AttributeError: 'NoneType' object has no attribute 'headers'
lookforkivi opened this issue · comments
An error reported when the target is reset by waf
Traceback (most recent call last):
File "/usr/bin/wafw00f", line 8, in
main.main()
File "/usr/lib/python3/dist-packages/wafw00f/main.py", line 439, in main
if attacker.genericdetect():
File "/usr/lib/python3/dist-packages/wafw00f/main.py", line 139, in genericdetect
attackresponse_server = response.headers.get('Server')
AttributeError: 'NoneType' object has no attribute 'headers'
A Quick Fix:
On line 139
if response.headers is not None:
attackresponse_server = response.headers.get('Server')
Turns out that the only fix required was to just add a missing return statement after catching an exception. Works fine now for me. Let me know if the fix works for you.
$ wafw00f -i ~/test.txt -v
______
/ \
( W00f! )
\ ____/
,, __ 404 Hack Not Found
|`-.__ / / __ __
/" _/ /_/ \ \ / /
*===* / \ \_/ / 405 Not Allowed
/ )__// \ /
/| / /---` 403 Forbidden
\\/` \ | / _ \
`\ /_\\_ 502 Bad Gateway / / \ \ 500 Internal Error
`_____``-` /_/ \_\
~ WAFW00F : v2.1.0 ~
The Web Application Firewall Fingerprinting Toolkit
[*] Checking https://xxxxxx.xxx
ERROR:wafw00f:Something went wrong ('Connection aborted.', ConnectionResetError(104, 'Connection reset by peer'))
ERROR:wafw00f:Site xxxxxx.xxx appears to be down
E:\WebPentest\wafw00f-2.1.0\wafw00f>ls
init.py* pycache/ bin/ lib/ manager.py* plugins/ wafprio.py* wafw00f.py*
E:\WebPentest\wafw00f-2.1.0\wafw00f>wafw00f -l
Traceback (most recent call last):
File "E:\WebPentest\wafw00f-2.1.0\wafw00f\wafw00f.py", line 17, in
from wafw00f.lib.asciiarts import *
File "E:\WebPentest\wafw00f-2.1.0\wafw00f\wafw00f.py", line 17, in
from wafw00f.lib.asciiarts import *
ModuleNotFoundError: No module named 'wafw00f.lib'; 'wafw00f' is not a package
E:\WebPentest\wafw00f-2.1.0\wafw00f>python --version
Python 3.8.0
E:\WebPentest\wafw00f-2.1.0\wafw00f>git --version
git version 2.29.2.windows.1
E:\WebPentest\wafw00f-2.1.0\wafw00f>pip show wafw00f
Name: wafw00f
Version: 2.1.0
Summary: UNKNOWN
Home-page: https://github.com/enablesecurity/wafw00f
Author: Sandro Gauci
Author-email: sandro@enablesecurity.com
License: BSD License
Location: c:\program files\python38\lib\site-packages\wafw00f-2.1.0-py3.8.egg
Requires: requests, requests, pluginbase
Required-by:
what's the issues?I dont know whats wrong with it,please give me a help.thx!!!
Closing this issue for now. Please feel free to re-open if the same issue gets reproduced again by someone else.
Hi there, not sure if this is considered necroposting, but since you mentioned reopening this issue if someone had the same problem, I'm commenting here. Apologies if that's not what you meant.
I am currently experiencing the same issue with some sites only, but I'm not too sure what's causing it, since I'm able to fetch it just fine with CURL and I'm able to access it directly from my browser too. From what I've seen, the PR which was supposed to fix this got closed, but there's no explanation as to why it was closed and not merged and all it says is that "we can always reopen whenever needed". I was wondering what would be considered as "whenever needed" since, in a way, I do need it to exit gracefully instead of throwing an exception.
Attached is a screenshot of the issue I'm experiencing.
Many thanks in advance!
Hey @prryplatypus, would you mind trying out a fresh clone of the master branch and see if the issue persists. I tried replicating a similar setup and I get:
$ wafw00f http://x.x.x.x:4869
______
/ \
( Woof! )
\ ____/ )
,, ) (_
.-. - _______ ( |__|
()``; |==|_______) .)|__|
/ (' /|\ ( |__|
( / ) / | \ . |__|
\(_)_)) / | \ |__|
~ WAFW00F : v2.1.0 ~
The Web Application Firewall Fingerprinting Toolkit
[*] Checking http://x.x.x.x:4869
ERROR:wafw00f:Something went wrong ('Connection aborted.', ConnectionResetError(104, 'Connection reset by peer'))
ERROR:wafw00f:Site x.x.x.x appears to be down
Hi there, apologies for the delay in the response. I don't work on weekends and this is something happening at work
I can indeed confirm I have just tried reproducing this issue with a fresh clone of this repository and still experience this issue. You can also see how I get a different output depending on whether I specify http:// or not.
root@atlas-core-v2:~# wafw00f/wafw00f/bin/wafw00f -f json -o - http://x.x.x.x
ERROR:wafw00f:Something went wrong ('Connection aborted.', ConnectionResetError(104, 'Connection reset by peer'))
Traceback (most recent call last):
File "tmp/wafw00f/bin/wafw00f", line 8, in <module>
main.main()
File "/usr/local/lib/python3.8/dist-packages/wafw00f-2.1.0-py3.8.egg/wafw00f/main.py", line 450, in main
if attacker.genericdetect():
File "/usr/local/lib/python3.8/dist-packages/wafw00f-2.1.0-py3.8.egg/wafw00f/main.py", line 146, in genericdetect
if 'server' in response.headers:
AttributeError: 'NoneType' object has no attribute 'headers'
root@atlas-core-v2:~# tmp/wafw00f/bin/wafw00f -f json -o - x.x.x.x
ERROR:wafw00f:Something went wrong HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fdd8dd70610>: Failed to establish a new connection: [Errno 111] Connection refused'))
ERROR:wafw00f:Site x.x.x.x appears to be downLet me know if you want me to email you or send you the IP address somewhere so you can try it out. I'd rather not post it publically since it's not my property.