Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Check for abnormal character escapes (-> \c, \d, etc.)
See original GitHub issue_Issue originally created by user dune73 on date 2016-07-08 04:04:29. Link to original issue: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/393._
The whitespace escapes are well known and perfectly acceptable: \f, \t, \n, \r, \v, ....
But why would anybody escape \c? This smells like evasion and I think we should test for this practice.
Such a rule is probably something for PL 3 or 4.
Issue Analytics
- State:
- Created 3 years ago
- Comments:11
Top Results From Across the Web
Check for abnormal character escapes (-> \c, \d, etc.) #393
I want to allow escaped backslashes, thus a negative look-ahead group before this central part of the regex. And then followed by the...
Read more >12 Team Building Personality Tests
Here we will explore twelve online options for personality test team building that can benefit your remote team! There are no wrong answers, ......
Read more >4 Syntax and basic data types
Any character (except a hexadecimal digit, linefeed, carriage return, or form feed) can be escaped with a backslash to remove its special meaning....
Read more >groff(7) - Linux manual page - man7.org
String variables store character sequences. They are set with the .ds request and retrieved by the \* escape sequences. Strings can have ...
Read more >Troubleshooting Windows Subsystem for Linux | Microsoft Learn
Open Control Panel -> Programs and Features -> Turn Windows Feature on or off -> Check Windows Subsystem for Linux or using the...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
User dune73 commented on date 2016-07-08 16:05:03:
is currently not triggering any rule in 3.0.0dev. It’s going to be caught by the os file injection rule as soon as the new version is ready. But I think that
\sand\dstinks and they should be detected. Backends tend to ignore these irrelevant backslashes depending on the parser. Even the ModSec transformations do.User dune73 commented on date 2016-08-04 11:47:59:
See PR in #474. Closing this issue now.