|
Packit |
284210 |
### libinjection.
|
|
Packit |
284210 |
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "libinjection SQLi - with SQLi",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
SecRequestBodyAccess On
|
|
Packit |
284210 |
|
|
Packit |
284210 |
SecRule REQUEST_BODY "\@detectSQLi" "id:192372,log,deny"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
error => [ qr/detected SQLi using libinjection/, 1],
|
|
Packit |
284210 |
debug => [ qr/detected SQLi using libinjection/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
|
|
Packit |
284210 |
[
|
|
Packit |
284210 |
"Content-Type" => "application/x-www-form-urlencoded",
|
|
Packit |
284210 |
],
|
|
Packit |
284210 |
# Args
|
|
Packit |
284210 |
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "libinjection SQLi - without SQLi",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
SecRequestBodyAccess On
|
|
Packit |
284210 |
|
|
Packit |
284210 |
SecRule REQUEST_BODY "\@detectSQLi" "id:192372,log,deny"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
-error => [ qr/detected SQLi using libinjection/, 1],
|
|
Packit |
284210 |
-debug => [ qr/detected SQLi using libinjection/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^200$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
|
|
Packit |
284210 |
[
|
|
Packit |
284210 |
"Content-Type" => "application/x-www-form-urlencoded",
|
|
Packit |
284210 |
],
|
|
Packit |
284210 |
# Args
|
|
Packit |
284210 |
"some_variable=hello cruel world"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "libinjection XSS - with XSS",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
SecRequestBodyAccess On
|
|
Packit |
284210 |
|
|
Packit |
284210 |
SecRule REQUEST_BODY "\@detectXSS" "id:192372,log,deny"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
error => [ qr/detected XSS using libinjection/, 1],
|
|
Packit |
284210 |
debug => [ qr/detected XSS using libinjection/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
|
|
Packit |
284210 |
[
|
|
Packit |
284210 |
"Content-Type" => "application/x-www-form-urlencoded",
|
|
Packit |
284210 |
],
|
|
Packit |
284210 |
# Args
|
|
Packit |
284210 |
"some_variable="
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "libinjection XSS - without XSS",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
SecRequestBodyAccess On
|
|
Packit |
284210 |
|
|
Packit |
284210 |
SecRule REQUEST_BODY "\@detectXSS" "id:192372,log,deny"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
-error => [ qr/detected XSS using libinjection/, 1],
|
|
Packit |
284210 |
-debug => [ qr/detected XSS using libinjection/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^200$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
|
|
Packit |
284210 |
[
|
|
Packit |
284210 |
"Content-Type" => "application/x-www-form-urlencoded",
|
|
Packit |
284210 |
],
|
|
Packit |
284210 |
# Args
|
|
Packit |
284210 |
"some_variable=hello cruel world"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
}
|