client9 / libinjection

SQL / SQLI tokenizer parser analyzer
Other
1k stars 274 forks source link

modsecurity libinjection false positive #129

Open edgreenberg opened 7 years ago

edgreenberg commented 7 years ago

ModSecurity reports:

[data "Matched Data: novc found within ARGS:LoginPassword: il0veGrandpa!@#"] 

I'm not sure what it's objecting to. It's pretty clear that I'm going to have to disable the rule, but I was hoping for an explanation.

Taking a look at fingerprints2sqli.py I don't see how il0vegrandpa!@# translates into anything offensive.

sashasaturn commented 5 years ago

I'm having the exact same issue with the same pattern - "!@#" at the end of password ARG

jstuckey commented 6 months ago

We are facing the same issue. The user's password ends in !@#.

NuAngel commented 3 months ago

Not to raise a corpose, but was a workaround ever discovered? Is it literally those 3 specific characters in that specific order? Is it that it can't end with a # symbol? Is it because those 3 characters in that order can't be at the end?