EnableSecurity/wafw00f

Change param name of request

mikhailevtikhov opened this issue · 1 comments

The problem is that the parameter name of url which wafw00f generate is too simple, for example "s", and there are applications for which this parameter is really significant and the page that returns to the request with such a parameter is different from the "malicious request" without such a parameter, which leads to a false trigger, because wafw00f believes that this behavior indicates the triggering of the WAF, but in fact, it is the backend server that processed the request.

In order to exclude the possibility of such an event, a function was implemented that returns a random sequence of 8 ascii lowercases letters and this string is used as a parameter for the request, thereby the probability that this parameter will be significant for the server is being streamed to 0.

Random string of 8 ascii lowercases letters and used it as a parameter for the request is implemented in this PR - vulnspace#2

Good catch! Will merge in the changes.