Forum Discussion

Zafer_101134

Nimbostratus

15 years ago

asm capabilities encoded request

Hi i m doing Xss attack to the ASM with

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

15 years ago

Hi Zafer,

ASM doesn't currently provide an option to base64 decode request components. But most web servers won't do this either so it's not a problem. If the web application does base64 decode whatever request component you're putting the base64 encoded attack string in, then you'd have a potential issue.

What kind of app are you testing?

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)