You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for the many improvements to waf-bypass, including curl replay and json output.
But there is a usability issue with the json file.
Ideally I'd like to be able to use jq (the swiss army knife for json) to export the curl commands for just a particular subset of bypasses, e.g.
jq -r '.[] | select(.result=="BYPASSED" and .dir=="RCE" and .zone=="BODY" and .enc=="none") | .curl' waf-bypass.json > repro.sh
in such a way that the repro.sh is a runnable script that will reproduce that set of bypasses.
Unfortunately, while jq can probably do that with the current json schema, I can't figure out how to do it.
This suggests to me that a more table-like curl section in the json file might be appropriate.
It wasn't hard to code; see the attached patch for a proof of concept.
The json file output after applying the proof-of-concept patch does work with the jq command above, and makes me happy :-)
I'll probably try to submit a pull request that adds an option to replace the current curl section with this new format and see how that looks.
The text was updated successfully, but these errors were encountered:
Thank you for the many improvements to waf-bypass, including curl replay and json output.
But there is a usability issue with the json file.
Ideally I'd like to be able to use jq (the swiss army knife for json) to export the curl commands for just a particular subset of bypasses, e.g.
in such a way that the repro.sh is a runnable script that will reproduce that set of bypasses.
Unfortunately, while jq can probably do that with the current json schema, I can't figure out how to do it.
This suggests to me that a more table-like curl section in the json file might be appropriate.
It wasn't hard to code; see the attached patch for a proof of concept.
The json file output after applying the proof-of-concept patch does work with the jq command above, and makes me happy :-)
I'll probably try to submit a pull request that adds an option to replace the current curl section with this new format and see how that looks.
The text was updated successfully, but these errors were encountered: