This will be detecting and blocking the specific patterns on the web applications. Pentester, well never exweb applications abilities on application rather he/she might be identifying the presence of Web Application Firewall.
- WAFW00f is the inbuilt tool in Kali distribution or else you can install it manually.
- It can detect around Top 22 web application firewall, so wafw00f is a phase of information gathering initially.
Limitations of WAFW00F
- Above seen figure describes the list of web application firewall will be identified or detected by Wafw00f.
Presence of Web Application Firewall
- Above shown figure shows pentester or attacker identified web application firewall presence.
- Here blocking is being done at connection or packet level.
Identifying specific firewall
- If an pentester knows how to bypass mod_security and if/she wants to know the presence of mod security.
- So you can use wafw00f url -t Firewallname.
- Above shown figure, Pentester has observed there is no ModSecurity in the web-application.
So it’s always good to Identify the barriers in web applications before you exploit.
Checking for XML-RPC
XML-RPC is a remote procedure call (RPC) protocol which utilizes XML to encode its calls and HTTP as a transport mechanism.
“XML-RPC” also refers generically to the use of XML for remote procedure call, separately of the specific protocol.