[WEB] wafwaf

mmmm Is it what I guess, there is a rabbit hole ?! :slight_smile:

@drxxx you get this?

Type your comment> @oldirtykush said:

@drxxx you get this?

Unfortunately not Yet … I’m in loop … from its rate I guess it easy and there is something obvious I cant see

no rabbit holes. just read the code and see if there is a way to bypass the protection.

Type your comment> @daverules said:

no rabbit holes. just read the code and see if there is a way to bypass the protection.

That what I keep doing … I’m able to bypass the WAF but nothing return !!

Hi, any hint? “unset” is the right path or I have to study in deep classic waf bypass techniques? Thanks:)

@J4c said:

Hi, any hint? “unset” is the right path or I have to study in deep classic waf bypass techniques? Thanks:)

There is a risk of overthinking on this one. You can try various things, see if you can get a different response to different requests then, if there is, you can use a tool (s****p) to automate it.

I found it was very, very, very, very slow though. There may be faster approaches.

Type your comment> @daverules said:

no rabbit holes. just read the code and see if there is a way to bypass the protection.

Thank you a lot, it was so obvious as I said

@J4c said:
Hi, any hint? “unset” is the right path or I have to study in deep classic waf bypass techniques? Thanks:)

No … take it as simple as … do not overthinking as @TazWake said, overthinking killed my yesterday … even I found that I have all thing in my hands.

thks @Drxxx and @TazWake for your answers

so… slow… i didn’t have to do this in ages ?

good challenge :smile: learned a lot :smile:

I’m trying to 2 days… I know that it’s waf bypass, but really I’m too lost :frowning: someone give me a light?!!

And, I also know that there function waf() block some characters, so I my attempts were something like, //!comand//!comand

Hey, also stuck on this one. But a bit further ahead of WillBar I think.

I understand the code, and what gets given to the php functions from the request.

@WillBar : notice that the WAF function returns a : json_decode($s) . and then what gets passed to the query function is not the original value of the request …

what I’m struggling is what to send as a value of the attribute of the object I’m posting. tried s****p to try to get something going , but no luck… possibly not using it right. Any hints?

Type your comment> @Drxxx said:

That what I keep doing … I’m able to bypass the WAF but nothing return !!

Same thing on my side. I don’t see how I can get a response.

Type your comment> @nOnOs said:

Type your comment> @Drxxx said:

That what I keep doing … I’m able to bypass the WAF but nothing return !!

Same thing on my side. I don’t see how I can get a response.

Hi, I have solved it after I notice what to do if I didn’t get any response from the server … what sql injection technique I need to use :wink:

Type your comment> @Drxxx said:

Type your comment> @nOnOs said:

Type your comment> @Drxxx said:

That what I keep doing … I’m able to bypass the WAF but nothing return !!

Same thing on my side. I don’t see how I can get a response.

Hi, I have solved it after I notice what to do if I didn’t get any response from the server … what sql injection technique I need to use :wink:

Hmmm, interesting, but a doubt, how do I know if Waf is blocking my diversion attempts?

Thanks @Drxxx !

A good craftsman has to know his tools first :slight_smile:

Type your comment> @WillBar said:

Type your comment> @Drxxx said:

Type your comment> @nOnOs said:

Type your comment> @Drxxx said:

That what I keep doing … I’m able to bypass the WAF but nothing return !!

Same thing on my side. I don’t see how I can get a response.

Hi, I have solved it after I notice what to do if I didn’t get any response from the server … what sql injection technique I need to use :wink:

Hmmm, interesting, but a doubt, how do I know if Waf is blocking my diversion attempts?

As simple as … Just read the source code :wink: