Permalink
Browse files

Update erroneous regex for double encoded values in cookies (1315) (#415

)

%[2|3] matches '%2', '%|' and '%3'

What I think was intended was to match either '%2' or '%3'

Fix the regex accordingly.
  • Loading branch information...
rhowe-gds authored and jvoisin committed Mar 20, 2018
1 parent 4b1511f commit 83cb2558fb7173f8cfd804281d019ff17021a958
Showing with 38 additions and 38 deletions.
  1. +1 −1 naxsi_config/naxsi_core.rules
  2. +36 −36 t/11naxsi_newstyle_config.t
  3. +1 −1 t/confs/nginx_fuzz.conf.example
@@ -69,7 +69,7 @@ MainRule "str:[" "msg:open square backet ([), possible js" "mz:BODY|URL|ARGS|$HE
MainRule "str:]" "msg:close square bracket (]), possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
MainRule "str:~" "msg:tilde (~) character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
MainRule "str:`" "msg:grave accent (`)" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
MainRule "rx:%[2|3]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
MainRule "rx:%[23]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
####################################
## Evading tricks IDs: 1400-1500 ##
Oops, something went wrong.

0 comments on commit 83cb255

Please sign in to comment.