[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[WEB SECURITY] method to bypass mod_security
- From: "Dmitry Evteev" <devteev@xxxxxxxxxxxxxx>
- Subject: [WEB SECURITY] method to bypass mod_security
- Date: Tue, 3 Nov 2009 13:46:00 +0300
------=_NextPart_000_0044_01CA5C8B.FA6541F0
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0045_01CA5C8B.FA6541F0"
------=_NextPart_001_0045_01CA5C8B.FA6541F0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
A new method to bypass mod_security and conduct SQL Injection was
discovered. You can view the materials at:
http://ptresearch.blogspot.com/2009/11/another-fine-method-to-exploit-sql.ht
ml
- - - - - - - - - - - - - - -
Best Regards, Dmitry Evteev
Positive Technologies Co.
Tel.: (495) 744-0144
Web: http://www.ptsecurity.ru
------=_NextPart_001_0045_01CA5C8B.FA6541F0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml"; =
xmlns=3D"http://www.w3.org/TR/REC-html40";>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3DRU link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><span lang=3DEN-US style=3D'color:#1F497D'>A new =
method to
bypass mod_security and conduct SQL Injection was discovered. You can =
view the
materials at:<o:p></o:p></span></p>
<p class=3DMsoNormal><span lang=3DEN-US =
style=3D'color:#1F497D'>http://ptresearch.blogspot.com/2009/11/another-fi=
ne-method-to-exploit-sql.html<o:p></o:p></span></p>
<p class=3DMsoNormal><span lang=3DEN-US =
style=3D'color:#1F497D'><o:p> </o:p></span></p>
<p class=3DMsoNormal><span lang=3DEN-US style=3D'color:#1F497D'>- - - - =
- - - - - - -
- - - - <br>
Best Regards, Dmitry Evteev <br>
Positive Technologies Co. <br>
Tel.: (495) 744-0144 <br>
Web: http://www.ptsecurity.ru<o:p></o:p></span></p>
<p class=3DMsoNormal><span lang=3DEN-US><o:p> </o:p></span></p>
</div>
</body>
</html>
------=_NextPart_001_0045_01CA5C8B.FA6541F0--
------=_NextPart_000_0044_01CA5C8B.FA6541F0
Content-Type: application/x-pkcs7-signature;
name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="smime.p7s"
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII2jCCAmIw
ggHLoAMCAQICECBcAd2sMSq9Vhs/dbWu0ZgwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MTEyMTEzNDI0NVoXDTA5MTEyMTEzNDI0
NVowSDEfMB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjElMCMGCSqGSIb3DQEJARYWZGV2
dGVldkBwdHNlY3VyaXR5LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAl8lCvAKtlVka
NyriWDEijBrw1Qb6rwrW0pYrYJCcCOtYV54sDb3Nm+OZPN9pil777V4yjcSsRR16KpEPIFaUHZ9g
b3+DHfudtnEB8VrTKx+8CNndH5inH3Hgk2wL3E//E5GRYurehRFP8jvffDwsCnhD9aHzdkylVkeg
DWmnx70CAwEAAaMzMDEwIQYDVR0RBBowGIEWZGV2dGVldkBwdHNlY3VyaXR5LmNvbTAMBgNVHRMB
Af8EAjAAMA0GCSqGSIb3DQEBBQUAA4GBAL0ULp5DzJ2sJexLSRaxPNfoA2jed8LRNYkt4NHyfaw8
Ci8m6r6QmbVt/zpgoUqibmBSX2LdOPVE4xKyK4U9n4lHh5PvwJNPOCRnWVAETJtQVzWxm7UdGm2y
5xowLIxowkEgv9gJzyCs0S5ETf9flyWN4I0MK3BKMke13Yhl9oakMIIDLTCCApagAwIBAgIBADAN
BgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAG
A1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2Vy
dGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZy
ZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4X
DTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxX
ZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRp
bmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1Ro
YXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1h
aWxAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfYDFG2
6nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5ErHzmj+hND3EfQDim
AKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVquzgkCGqYx7Hao5iR/Xnb5VrEHLkC
AwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk
8E0RYNBvjWBYYawmu1I1XAjPMPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBH
H7UNKOgCneSa/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr5PjRznei
gTCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQI
EwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1
bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMT
G1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJl
ZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNV
BAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNU
aGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
gYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNa
LIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUq
VIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1Ud
HwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWls
Q0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVs
Mi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYf
qi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa
9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggNJMIIDRQIBATB2MGIxCzAJ
BgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQD
EyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQIFwB3awxKr1WGz91ta7RmDAJ
BgUrDgMCGgUAoIICKTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0w
OTExMDMxMDQ2MDBaMCMGCSqGSIb3DQEJBDEWBBR9j2aKSZNMmaZlaskIFdNYmwOMcTCBhQYJKwYB
BAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0
eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECECBc
Ad2sMSq9Vhs/dbWu0ZgwgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFs
IEZyZWVtYWlsIElzc3VpbmcgQ0ECECBcAd2sMSq9Vhs/dbWu0ZgwgbcGCSqGSIb3DQEJDzGBqTCB
pjALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAoGCCqGSIb3DQMHMAsGCWCGSAFlAwQBAjAOBggq
hkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4D
AhowCwYJYIZIAWUDBAIDMAsGCWCGSAFlAwQCAjALBglghkgBZQMEAgEwCgYIKoZIhvcNAgUwDQYJ
KoZIhvcNAQEBBQAEgYBY4+m5MnGn9MlWx1Xi1w2ol6yuz1cxT+dxxArvVxiWh3BMdgeMuwM30OHA
HHZem37KD7mkBUmFifntvdaRDeZQ8C3Ca9Br/rFeL4WdAdvWMOk1rvlQd1WOdbFfH2UCy6FzwSng
std3+oH+MTDJ+TzivhVzhalTD6WHJ+BLAbh6lwAAAAAAAA==
------=_NextPart_000_0044_01CA5C8B.FA6541F0--
Brought to you by http://www.webappsec.org
Search this site
|