We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PATH_INFO not work
test http
POST /service_transport/service.action?a=1 HTTP/1.1 Accept-Encoding: gzip Connection: close Content-Length: 180 Content-Type: application/json Host: 220.202.55.211:8090 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2762.73 Safari/537.36 {"command":"GetFZinfo","UnitCode":"<#assign ex = \"freemarker.template.utility.Execute\"?new()>${ex(\"cmd /c echo xosreokymgnfjqkhtnjvbcqmaweeeupu > ./webapps/ROOT/nvjcbw.txt\")}"}
success rule
SecRule REQUEST_FILENAME "@contains /service_transport/service.action" "id:948008,msg:'test',phase:2,block,capture,severity:'CRITICAL',tag:'attack-rce',tag:'paranoia-level/1',t:none"
failed rule
SecRule PATH_INFO "@contains /service_transport/service.action" "id:948008,msg:'test',phase:2,block,capture,severity:'CRITICAL',tag:'attack-rce',tag:'paranoia-level/1',t:none"
test whth https://playground.coraza.io/#
What should happen?
What happened.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Description
PATH_INFO not work
Steps to reproduce
test http
success rule
failed rule
test whth https://playground.coraza.io/#
Expected result
What should happen?
Actual result
What happened.
The text was updated successfully, but these errors were encountered: