Is there any way to bypass Apache Mod_Security? When trying with LFI methodsĀ and such stuffs it appears,,, even the .php is vulnerable.
Screenshot pic:
https://prnt.sc/fwarqr
Screenshot pic:
https://prnt.sc/fwarqr
Possible way to bypass Apache Mod_Security?
|
Is there any way to bypass Apache Mod_Security? When trying with LFI methodsĀ and such stuffs it appears,,, even the .php is vulnerable.
Screenshot pic: https://prnt.sc/fwarqr
08-05-2017, 09:27 PM
These days apache's modsecurity is pretty solid - if you are looking for SQL Injection methods you could try SQLMap's tamper scripts (See: http://websec.ca/blog/view/Bypassing_WAFs_with_SQLMap to learn about them) you'll probably need to find updated tamper scripts that work in 2017 though. Hope this helps.
|
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
would this be a good way to start web hacking? | QMark | 19 | 22,641 |
04-04-2020, 06:28 AM Last Post: QMark |
|
Is it possible to bypass two factor authentication? | QMark | 10 | 13,578 |
04-21-2019, 09:38 PM Last Post: MuddyBucket |
|
good way to learn the fundamentals before the skills | QMark | 14 | 19,424 |
08-30-2018, 12:24 AM Last Post: QMark |
|
CrawlBox - Easy way to brute-force web directory. | abaykan | 2 | 9,218 |
06-25-2018, 04:11 PM Last Post: Infinityex |