Skip to content
Bypassing WAF by abusing SSL/TLS Ciphers
Branch: master
Clone or download
LandGrey update
1. update README
2. fix some code
Latest commit f4f3b51 Jul 5, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
curl upload code Jul 5, 2018
pictures update Jul 6, 2018
sslscan
.gitignore
README.md update Jul 6, 2018
abuse-ssl-bypass-waf.py update Jul 6, 2018
config.py upload code Jul 5, 2018

README.md

abuse-ssl-bypass-waf

Helping you find the SSL/TLS Cipher that WAF cannot decrypt and Server can decrypt same time

Referer article: Bypassing Web-Application Firewalls by abusing SSL/TLS

Idea

Usage

python abuse-ssl-bypass-waf.py --help

If you can find keyword or regex when hit the WAF page, you can use:

python abuse-ssl-bypass-waf.py -regex "regex" -target https://target.com

or you cannot find keyword or regex when filter by WAF,you can use:

python abuse-ssl-bypass-waf.py -thread 4 -target https://target.com

Notice: If you are worry about WAF drop the connection, you have better not use -thread option.

Thirdparty

curl

sslcan

Notice: If your operation system is not Windows, you should be modify config.py ,adjust curl and sslscan path & command values.

Running

If you don't know what the type of the WAF, you can compare the html response content length and try to find the bypassing WAF ciphers

knowing the hit WAF page keyword or regex:

When using some SSL/TLS ciphers request the payload URL, If WAF keyword or regex not in html page, there is a way bypassing WAF using Cipher!

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.