Re: Re[5]: [mod-security-users] escape character problem - mod_security v1.9.2
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: Re[5]: [mod-security-users] escape character problem - mod_security v1.9.2
|
From: Ivan R. <iva...@gm...> - 2006-05-23 09:18:41
|
On 5/23/06, gyo...@hi... <gyo...@hi...> wrote: > > When I input string \', I see the debug log is like this, > .. > [23/May/2006:09:47:51 +0900] [localhost/sid#2bc130][rid#7079e8][/post.htm= l][4] Adding parameter: "username"=3D"/'" > ... > So, it seems character \ to be ignored. That's because you are running on Windows. It isn't ignored but it's converted to a forward slash. It's an implicit anti-evasion measure that cannot be turned off (unless you change the source code, which is a perfectly valid approach). Changing your signature to check for /" should provide results in your case. FYI, because this implicit anti-evasion is often very annoying (and it isn't the right way to do things) it has been removed from ModSecurity 2.x (which is currently in beta). --=20 Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |
