Forum Discussion

Nimbostratus

Sep 13, 2024

Bypass "Bad unescape" in Body POST (ASM, POST, JSON)

Here the Block. As you can see is "%" is detected without encoding meaning. This is normal since the "%" is in the Body of the post as JSON data (see below) Of course if I disable the "Bad unesca...

application delivery

asm

Bad unescape violation technique.

Nacreous

Sep 16, 2024

"%" is opening tag for for asp and aspx server side scripts (dotnet)
https://asp.net-tutorials.com/basics/hello-world/

if your app server is not using asp/asp.net,
ensure that asp* is not listed in the asm profile's server technology

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Bypass "Bad unescape" in Body POST (ASM, POST, JSON)

Recent Discussions

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Related Content

Bypass certificate check

Bypass WAF for X-forwarder IP in XC

MSM Bypass

Filter "Bad Unescape" Evasion technique detected in ASM logs

Bypassing ASM on HTTP response

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS