|
|
|
|
|
|
by wlrm
3643 days ago
|
|
|
Just easiest way to test your WAF right here and right now is: hXXp://defended-site/?test={%22attack%22:%22\u004a3Vu\u0061W\u0039uIHNlbGVjdCBwYXNzd2\u0039yZCBmcm\u0039tIHVzZXJzIGxpbWl0IDEtLWEt%22} Let's explain payload processing in details:
1. URL-decode {"attack":"\u004a3Vu\u0061W\u0039uIHNlbGVjdCBwYXNzd2\u0039yZCBmcm\u0039tIHVzZXJzIGxpbWl0IDEtLWEt"} 2. JSON unicode chars decode:
J3VuaW9uIHNlbGVjdCBwYXNzd29yZCBmcm9tIHVzZXJzIGxpbWl0IDEtLWEt 3. BASE64 decode:
'union select password from users limit 1--a- Wallarm can process this w/o any manual tuning out of the box. |
|
|