Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Failed to include some sensitive path or file in #REQUEST-930-APPLICATION-ATTACK-LFI rules

See original GitHub issue

_Issue originally created by user umarfarook882 on date 2017-06-17 21:14:30. Link to original issue: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/814._

I have tested these payload on OWASP-CRS, It failed to block user form accessing this sensitive path or file. I have checked the rule on REQUEST-930-APPLICATION-ATTACK-LFI , these sensitive path or file are not included on the lfi-os-files.data file or on any other rules.

 #REQUEST-930-APPLICATION-ATTACK-LFI
 #PARANOIA_LEVEL:1
 #rule ID:930100,930110,930120,930130

These are the following sensitive file failed to detect by the OWASP-CRS
 /var/mail/www-data
 /etc/network/* i.e /etc/network/interfaces
 /etc/init/* i.e /etc/init/anacron.conf

For more information check my demo video on Github

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:6

github_iconTop GitHub Comments

1reaction
CRS-migration-botcommented, May 13, 2020

User umarfarook882 commented on date 2017-06-27 06:52:30:

No, as far now we will add this below directories to lfi-os-files.data and close this issue.

var/mail/www-data
/etc/network/* 
/etc/init/*
0reactions
CRS-migration-botcommented, May 13, 2020

User umarfarook882 commented on date 2017-08-07 04:54:51:

lifeforms Sure, Thanks for Merging the PR 😃 .

Read more comments on GitHub >

github_iconTop Results From Across the Web

Failed to include some sensitive path or file in #REQUEST ...
I have tested these payload on OWASP-CRS, It failed to block user form accessing this sensitive path or file. I have checked the...
Read more >
Handling False Positives with the OWASP ... - netnea
This will let you practice writing rules exclusions so the false alarms disappear from the installation. I have prepared two such files for...
Read more >
Web Application Firewall Policies - Create Or Update
Learn more about Application Gateway service - Creates or update policy with specified rule set name within a resource group.
Read more >
66.175.236.108 | IONOS Inc. | AbuseIPDB
IP Abuse Reports for 66.175.236.108: ; ManagedStack, 20 Jan 2021. Unauthorized path/IP Access (full log not revealed as it contains sensitive data) ;...
Read more >
azurerm_application_gateway | Resources | hashicorp/azurerm
backend_address_pool_name - (Optional) The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if redirect_configuration_name is set....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Failed to block .phps and .htaccess file upload in #REQUEST-933-APPLICATION-ATTACK-PHP rules

Next page

SQLi rule 942410 could be revised