Attack
Forum Üyesi
- Katılım
- 4 Şub 2023
- Mesajlar
- 2,618
- Puanları
- 0
Hi all,
When a user try's to register with a password like123!@# it gives an error: ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'novc'
Normally, I would check the error id & ARGS to whitelist like so:SecRuleUpdateTargetById 932105 !ARGS:title
The issue is XenForo is using a hash as the name for the password field ARGS:f9bd18566cc2cb5b4e3344e7370007e25eb286cd:
Because the hash is different each time it's impossible for me to whitelist it.
When a user try's to register with a password like123!@# it gives an error: ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'novc'
Normally, I would check the error id & ARGS to whitelist like so:SecRuleUpdateTargetById 932105 !ARGS:title
The issue is XenForo is using a hash as the name for the password field ARGS:f9bd18566cc2cb5b4e3344e7370007e25eb286cd:
Because the hash is different each time it's impossible for me to whitelist it.