how a attacker abuse from abort_invalid_hex option in snort?
for example if he send invalid hex (%0J) what happen ?
do web server accept it?
Yes, some webservers do accept it. It could be abused to circumvent input filtering, thwart IDS, obfuscate urls etc.
Experience is something you don't get until just after you need it.