展示删掉根据waf指纹判断waf, 因为可能会有大量误报

internal/pool.go

@@ -391,13 +391,16 @@ func (pool *Pool) BaseCompare(bl *pkg.Baseline) bool {
 	}
 
 	bl.Collect()
-	for _, f := range bl.Frameworks {
+	//if !pool.IgnoreWaf {
-		if f.HasTag("waf") || f.HasTag("cdn") {
+	//	// 部分情况下waf的特征可能是全局, 指定了--ignore-waf则不会进行waf的指纹检测
-			pool.Statistor.WafedNumber++
+	//	for _, f := range bl.Frameworks {
-			bl.Reason = ErrWaf.Error()
+	//		if f.HasTag("waf") {
-			return false
+	//			pool.Statistor.WafedNumber++
-		}
+	//			bl.Reason = ErrWaf.Error()
-	}
+	//			return false
+	//		}
+	//	}
+	//}
 
 	if ok && status == 0 && base.FuzzyCompare(bl) {
 		pool.Statistor.FuzzyNumber++

internal/runner.go

@@ -60,7 +60,6 @@ type Runner struct {
 	FuzzyFile      *files.File
 	DumpFile       *files.File
 	StatFile       *files.File
-	Force          bool
 	Progress       *uiprogress.Progress
 	Offset         int
 	Limit          int
@@ -70,6 +69,8 @@ type Runner struct {
 	ErrPeriod      int
 	BreakThreshold int
 	CheckOnly      bool
+	Force          bool
+	IgnoreWaf      bool
 }
 
 func (r *Runner) PrepareConfig() *pkg.Config {
@@ -87,6 +88,7 @@ func (r *Runner) PrepareConfig() *pkg.Config {
 		MatchExpr:      r.MatchExpr,
 		FilterExpr:     r.FilterExpr,
 		RecuExpr:       r.RecursiveExpr,
+		IgnoreWaf:      r.IgnoreWaf,
 	}
 	if config.Mod == pkg.PathSpray {
 		config.ClientType = ihttp.FAST

pkg/config.go

@@ -37,4 +37,5 @@ type Config struct {
 	OutputCh       chan *Baseline
 	FuzzyCh        chan *Baseline
 	Fuzzy          bool
+	IgnoreWaf      bool
 }