Comments (2)
Hi there - thanks for the kind words!
I wasn't able to reproduce the issue on the Kali docker rolling image.
This is what I did:
┌──(root㉿8fdcd133af09)-[/]
└─# apt update && apt install wafw00f
Get:1 http://ftp.halifax.rwth-aachen.de/kali kali-rolling InRelease [30.6 kB]
Get:2 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 Packages [18.7 MB]
Get:3 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/non-free amd64 Packages [234 kB]
Get:4 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/contrib amd64 Packages [111 kB]
Fetched 19.1 MB in 2s (7897 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
2 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
ca-certificates krb5-locales libexpat1 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libmpdec3 libncursesw6 libnsl2 libpython3-stdlib libpython3.10-minimal libpython3.10-stdlib
libreadline8 libsqlite3-0 libssl3 libtirpc-common libtirpc3 media-types openssl python3 python3-certifi python3-chardet python3-charset-normalizer python3-idna python3-minimal python3-pkg-resources
python3-pluginbase python3-requests python3-six python3-urllib3 python3.10 python3.10-minimal readline-common
Suggested packages:
gpm krb5-doc krb5-user python3-doc python3-tk python3-venv python3-setuptools python3-cryptography python3-openssl python3-socks python-requests-doc python3-brotli python3.10-venv python3.10-doc binutils
binfmt-support readline-doc
The following NEW packages will be installed:
ca-certificates krb5-locales libexpat1 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libmpdec3 libncursesw6 libnsl2 libpython3-stdlib libpython3.10-minimal libpython3.10-stdlib
libreadline8 libsqlite3-0 libssl3 libtirpc-common libtirpc3 media-types openssl python3 python3-certifi python3-chardet python3-charset-normalizer python3-idna python3-minimal python3-pkg-resources
python3-pluginbase python3-requests python3-six python3-urllib3 python3.10 python3.10-minimal readline-common wafw00f
0 upgraded, 37 newly installed, 0 to remove and 2 not upgraded.
Need to get 11.9 MB of archives.
After this operation, 39.3 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 libssl3 amd64 3.0.5-4 [2031 kB]
Get:2 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 libpython3.10-minimal amd64 3.10.7-2 [828 kB]
Get:3 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 libexpat1 amd64 2.4.9-1 [105 kB]
Get:4 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 python3.10-minimal amd64 3.10.7-2 [1994 kB]
Get:5 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 python3-minimal amd64 3.10.6-1 [38.7 kB]
Get:6 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 media-types all 8.0.0 [33.4 kB]
Get:7 http://ftp.halifax.rwth-aachen.de/kali kali-rolling/main amd64 libmpdec3 amd64 2.5.1-2 [87.8 kB]
Get:8 http://http.kali.org/kali kali-rolling/main amd64 libncursesw6 amd64 6.3+20220423-2 [133 kB]
Get:9 http://http.kali.org/kali kali-rolling/main amd64 libkrb5support0 amd64 1.20-1+b1 [32.2 kB]
...
Setting up wafw00f (2.2.0-1) ...
Processing triggers for libc-bin (2.35-3) ...
Processing triggers for ca-certificates (20211016) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Then:
┌──(root㉿8fdcd133af09)-[/]
└─# wafw00f -vv righettod.eu
______
/ \
( W00f! )
\ ____/
,, __ 404 Hack Not Found
|`-.__ / / __ __
/" _/ /_/ \ \ / /
*===* / \ \_/ / 405 Not Allowed
/ )__// \ /
/| / /---` 403 Forbidden
\\/` \ | / _ \
`\ /_\\_ 502 Bad Gateway / / \ \ 500 Internal Error
`_____``-` /_/ \_\
~ WAFW00F : v2.2.0 ~
The Web Application Firewall Fingerprinting Toolkit
INFO:wafw00f:The url righettod.eu should start with http:// or https:// .. fixing (might make this unusable)
[*] Checking https://righettod.eu
INFO:wafw00f:starting wafw00f on https://righettod.eu
INFO:wafw00f:Request Succeeded
...
INFO:wafw00f:Identified WAF: []
[+] Generic Detection results:
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Server returned a different response when a XSS attack vector was tried.
INFO:wafw00f:Generic Detection: The server returns a different response code when an attack string is used.
Normal response code is "200", while the response code to cross-site scripting attack is "403"
[*] The site https://righettod.eu seems to be behind a WAF or some sort of security solution
[~] Reason: The server returns a different response code when an attack string is used.
Normal response code is "200", while the response code to cross-site scripting attack is "403"
[~] Number of requests: 5
INFO:wafw00f:Found: 1 matches.
Closing the issue.
Do add a comment and reopen if you can still reproduce the issue.
Do note that we do not maintain the packages for Kali so since what you're facing seems to be a dependency issue, it might need to be fixed there.
But here's a tip - might it be that you're using an outdated docker image that references broken packages?
from wafw00f.
OK thank you very much for the quick feedback.
I will prefer the installation via apt instead of git clone the master.
from wafw00f.
Related Issues (20)
- About the timeout of request and WAF block HOT 1
- Support for Windows HOT 2
- server hacking
- Collections Mapping HOT 4
- StackPath WAF not showing up in tests. HOT 3
- Variti HOT 1
- Question about performance HOT 9
- The wafw00f command cannot be used on the windows system HOT 3
- wafw00f no response HOT 3
- Number of requests HOT 1
- Change param name of request HOT 1
- Added request-url on which triggered WAF to json output file
- Azure Application Gateway HOT 1
- python setup.py install command not work HOT 5
- Integration HOT 1
- Error in line 22 of the main.py file HOT 3
- HTTPSConnectionPool port 443 conduct to Read timed out - response time from the server is too low? HOT 1
- Enhancing Project Performance: Asynchronous Implementation and Multithreading Support HOT 2
- Cannot check for NAXSI HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wafw00f.