Owasp Crs

WAF RULE TESTING (UNRESTRICTED FILE UPLOAD VULNERABILITY)

Summary In this blog, we are going to test Unrestricted File upload vulnerability on XVWA application with OWASP CRS && CWAF 1.128 (latest version) Ruleset. Test Scenario 1. Test Unrestricted File Upload Vulnerability with OWASP CRS: OWASP CRS block possible malicious files upload i.e .php files from getting compromised by .php shell, but still we are able to find little flaw in the ...

WAF RULE TESTING (LOCAL FILE INCLUSION VULNERABILITY)

In this blog, we will be testing Local File Inclusion (LFI) vulnerability on vulnerable application with OWASP CRS & CWAF Ruleset 1.127 (latest version). Test Scenario 1. Testing LFI attack with OWASP CRS Include the OWASP CRS on apache config: Filename: REQUEST-930-APPLICATION-ATTACK-LFI PARANOIA_LEVEL:1 Rule ID: 930100,930110,930120,930130 Test these following payloads on the xvwa ...

WAF RULE TESTING (OS COMMAND INJECTION VULNERABILITY)

In this blog, we will be Testing OS command injection attack on vulnerable application with OWASP CRS & CWAF Ruleset. How to identify the flaw on OWASP CRS & CWAF Ruleset? At first, set up the vulnerable application i.e XVWA,OWASP Mutillidae Vulnerable App on the server for testing WAF rules. Install modsecurity and include both OWASP CRS && CWAF ruleset in apache config....

OWASP CRS 3 AND COMODO WAF PATCH RULES

In this blog, we will see how to identify flaws in WAF and write our custom waf rules to block new attacks against our vulnerable application. How to write Custom WAF rule to block new attacks on web application? At first, try to identify the security issue i.e payload or process which normally WAF failed to detect. Based on that develope regex pattern to match that payload. Follow the...

MODSECURITY WAF RULE WRITING

How to write Custom WAF rule to block new attacks on web application? At first, try to identify the security issue i.e payload or process which normally WAF failed to detect. Based on that develope regex pattern to match that payload. Follow the modsecurity syntax to write a new rule. Save the rule as .conf and include in the default rules directory. Restart the Apache server and st...