update for 360 waf via issue #296

content/plugins/360.py

@@ -1,5 +1,6 @@
 import re
 
+from lib.settings import HTTP_HEADER
 
 __product__ = "360 Web Application Firewall (360)"
 
@@ -10,7 +11,8 @@ def detect(content, **kwargs):
     status = kwargs.get("status", None)
     detection_schema = (
         re.compile(r".wzws.waf.cgi.", re.I),
-        re.compile(r"wangzhan\.360\.cn", re.I)
+        re.compile(r"wangzhan\.360\.cn", re.I),
+        re.compile(r"qianxin.waf", re.I), re.compile(r"360wzws")
     )
     for detection in detection_schema:
         if status == 493:
@@ -20,3 +22,5 @@ def detect(content, **kwargs):
             return True
         if detection.search(headers.get("X-Powered-By-360wzb", "")) is not None:
             return True
+        if detection.search(headers.get(HTTP_HEADER.SERVER, "")) is not None:
+            return True

content/plugins/greywizard.py

@@ -16,8 +16,8 @@ def detect(content, **kwargs):
     for detection in detection_schema:
         if detection.search(content) is not None:
             return True
-        gw_server = headers.get(HTTP_HEADER.GW_SERVER, None)
-        server = headers.get(HTTP_HEADER.SERVER, None)
+        gw_server = headers.get(HTTP_HEADER.GW_SERVER, "")
+        server = headers.get(HTTP_HEADER.SERVER, "")
         if gw_server is not None:
             if detection.search(server) is not None:
                 return True

content/tampers/randomwildcard.py

@@ -8,7 +8,7 @@
 
 def tamper(payload, **kwargs):
     wildcard = ["*", "?"]
-    safe_chars = string.punctuation
+    safe_chars = string.punctuation + " "
     retval = ""
     for char in list(payload):
         if not any(p == char for p in safe_chars):
@@ -20,3 +20,5 @@ def tamper(payload, **kwargs):
         else:
             retval += char
     return retval
+
+print tamper(__example_payload__)