denjacker Posted September 25, 2011 Report Posted September 25, 2011 Ivan Markovic has recently published the results of his research on the development of attack Http Parameter Pollution. A new attack called Http Parameter Contamination (HPC). The essence of this attack consists in the fact that the various platforms and applications are handled differently obviously incorrect parameters. This is illustrated in the following table:Attack of the HPC, like HPP, can be used to bypass various filters, security restrictions and regulations Site Web Application Firewall. In particular, the researcher gives the following examples of bending rules Mod_Security:Example 1 (Apache / php):Forbidden: http://localhost/?xp_cmdshell'>http://localhost/?xp_cmdshellBypassed ([=> _): http://localhost/?xp [cmdshellExample 2 (IIS / ASP):Forbidden: http://192.168.2.105/test.asp?file=../bla.txtBypassed (.%. => ..): Http://192.168.2.105/test.asp?file =.%./ bla.txtThe full results of the survey by visiting: http://www.exploit-db.com/download_pdf/17534 1 Quote