waf

一，畸形包绕过 1.先关闭burpsuite长度更新，为get请求，先使用bp的method转换为POST请求 2.get请求中空格使用%20代替，Connection改为keep-alive 二，分块传输绕过waf 1.先在数据包中添加Transfer-Encoding: chunked 2.数字代表下一列字符所占位数，结尾需要两个回车 三，协议覆盖waf绕过 1.首先将数据包转换为文件上传包格式，使用bp工具change body encoding 2.删除多余空格 3.添加参数filename,filename =1.jpg,等于号前需要加个空格 4.加单引号绕过 5.边界混淆绕过 四，常见的waf绕过技巧，空格转义，超长字符溢出绕过等 五，组合绕过waf 1.分块抓输加文件包协议覆盖 2.Content-type编码绕过 3.http头格式绕过 回车加空格 混乱特殊字符绕过 只能位于chunked字符之前加入字符 加入双；号 来源： https://www.cnblogs.com/SCHAOGES/p/11962067.html

目录 介绍 安装Openresty 修改nginx.conf 部署WAF 测试WAF 简介：利用OpenResty+unixhot自建WAF系统 介绍   OpenResty是一个基于 Nginx 与 Lua 的高性能 Web 平台，其内部集成了大量精良的 Lua 库、第三方模块以及大多数的依赖项。用于方便地搭建能够处理超高并发、扩展性极高的动态 Web 应用、Web 服务和动态网关。   OpenResty通过汇聚各种设计精良的 Nginx 模块（主要由 OpenResty 团队自主开发），从而将 Nginx 有效地变成一个强大的通用 Web 应用平台。这样，Web 开发人员和系统工程师可以使用 Lua 脚本语言调动 Nginx 支持的各种 C 以及 Lua 模块，快速构造出足以胜任 10K 乃至 1000K 以上单机并发连接的高性能 Web 应用系统。   OpenResty的目标是让你的Web服务直接跑在 Nginx 服务内部，充分利用 Nginx 的非阻塞 I/O 模型，不仅仅对 HTTP 客户端请求,甚至于对远程后端诸如 MySQL、PostgreSQL、Memcached 以及 Redis 等都进行一致的高性能响应。 安装Openresty 以CentOS7.5为例 1.安装命令如下 yum install yum-utils -y yum-config-manager

文章汇总： https://www.cnblogs.com/dotnetcrazy/p/9160514.html 目录： 前言 1.在线安装 1.1.修改yum源地址 1.2.在线安装Nginx 1.3.端口放行 1.4.验证安装 2.知识拓展 2.1.编译参数 2.2.安装目录 2.3.默认配置 2.4.systemctl配置 3.编译安装 3.1.安装编译环境 3.2.Nginx编译安装 3.2.1.下载解压 3.2.2.配置编译参数 3.2.3.进行编译安装 3.2.4.配置systemctl 3.2.5.端口放行 3.2.6.验证 3.3.编译安装Lua模块 大体思路 3.3.1.编译安装luajit并导入环境变量 3.3.2.共享lua动态库 3.3.3.配置nginx的编译参数 3.3.4.重新编译安装nginx 3.3.5.验证Lua模块 4.Nginx+Lua搭建WAF防火墙 4.1.环境 4.2.配置 4.3.生效 4.4.简单验证 4.5.CC验证 扩展：隐藏Nginx版本信息 前言 对于项目里面只是使用代理等常用功能，在线安装即可，如需制定化模块，则推荐编译安装 PS：本文不仅仅包含Nginx相关的知识点，还包含了逆天学习方法（对待新事物的处理） 官方网站： https://nginx.org/ Github： https://github.com/nginx

I am building a new NS3 module recently. In my code, I use something new features of the C++11 (c++0x) , I want to add a gcc flags (CXXFLAGS) "-std=c++0x" to the waf configuration system. I tried to this: CXXFLAGS="-std=c++0x" waf configure , and then build it. However, it turns out that some of the exsiting modules such as ipv4-address is not compatible to c++11 . Thus, I want to specify this flag particularly for my new module so that other modules won't be complied on c++11. I tried to add this to the wscript in my new module : def configure(conf): conf.env.append_value('CXXFLAGS', '-std=c+

