Hello there,
I'm doing a pentest on web application, this have a local file include, but, web app have a modsecurity.
I tried bypass filter using double url encoding, but without success.
Someone can help me ?
Any direction are appreciated.
Cheers,
Printable View
Hello there,
I'm doing a pentest on web application, this have a local file include, but, web app have a modsecurity.
I tried bypass filter using double url encoding, but without success.
Someone can help me ?
Any direction are appreciated.
Cheers,
Do you have any more information about the modsecurity? Version? Filter information?
This may be useful if they are using a version prior to 2.1 http://www.juniper.net/security/auto...vuln22831.html
No, I not have any information about version of modsecurity. but I think that this is updated, i'm playing with it, at point that he can be with default rules
I'm trying harder.
Thanks