Study Of WAF Bypass Method And Test Framework

With the continuous maturity of Web2.0,people are increasingly through the In-ternet platform for communication,trade,records and other activities.After that,a large number of Web applications come into people’s study,work,life,such as mi-cro-blog,network notes and so on.These Web applications not only bring conven-ience to people,but also bring some security risks at the same time.With the devel-opment of the Internet,hacker technology is constantly updated and improved,hack-ers use the security vulnerabilities to obtain user sensitive information,access to Web application system permissions on the Web application.These attack methods include SQL injection,XSS attacks,command execution,etc.In order to monitor,defend and deal with all kinds of hacker intrusion,security technicians design a variety of net-work security products,such as the traditional network firewall,IDS,IPS and Web application firewall(WAF)and so on.Unlike IDS,IPS,etc.,WAF works at the appli-cation layer,which is responsible for the secure processing of the HTTP protocol.It protects the application layer by setting the application layer security rules.In many cases,it can effectively prevent SQL injection,XSS attacks,OS command execution,DDOS attack,and so on.However,WAF as the application layer of the protection tool itself will inevita-bly exist deficiency which can be exploited by the attacker,such as the relevant func-tion of filtering lax,the distinction of the container characteristics,the wrong pro-cessing of the special symbols and so on.In order to protect the security of Web ap-plications better,improving the WAF security rules is very important.This paper first describes the basic knowledge related to Web attacks,such as Web server,operating system,HTTP protocol,coding,database management system,etc.,on the basis of analysis of various types of Web application attack technology,and then the common types of WAF,The basic principles and working processes are described,and then the various methods and bypass types were summarized and ana-lyzed.After that,a WAF bypasses test framework is presented.The framework is written in the Python language,and the WAF rule set is automatically detected.The backtracking analysis is used to detect the WAF bypass method with fuzzy test in or-der to correct the WAF.