Forum Discussion

Cirrocumulus

Sep 13, 2010

test block script

Hi all, We used to have a test block script which we could enter into a field on our corporate website and trigger a block response. This was a quick way of testing ASM was working. This scr...

app sec

BIG-IP Access Policy Manager (APM)

security

Kai_Wilke

MVP

Jan 12, 2016

Hi Nathan,

I do usally test my ASM functionality with the "Nimda Worm" signature (aka. a IIS specific Escaped Character Decoding Command Execution Vulnerability).

the Test-URI is rather handy and simple:

http://www.example.com/scripts/..%255c../winnt/system32/cmd.exe?/c+dir

Note: The string "/..%255c../" is the actual attack signature and would double decode on the serverside to "%5c" in the first round (security validated by IIS) and on the second round to "\" (not security validated by IIS).

And the ASM response blocking functionality can be testet with an Error Page sending an unknown [HTTP::status] of lets say 666.

Cheers, Kai

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

test block script

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Round-robin method not load balanced

F5 AI Roadmap

F5 object groups in AFM

F5 BGP Peering in Active /Standby Cluster

F5 rSeries || Upgrade tenant

Related Content

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747

VIPTest: Rapid Application Testing for F5 Environments

APM Optimisation Script

Cross Site Scripting (XSS) Exploit Paths

Passing Arguments to iCall Scripts

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS