Possible way to bypass Apache Mod_Security?
#1
Is there any way to bypass Apache Mod_Security? When trying with LFI methodsĀ and such stuffs it appears,,, even the .php is vulnerable.


Screenshot pic:

https://prnt.sc/fwarqr
Reply
#2
These days apache's modsecurity is pretty solid - if you are looking for SQL Injection methods you could try SQLMap's tamper scripts (See: http://websec.ca/blog/view/Bypassing_WAFs_with_SQLMap to learn about them) you'll probably need to find updated tamper scripts that work in 2017 though. Hope this helps.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  would this be a good way to start web hacking? QMark 19 6,941 04-04-2020, 06:28 AM
Last Post: QMark
  Is it possible to bypass two factor authentication? QMark 10 4,773 04-21-2019, 09:38 PM
Last Post: MuddyBucket
  good way to learn the fundamentals before the skills QMark 14 11,021 08-30-2018, 12:24 AM
Last Post: QMark
  CrawlBox - Easy way to brute-force web directory. abaykan 2 6,463 06-25-2018, 04:11 PM
Last Post: Infinityex