Double Encoding Attacks: Bypass Security Filters
Double encoding bypasses filters that only decode once — %2526 becomes % then & across two passes. Learn how the attack works and how to defend against it.
Published:
Tags: security, encoding, attacks
Double Encoding Attacks: How Attackers Bypass Security Filters Security filters that operate on encoded input are vulnerable to a class of attack where the attacker encodes malicious content twice. The filter decodes once, sees what appears to be safe encoded content, and passes it through. The application then decodes again, ending up with the malicious payload. Double encoding attacks are not a theoretical curiosity. They have been used against web application firewalls, IDS systems, URL filters, path traversal defenses, and XSS filters. This article explains the mechanics and shows you how to build systems that are not susceptible. --- How Encoding Works in Multi-Layer Systems Most web applications decode input at multiple points: The web server or load balancer URL-decodes the request…
All articles · theproductguy.in