An interesting WAF eval report - http://zeroscience.mk/files/wafreport2013.pdf
ModSecurity has the best false negative rate :) I have just updated github repo with fixes for the 2 LFI/RFI bypasses - https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/7ff865deab72b0993824ce4ef53189745a4dd1a3 Note that for the LFI issue I applied the t:cmdLine transformation function - https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-cmdLine Thanks to Marc Stern for that contribution! LFI Bypass fixed - http://www.modsecurity.org/demo/phpids?test=cat%20\/etc\/passwd RFI Bypass fixed - http://www.modsecurity.org/demo/phpids?test=http://dni.destr0y.net/x.txt -- Ryan Barnett ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
