Do you have any more information about the modsecurity? Version? Filter information?
This may be useful if they are using a version prior to 2.1 http://www.juniper.net/security/auto...vuln22831.html
Local File Include and ModSecurity
Hello there,
I'm doing a pentest on web application, this have a local file include, but, web app have a modsecurity.
I tried bypass filter using double url encoding, but without success.
Someone can help me ?
Any direction are appreciated.
Cheers,
"If you aim the gun at your foot and pull the trigger, it's
UNIX's job to ensure reliable delivery of the bullet to
where you aimed the gun (in this case, Mr. Foot)."
Re: Local File Include and ModSecurity
Do you have any more information about the modsecurity? Version? Filter information?
This may be useful if they are using a version prior to 2.1 http://www.juniper.net/security/auto...vuln22831.html
Re: Local File Include and ModSecurity
No, I not have any information about version of modsecurity. but I think that this is updated, i'm playing with it, at point that he can be with default rules
I'm trying harder.
Thanks
"If you aim the gun at your foot and pull the trigger, it's
UNIX's job to ensure reliable delivery of the bullet to
where you aimed the gun (in this case, Mr. Foot)."
Posting Permissions