Author: redice
My younger brother and friend's website has been visited by XXX. I checked it for help.
I found a news display page, tried SQL Injection, and was told that IDS intercepted the request.
As follows:
Based on the connection on the prompt page, I found the website "chuangzhi IIS firewall". I will take a look at the product introduction.
It is also an ISAPI-based WAF. I personally feel that ISAPI is too dependent on the IIS version, and its stability is not very good (ISAPI makes me happy and worries me ).
By viewing the product description, we found that it only filters GET and POST data (that is, QueryString and PostData ).
I tried Cookie (transit) injection, which is really helpful ....
As follows:
Note: because it is cookie transit injection, the path is local.
Without perfect WAF, the security of WEB products depends on your own.