PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-09 06:01:29 +00:00
Code Issues Projects Releases Wiki Activity

Implementation for an Issue #3108

Browse Source
This commit is contained in:
Miroslav Stampar
2018-07-31 02:18:33 +02:00
parent f0e4c20004
commit 1f9bf587b5
42 changed files with 113 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tamper/varnish.py
View File

@@ -14,12 +14,12 @@ def dependencies():
def tamper(payload, **kwargs):
"""
Append a HTTP header 'X-originating-IP' to bypass
WAF Protection of Varnish Firewall
Appends a HTTP header 'X-originating-IP' to bypass Varnish Firewall
Reference:
* http://h30499.www3.hp.com/t5/Fortify-Application-Security/Bypassing-web-application-firewalls-using-HTTP-headers/ba-p/6418366
Notes:
Reference: http://h30499.www3.hp.com/t5/Fortify-Application-Security/Bypassing-web-application-firewalls-using-HTTP-headers/ba-p/6418366
Examples:
>> X-forwarded-for: TARGET_CACHESERVER_IP (184.189.250.X)
>> X-remote-IP: TARGET_PROXY_IP (184.189.250.X)