Web Application security is very important nowadays ! especially due to ecommerce. Hence Web Application firewalls came into being ! which automatically filter out the malicious query string. And many high end technology giants have them installed !
But what IF ???!!!
Some one bypasses the WAF (Web Application Firewalls) , and because of the WAF, the programmers dont give much thought to filer or properly sanitize the input ! And once by passed then its all good for the attacker !
Detecting WAF !
WAFs can easily be detected by the response one gets in the http request ! For instance some WAFs give off wierd response codes ! such as 901 ! Some give 40x errors even thought he file exists ! Some drop the packets through FIN/RST ! so if the response is analysed one can easily determine whether the firewall is there or not or of which vendor it belongs to !
Bypassing WAF !
- Encoding the input into hex or Unicode !
- One can split their input strings using & and can easily bypass the WAF ! (esp the attack used for Modsecurity WAF)
- Even WAF have vulnerabilities such as XSS ! Thus can be easily by passed !
To conclude one can say that due to the premade rules of the WAFs it becomes predictable and very easy to bypass !