WAF Testing Report

17 September 2017 13:01:27

Host http://test.app
Files checked attacks2\other_get.json
attacks2\other_post.json
attacks2\sqli_get.json
attacks2\sqli_post.json
attacks2\xss_get.json
attacks2\xss_post.json

Total

False-Negative 14
False-Positive 0
Total 10390

File: attacks2\other_get.json

False-Negative 4
False-Positive 0
Total 115

File: attacks2\other_post.json

False-Negative 4
False-Positive 0
Total 115

File: attacks2\sqli_get.json

False-Negative 0
False-Positive 0
Total 270

File: attacks2\sqli_post.json

False-Negative 0
False-Positive 0
Total 270

File: attacks2\xss_get.json

False-Negative 3
False-Positive 0
Total 4810

File: attacks2\xss_post.json

False-Negative 3
False-Positive 0
Total 4810
False Negative - OTHER_GET_066
Attack ID 
OTHER_GET_066
File 
attacks2\other_get.json
URI 
http://test.app:80/login.php?test=././.htaccess
Payload 
././.htaccess
HTTP-requst 
GET /login.php?test=././.htaccess HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=2esf9l6rikpd6tdfp4dgm82v96
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_GET_070
Attack ID 
OTHER_GET_070
File 
attacks2\other_get.json
URI 
http://test.app:80/login.php?test=././.htaccess
Payload 
%2e%2f%2e%2f%2e%68%74%61%63%63%65%73%73
HTTP-requst 
GET /login.php?test=././.htaccess HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=2esf9l6rikpd6tdfp4dgm82v96
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_GET_095
Attack ID 
OTHER_GET_095
File 
attacks2\other_get.json
URI 
http://test.app:80/login.php?test=C%3A/inetpub/wwwroot/global.asa
Payload 
C:/inetpub/wwwroot/global.asa
HTTP-requst 
GET /login.php?test=C%3A/inetpub/wwwroot/global.asa HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_GET_096
Attack ID 
OTHER_GET_096
File 
attacks2\other_get.json
URI 
http://test.app:80/login.php?test=C%3A%5Cinetpub%5Cwwwroot%5Cglobal.asa
Payload 
C:\inetpub\wwwroot\global.asa
HTTP-requst 
GET /login.php?test=C%3A%5Cinetpub%5Cwwwroot%5Cglobal.asa HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=aadovo6pp98onbmmt11e3u5f61
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_POST_066
Attack ID 
OTHER_POST_066
File 
attacks2\other_post.json
URI 
http://test.app:80/login.php
Payload 
././.htaccess
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Content-Length: 18
Connection: close

test=././.htaccess
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_POST_070
Attack ID 
OTHER_POST_070
File 
attacks2\other_post.json
URI 
http://test.app:80/login.php
Payload 
%2e%2f%2e%2f%2e%68%74%61%63%63%65%73%73
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=kaqmjk149lsj3q2p05l3lo8rg1
Content-Length: 18
Connection: close

test=././.htaccess
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_POST_095
Attack ID 
OTHER_POST_095
File 
attacks2\other_post.json
URI 
http://test.app:80/login.php
Payload 
C:/inetpub/wwwroot/global.asa
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=49c5cpg0bdk8skdg6lf2psani0
Content-Length: 36
Connection: close

test=C%3A/inetpub/wwwroot/global.asa
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - OTHER_POST_096
Attack ID 
OTHER_POST_096
File 
attacks2\other_post.json
URI 
http://test.app:80/login.php
Payload 
C:\inetpub\wwwroot\global.asa
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=49c5cpg0bdk8skdg6lf2psani0
Content-Length: 42
Connection: close

test=C%3A%5Cinetpub%5Cwwwroot%5Cglobal.asa
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - XSS_GET_1287
Attack ID 
XSS_GET_1287
File 
attacks2\xss_get.json
URI 
http://test.app:80/login.php?test=%27+%0A%09%09%09%09%09%09%7D%3B+%0A%09%09%09%09%09%09alert%280%29%3B+%0A%09%09%09%09%09%09a%20%3D%20%7B+%0A%09%09%09%09%09%09%09%27a%27+%3A+%27
Payload 
%27+%0A%09%09%09%09%09%09};+%0A%09%09%09%09%09%09alert%280%29;+%0A%09%09%09%09%09%09a%20=%20{+%0A%09%09%09%09%09%09%09%27a%27+:+%27
HTTP-requst 
GET /login.php?test=%27+%0A%09%09%09%09%09%09%7D%3B+%0A%09%09%09%09%09%09alert%280%29%3B+%0A%09%09%09%09%09%09a%20%3D%20%7B+%0A%09%09%09%09%09%09%09%27a%27+%3A+%27 HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=2petd556bv9o48072vplbnl8r6
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - XSS_GET_1472
Attack ID 
XSS_GET_1472
File 
attacks2\xss_get.json
URI 
http://test.app:80/login.php?test=%27+alert%28%27XSS%27%29+%27%26st%3D1%26email%3Dlol%40lol.com
Payload 
'+alert('XSS')+'&st=1&[email protected]
HTTP-requst 
GET /login.php?test=%27+alert%28%27XSS%27%29+%27%26st%3D1%26email%3Dlol%40lol.com HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=2petd556bv9o48072vplbnl8r6
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - XSS_GET_1473
Attack ID 
XSS_GET_1473
File 
attacks2\xss_get.json
URI 
http://test.app:80/login.php?test=%27+alert%281%29%26%26null%3D%3D%27
Payload 
'+alert(1)&&null=='
HTTP-requst 
GET /login.php?test=%27+alert%281%29%26%26null%3D%3D%27 HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=2petd556bv9o48072vplbnl8r6
Connection: close
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - XSS_POST_1287
Attack ID 
XSS_POST_1287
File 
attacks2\xss_post.json
URI 
http://test.app:80/login.php
Payload 
%27+%0A%09%09%09%09%09%09};+%0A%09%09%09%09%09%09alert%280%29;+%0A%09%09%09%09%09%09a%20=%20{+%0A%09%09%09%09%09%09%09%27a%27+:+%27
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=gui6hfmv4kkuh083vr2imekts0
Content-Length: 148
Connection: close

test=%27+%0A%09%09%09%09%09%09%7D%3B+%0A%09%09%09%09%09%09alert%280%29%3B+%0A%09%09%09%09%09%09a%20%3D%20%7B+%0A%09%09%09%09%09%09%09%27a%27+%3A+%27
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - XSS_POST_1472
Attack ID 
XSS_POST_1472
File 
attacks2\xss_post.json
URI 
http://test.app:80/login.php
Payload 
'+alert('XSS')+'&st=1&[email protected]
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=gui6hfmv4kkuh083vr2imekts0
Content-Length: 66
Connection: close

test=%27+alert%28%27XSS%27%29+%27%26st%3D1%26email%3Dlol%40lol.com
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013
False Negative - XSS_POST_1473
Attack ID 
XSS_POST_1473
File 
attacks2\xss_post.json
URI 
http://test.app:80/login.php
Payload 
'+alert(1)&&null=='
HTTP-requst 
POST /login.php HTTP/1.1
Host: test.app:80
Referer: http://test.app:80/login.php
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 Windows NT 6.3; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/44.0.2403.107 Safari/537.36
Cookie: PHPSESSID=gui6hfmv4kkuh083vr2imekts0
Content-Length: 40
Connection: close

test=%27+alert%281%29%26%26null%3D%3D%27
Detect type 
status_code
Expected result 
Block
Actual result 
Passed
Response length 
4013