I want to build a shared library using waf as it looks much easier and less cluttered than GNU autotools. I actually have several questions so far related to the wscript I've started to write: VERSION='0.0.1' APPNAME='libmylib' srcdir = '.' blddir = 'build' def set_options(opt): opt.tool_options('compiler_cc') pass def configure(conf): conf.check_tool('compiler_cc') conf.env.append_value('CCFLAGS', '-std=gnu99 -Wall -pedantic -ggdb') def build(bld): bld.new_task_gen( features = 'cc cshlib', source = '*.c', target='libmylib') The line containing source = '*.c' does not work. Must I specify each

I need to suppress "-arch x86_64 -arch i386" flags Waf is passing to GCC. I am building an SDL/Opengl application. If I link against 32 bit SDL runtime I get error Undefined symbols for architecture i386: "_SDL_Quit", referenced from: __del_video in SDL_functions.c.2.o __init_video in SDL_functions.c.2.o If I link against 64 bit SDL runtime, I get error "Undefined symbols for architecture x86_64" The compiler is apparently using flags -arch x86_64 -arch i386 I understand that this causes GCC on OSX to try to compile for both architectures. I want to either compile for 64 bit, or compile for 32

I'm creating a wscript file capable of linking external libraries that are stored in the project directory, rather than installed to the system, but I am unsure of the best way of doing so. Currently, I'm doing something along the lines of the following: cfg.env.INCLUDES_A = [os.path.normpath('external/include')] cfg.env.LIBPATH_A = [os.path.normpath('external/win32/A/lib/x64')] cfg.env.LIB_A = ['A'] cfg.env.append_unique('COPY_LIBS', os.path.normpath('external/win32/A/lib/x64/A.dll')) In this case, I link to the local copy of A.lib and then mark the A.dll to be copied to my install directory

I am running a simulation like this ./waf --run scratch/myfile | awk -f filter.awk How can I kill the waf command as soon as filter.awk detects that something happened (e.g. after a specific line is read)? I cannot change waf or myfile . I can only change filter.awk , and the above command (obviously). Update after comments: waf does not terminated after receiving SIGPIPE (as it should?) It spawns child processes, that need cleaning up. This is my own answer (and challenge) . After working on @thatotherguy's ans @Chris's answers, I simplified a bit and got this: tmp=$(mktemp) { ./waf --run

WAF分类 0x01 云waf 在配置云waf时（通常是CDN包含的waf），DNS需要解析到CDN的ip上去，在请求uri时，数据包就会先经过云waf进行检测，如果通过再将数据包流给主机。 0x02 主机防护软件 在主机上预先安装了这种防护软件，可用于扫描和保护主机（废话），和监听web端口的流量是否有恶意的，所以这种从功能上讲较为全面。这里再插一嘴，mod_security、ngx-lua-waf这类开源waf虽然看起来不错，但是有个弱点就是升级的成本会高一些。 0x03 硬件ips/ids防护、硬件waf 使用专门硬件防护设备的方式，当向主机请求时，会先将流量经过此设备进行流量清洗和拦截，如果通过再将数据包流给主机。 02 WAF身份认证阶段的绕过 WAF有一个白名单，在白名单内的客户请求将不做检测 0x01 伪造搜索引擎 早些版本的安全狗是有这个漏洞的，就是把User-Agent修改为搜索引擎，便可以绕过，进行sql注入等攻击，这里推荐一个谷歌插件，可以修改User-Agent，叫User-Agent Switcher 0x02 伪造白名单特殊目录 360webscan脚本存在这个问题，就是判断是否为admin dede install等目录，如果是则不做拦截,比如 GET /pen/news.php?id=1 union select user,password from

We are looking for adequate build tool for a desktop GUI application to be written in D (using Qt toolkit), consisting of several native libraries, using 3rd party C-lib(s). It has to build on Linux (native development) and Mac as well on Windows. We might adopt Code::Blocks as IDE. Waf already has support for D language, while CMake is just receiving it cmaked2 . CMake uses special language, while Waf is pure Python...Otoh, CMake, via CPack, can produce packages in several formats as well as GUI installer for e.g. Windoze. Any pro/cons and what would you use? We excluded Scons for speed