Forum Discussion

Nimbostratus

Jun 06, 2012

ASM Injections

Hello All, I had 2 Queries on what is injected in the traffic/URI's by ASM or any other manipulation done by it that alters the original state. 1) Is ASM cookie injected in ...

management

monitoring

Attack_Signatur

Nimbostratus

Jun 09, 2014

The ASM will always inject the TS* cookie, even in transparent. This allows the ASM to track information about individual clients such as their IP address. When a TS* cookie becomes associated with another client from a different IP address then it will suspect a cookie hijacking has taken place.

I have only seen the ASM inject CSRF tokens (when CSRF was turned on) and Web Scraping JavaScript. I have never seen any other manipulations.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM Injections

Recent Discussions

Strange phenomenon seen in the tcpdump

F5 Self IP is not reachable over the network. New F5 virtual env.

troubleshooting serverssl profile with client cert..

Where is the location of CSR at F5 CLI

What is the best practice to deploy single Tenant in F5 rseries?

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

WAF evasion techniques for Command Injection

WordPress Content Injection Vulnerability - ASM Mitigation

AI Security : Prompt Injection and Insecure Output Handling.

Javascript injecting systems effect on web application end users - a scenario review

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS