mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 13:25:27 +00:00
commit
38a209b14d
@ -24,20 +24,24 @@ Attacker -- http://example.com?search=Beth&search=' OR 1=1;## --> WAF (reads fir
|
|||||||
|
|
||||||
### Table of refence for which technology reads which parameter
|
### Table of refence for which technology reads which parameter
|
||||||
When ?par1=a&par1=b
|
When ?par1=a&par1=b
|
||||||
| Technology | Parsing Result |outcome (par1=)|
|
| Technology | Parsing Result |outcome (par1=)|
|
||||||
| ------------------ |--------------- |:-------------:|
|
| ------------------ |--------------- |:-------------:|
|
||||||
| ASP.NET/IIS |All occurrences |a,b |
|
| ASP.NET/IIS |All occurrences |a,b |
|
||||||
| ASP/IIS |All occurrences |a,b |
|
| ASP/IIS |All occurrences |a,b |
|
||||||
| PHP/Apache |Last occurrence |b |
|
| PHP/Apache |Last occurrence |b |
|
||||||
| PHP/Zues |Last occurrence |b |
|
| PHP/Zues |Last occurrence |b |
|
||||||
| JSP,Servlet/Tomcat |First occurrence |a |
|
| JSP,Servlet/Tomcat |First occurrence |a |
|
||||||
| Perl CGI/Apache |First occurrence |a |
|
| Perl CGI/Apache |First occurrence |a |
|
||||||
| Python Flask |First occurrence |a |
|
| Python Flask |First occurrence |a |
|
||||||
| Python Django |Last occurrence |b |
|
| Python Django |Last occurrence |b |
|
||||||
| Nodejs |All occurrences |a,b |
|
| Nodejs |All occurrences |a,b |
|
||||||
| Golang net/http - `r.URL.Query().Get("param")` |First occurrence |a |
|
| Golang net/http - `r.URL.Query().Get("param")` |First occurrence |a |
|
||||||
| Golang net/http - `r.URL.Query()["param"]` |All occurrences |a,b |
|
| Golang net/http - `r.URL.Query()["param"]` |All occurrences |a,b |
|
||||||
|
| IBM Lotus Domino |First occurrence |a |
|
||||||
|
| IBM HTTP Server |First occurrence |a |
|
||||||
|
| Perl CGI/Apache |First occurrence |a |
|
||||||
|
| mod_wsgi (Python)/Apache |First occurrence |a |
|
||||||
|
| Python/Zope |All occurences in array |['a','b'] |
|
||||||
|
|
||||||
## References
|
## References
|
||||||
- [HTTP Parameter Pollution - Imperva](https://www.imperva.com/learn/application-security/http-parameter-pollution/)
|
- [HTTP Parameter Pollution - Imperva](https://www.imperva.com/learn/application-security/http-parameter-pollution/)
|
||||||
|
Loading…
Reference in New Issue
Block a user