Posted by Nic Wiswat on Nov 04
#################################################
Bypass Imperva by confusing HTTP Pollution Normalization Engine
#################################################
Author: Wiswat Aswamenakul
Environment: Tested with Imperva Version: 11.5 and Web Backend as IIS + ASP
Description:
One of technique that attackers use to bypass web application firewall is
to use HTTP pollution attack. The attack can be produced by sending
parameters with the same…