denjacker Posted September 25, 2011 Report Share Posted September 25, 2011 Ivan Markovic has recently published the results of his research on the development of attack Http Parameter Pollution. A new attack called Http Parameter Contamination (HPC). The essence of this attack consists in the fact that the various platforms and applications are handled differently obviously incorrect parameters. This is illustrated in the following table:Attack of the HPC, like HPP, can be used to bypass various filters, security restrictions and regulations Site Web Application Firewall. In particular, the researcher gives the following examples of bending rules Mod_Security:Example 1 (Apache / php):Forbidden: http://localhost/?xp_cmdshell'>http://localhost/?xp_cmdshellBypassed ([=> _): http://localhost/?xp [cmdshellExample 2 (IIS / ASP):Forbidden: http://192.168.2.105/test.asp?file=../bla.txtBypassed (.%. => ..): Http://192.168.2.105/test.asp?file =.%./ bla.txtThe full results of the survey by visiting: http://www.exploit-db.com/download_pdf/17534 1 Quote Link to comment Share on other sites More sharing options...
Gonzalez Posted September 25, 2011 Report Share Posted September 25, 2011 Gooood.-Gonzalez Quote Link to comment Share on other sites More sharing options...