  File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 363, in main
    if attacker.normalrequest() is None:
  File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 97, in normalrequest
    return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
  File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 320, in request
    r = self._request(method, path, headers)
  File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 371, in _request
    h.request(method, query_path, headers=headers)
  File "/usr/lib/python2.7/httplib.py", line 1057, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1097, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1053, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 897, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 859, in send
    self.connect()
  File "/usr/lib/python2.7/httplib.py", line 836, in connect
    self.timeout, self.source_address)
  File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/proxy.py", line 56, in proxy_create_connection
    return socks.create_connection(address, proxy_type=socks.PROXY_TYPE_SOCKS5, proxy_addr=self.host, proxy_port=self.port, source_address=source_address, timeout=timeout)
AttributeError: 'module' object has no attribute 'create_connection'

Additional info:

tor is enabled and works with other tools 

~$ service tor status
● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
   Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
   Active: active (exited) ...

wafw00f version

~$ wafw00f --version
WAFW00F version 0.9.4

wafw00f works fine when not setting proxy

lphuberdeau commented 7 years ago

The correct socks module may not be installed. There is quite a lot of confusion around which one is the good one. Since it's an optional dependency, it's not listed in setup.py.

I had the socks proxy tested with PySocks==1.5.6 at the time. A quick look at the repo shows that the function still exists and has the same signature.

Let me know if this helps.

mIcHyAmRaNe commented 7 years ago

@lphuberdeau good :+1: a simple sudo pip install PySocks==1.5.6 solves the problem

it will be cool if you add a requirements.txt file and/or add sudo pip install PySocks==1.5.6 command in the README.md file at how-do-i-install-it === will allow new future users not to have to ask or look about this problem in the future :)

thank you

lphuberdeau commented 7 years ago

Had any luck with the latest version of the library?

mIcHyAmRaNe commented 7 years ago 
~$ sudo pip install PySocks --upgrade

Collecting PySocks
  Downloading PySocks-1.6.7.tar.gz (282kB)
    100% |████████████████████████████████| 286kB :3kB/s 
Installing collected packages: PySocks
  Found existing installation: PySocks 1.5.6
    Uninstalling PySocks-1.5.6:
      Successfully uninstalled PySocks-1.5.6
  Running setup.py install for PySocks ... done
Successfully installed PySocks-1.6.7

yes it works :) i had more than three timeouts (but certainly due to my bad connection :'( but i retested it again and it works :D