搜索

[8520] 2014-12-23_技术分享:杂谈如何绕过WAF(Web应用防火墙)

文档创建者:s7ckTeam
浏览次数:33
最后更新:2025-01-17
2014-12-23_技术分享:杂谈如何绕过WAF(Web应用防火墙) W A F W e b F r e e B u f   2 0 1 4 - 1 2 - 2 3 0 x 0 1 W A F W e b W A F w e b k i t n g i n x & a p a c h e 0 x 0 2 W A F W A F : S Q L s E l e C t   v E R s I o N ( ) ; X S S < s C r I p t > a l e r t ( 1 ) < / s c r i p t > w a f 使 T A B S Q L s E l e C t + 1 - 1 + v E R s I o N       / * ! * /               ( ) ; ` y o h e h e S Q L 2 s e l e c t / * ! * / ` v e r s i o n ` ( ) ; X S S 使 w a f 使 S Q L u n i c o d e H E X U R L a s c l l b a s e 6 4 X S S H T M L U R L A S C L L J S b a s e 6 4 S Q L : l o a d _ f i l e ( 0 x 6 3 3 A 2 F 7 7 6 9 6 E 6 4 6 F 7 7 7 3 2 F 6 D 7 9 2 E 6 9 6 E 6 9 ) X S S < s c r i p t % 2 0 s r c % 3 D " h t t p % 3 A % 2 F % 2 F 0 3 0 0 . 0 2 5 0 . 0 0 0 0 . 0 0 0 1 " > < % 2 F s c r i p t > w a f S Q L s e l s e l e c t e c t   v e r v e r s i o n s i o n ( ) ; X S S < s c r < s c r i p t > r i p > a l a l e r t e r t < / s c r < / s c r i p t > r i p > w a f w a f 0 x 0 3 w e b k i t W A F W A F w e b k i t w e b k i t W A F w e b k i t   w e b k i t w e b k i t W A F X S S < i f r a m e   s r c = " j a v a s c r i p t : a l e r t ( 1 ) "   h e i g h t = 0   w i d t h = 0   / > < i f r a m e >   < ! - - J a v a s c r i p t a l e r t T a b - - > w e b k i t S o u r c e / j a v a s c r i p t c o r e / p a r s e r / l e x e r . c p p   w h i l e   ( m _ c u r r e n t   ! =   s t r i n g Q u o t e C h a r a c t e r )   {                 i f   ( U N L I K E L Y ( m _ c u r r e n t   = = ' ' ) )   {                         i f   ( s t r i n g S t a r t   ! =   c u r r e n t S o u r c e P t r ( )   & &   s h o u l d B u i l d S t r i n g s )                                 a p p e n d 8 ( s t r i n g S t a r t ,   c u r r e n t S o u r c e P t r ( )   -   s t r i n g S t a r t ) ;                         s h i f t ( ) ;                           L C h a r   e s c a p e   =   s i n g l e E s c a p e ( m _ c u r r e n t ) ;                           / /   M o s t   c o m m o n   e s c a p e   s e q u e n c e s   f i r s t                         i f   ( e s c a p e )   {                                 i f   ( s h o u l d B u i l d S t r i n g s )                                         r e c o r d 8 ( e s c a p e ) ;                                 s h i f t ( ) ;                         }   e l s e   i f   ( U N L I K E L Y ( i s L i n e T e r m i n a t o r ( m _ c u r r e n t ) ) )                                 s h i f t L i n e T e r m i n a t o r ( ) ; i s L i n e T e r m i n a t o r w h i l e X S S W e b k i t w e b k i t x s s < i f r a m e   s r c = " j a v a s c r i p t : a l e r t ( 1 ) "   h e i g h t = 0   w i d t h = 0   / > < i f r a m e >     < ! - - - - > < i f r a m e   s r c = j a v a s c r i p t : a l e r t ( 1 ) ;   h e i g h t = 0   w i d t h = 0   / > < i f r a m e >     < ! - - - - > w e b k i t / 使   w e b k i t j a v a s r c     便 x s s o n < a   h r e f = " j a v a s c r i p t : a l e r t ( 1 ) " > x s s < / a > < a   h r e f = " # "   o n c l i c k = " a l e r t ( 1 ) " > s < / a > T a b 0 x 0 4   N g i n x & A p a c h e   B U G w a f b u g n g i n x & a p a c h e b u g b u g N g i n x A p a c h e c o n f P H P A p a c h e N g i n x P H P U R L U R L P H P P H P A p a c h e :
t e s t i n d e x . p h p n g i n x & a p a c h e b u g i n d e x . p h p 访 a . c n / t e s t / i n d e x . p h p ? t e x t = < s c r i p t > a l e r t ( 1 ) < / s c r i p t > w a f . c o n f 访 a . c n / t e s t / ? t e x t = < s c r i p t > a l e r t ( 1 ) < / s c r i p t > w a f . c o n f n g i n x U R L p h p a p a c h e l o c a t i o n W A F W A F / 0 x 0 5   H T T P w a f b u r p f i d d l e r : < i n p u t   t y p e = " t e x t "   n a m e = " t e x t " > < i n p u t   t y p e = " s u b m i t "   o n c l i c k = " w a f ( ) " > w a f j s w o a i n i b u r p f i d d l e r W A F g o o g l e s o s o 3 6 0 U S E R - A g e n t w a f 使 使 $ _ R E Q U E S T g e t   p o s t   c o o k i e w a f G E T   P O S T c o o k i e w a f w a f G E T   P O S T   C O O K I E I P 使 I P u s e r - a g e n t P H P X _ F O R W A R D E D _ F O R H T T P _ C L I E N T _ I P I P h t t p : / / w w w . f r e e b u f . c o m / a r t i c l e s / w e b / 4 2 7 2 7 . h t m l   0 x 0 6 w a f W A F 0 x 0 6   W A F W A F W A F j s X S S M a x t h o n d e f . J s o n t e s t . j s M x p a c k e . e x e
j s X S S   j s x s s c h r o m e     P P T D O C h t t p : / / p a n . b a i d u . c o m / s / 1 p J 6 w x j 9 [ / b l a c k h o l e F r e e B u f F r e e b u f . C O M ]
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理