Forum Discussion

Nimbostratus

May 10, 2012

ActiveSync Windows Phone query decode

I used the following rule to decode and locate the Windows Phone device ID for access control to an ActiveSync/OWA service. The AS protocol allows the query to be plain text or base64 encoded hex. ...

Cirrostratus

Jun 01, 2012

If you do have the ability to wait for a hotfix that seems like the safest and simplest approach. Else, you could try adding more validation to avoid base64 decoding a non-base64 encoded string. It would be crufty, but maybe you could look for more than one = to determine that a query string isn't base64 encoded?

if { [HTTP::query] ne "" and ![expr [string length [HTTP::query]]%4] and [llength [split [HTTP::query] =]] < 2 } {

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ActiveSync Windows Phone query decode

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Decoding the IPv4 address from the persistence cookie

Decoding PCI-DSS v4.0: F5's Ridiculously Easy Guide to Technical Compliance

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Fully Decode URI

Decode BIG-IP performance files

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS