Picus is dedicated to collaborating with its technology alliance partners and the cybersecurity community to build better cyber defenses against the adversary attempts. Accordingly, we have a responsible disclosure policy to publish vulnerabilities and bypass/evasion methods of security controls. We first notified the vendor, and after a grace period of 30 days, the new attack signature update was published.
We have discovered that the “rev” and “printf” commands incorporated with the Bash shell’s command substitution feature bypass certain attack signature checks of F5 Advanced WAF/ASM/NGINX App Protect products. We use this combination of commands in a command execution payload that creates a reverse shell to the target web server. ...read more!
