Added randomized server header and changed behavior of SERVER_HEADER env var

2025-12-29 18:51:37 +01:00
parent 499760c939
commit c2c43ac985
4 changed files with 21 additions and 5 deletions
--- a/src/config.py
+++ b/src/config.py
@@ -46,5 +46,5 @@ class Config:
            api_server_port=int(os.getenv('API_SERVER_PORT', 8080)),
            api_server_path=os.getenv('API_SERVER_PATH', '/api/v2/users'),
            probability_error_codes=int(os.getenv('PROBABILITY_ERROR_CODES', 5)),
-            server_header=os.getenv('SERVER_HEADER', 'Apache/2.2.22 (Ubuntu)')
+            server_header=os.getenv('SERVER_HEADER')
        )
--- a/src/generators.py
+++ b/src/generators.py
@@ -9,7 +9,8 @@ import string
 import json
 from templates import html_templates
 from wordlists import get_wordlists
-
+from config import Config
+from logger import get_app_logger

 def random_username() -> str:
    """Generate random username"""
@@ -36,6 +37,16 @@ def random_email(username: str = None) -> str:
        username = random_username()
    return f"{username}@{random.choice(wl.email_domains)}"

+def random_server_header() -> str:
+    """Generate random server header"""
+    
+    if Config.from_env().server_header:
+        server_header = Config.from_env().server_header
+    else:
+        wl = get_wordlists()
+        server_header = random.choice(wl.server_headers)
+    
+    return server_header

 def random_api_key() -> str:
    """Generate random API key"""
--- a/src/handler.py
+++ b/src/handler.py
@@ -13,7 +13,7 @@ from templates import html_templates
 from templates.dashboard_template import generate_dashboard
 from generators import (
    credentials_txt, passwords_txt, users_json, api_keys_json,
-    api_response, directory_listing
+    api_response, directory_listing, random_server_header
 )
 from wordlists import get_wordlists

@@ -52,7 +52,7 @@ class Handler(BaseHTTPRequestHandler):

    def version_string(self) -> str:
        """Return custom server version for deception."""
-        return self.config.server_header
+        return random_server_header()

    def _should_return_error(self) -> bool:
        """Check if we should return an error based on probability"""
--- a/src/wordlists.py
+++ b/src/wordlists.py
@@ -57,7 +57,8 @@ class Wordlists:
            },
            "users": {
                "roles": ["Administrator", "User"]
-            }
+            },
+            "server_headers": ["Apache/2.4.41 (Ubuntu)", "nginx/1.18.0"]
        }
    
    @property
@@ -111,6 +112,10 @@ class Wordlists:
    @property
    def error_codes(self):
        return self._data.get("error_codes", [])
+    
+    @property
+    def server_headers(self):
+        return self._data.get("server_headers", [])


 _wordlists_instance = None