Firewall Detection in Penetration Tests (Sızma Testlerinde Firewall Tespiti)

8 Ocak 2018 Pazartesi

Firewall Detection in Penetration Tests (Sızma Testlerinde Firewall Tespiti)




Hello everyone.

Today  I will write about Firewall detection in penetration testing.
Please let me know your views on the articles

E-Mail = berkdusunurx@gmail.com
Twitter = @berkdusunur

What Is This Firewall ?


In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.[2]
Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls filter traffic between two or more networks and run on network hardware. Host-based firewalls run on host computers and control network traffic in and out of those machines. (Wikipedia)

WAFW00F

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products.

How does it work?

To do its magic, WAFW00F does the following:
  • Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions
  • If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is
  • If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks
For further details, check out the source code on the main site,   github.com/sandrogauci/wafw00f.

Install And Usage  

We take the vehicle from the github repo

Code 

git clone https://github.com/EnableSecurity/wafw00f.git
 




Ok cloned directory

Code 

1- cd wafw00f
2- ls
3- chmod +x setup.py
4- python setup.py install


Installed in required packages

First Scan

Code

wafw00f www.berkdusunur.net

He made 15 requests but could not detect an firewall


Code

wafw00f canyoupwn.me 

Found CloudFlare IDS

 

Code

 wafw00f twitter.com

 

 

Similar tools 

Waf-Detector

This is a simple package for Web Application Firewall Detection. It supports CloudFlare, Incapsula, ModSecurity, and Shieldfy out of the box.

Instal
 
git clone https://github.com/shieldfy/waf-detector.git




Install Composer


For ARCH Linux = pacman -S composer

For debian = apt-get install composer


Code

composer require shieldfy/waf-detector



We will bypass many firewall systems including CloudFlare in my next article

Thank You For Reading 

Stay in Follow

0 yorum :

Yorum Gönder