mirror of https://github.com/1Panel-dev/1Panel
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
138 lines
3.1 KiB
138 lines
3.1 KiB
{
|
|
"rules": [
|
|
{
|
|
"state": "on",
|
|
"name": "dirFilter1",
|
|
"rule": "\\.\\./",
|
|
"type": "dirFilter"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "dirFilter2",
|
|
"rule": "\\:\\$",
|
|
"type": "dirFilter"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "dirFilter3",
|
|
"rule": "\\$\\{",
|
|
"type": "dirFilter"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "dirFilter4",
|
|
"rule": "(?:etc\\/\\W*passwd)",
|
|
"type": "dirFilter"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "dirFilter5",
|
|
"rule": "java\\.lang",
|
|
"type": "dirFilter"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject1",
|
|
"rule": "select.+(from|limit)",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject2",
|
|
"rule": "(?:(union(.*?)select))",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject3",
|
|
"rule": "having|rongjitest",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject4",
|
|
"rule": "sleep\\((\\s*)(\\d*)(\\s*)\\)",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject5",
|
|
"rule": "benchmark\\((.*)\\,(.*)\\)",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject6",
|
|
"rule": "group\\s+by.+\\(",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject7",
|
|
"rule": "(?:from\\W+information_schema\\W)",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject8",
|
|
"rule": "(?:(?:current_)user|database|schema|connection_id)\\s*\\(",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject9",
|
|
"rule": "into(\\s+)+(?:dump|out)file\\s*",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "sqlInject10",
|
|
"rule": "\\s+(or|xor|and)\\s+.*(=|<|>|'|\")",
|
|
"type": "sqlInject"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "args1",
|
|
"rule": "xwork.MethodAccessor",
|
|
"type": "args",
|
|
"description": "Struts 恶意参数过滤"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "args2",
|
|
"rule": "xwork\\.MethodAccessor",
|
|
"type": "args",
|
|
"description": "Struts 恶意参数过滤"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "oneWordTrojan1",
|
|
"rule": "(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\(",
|
|
"type": "oneWordTrojan"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "oneWordTrojan2",
|
|
"rule": "\\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\\[",
|
|
"type": "oneWordTrojan"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "protocolFilter1",
|
|
"rule": "(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\\:\\/",
|
|
"type": "protocolFilter"
|
|
},
|
|
{
|
|
"state":"on",
|
|
"name":"scannerFilter1",
|
|
"rule":"(CustomCookie|acunetixCookie)",
|
|
"type": "scannerFilter"
|
|
},
|
|
{
|
|
"state": "on",
|
|
"name": "xss1",
|
|
"rule": "base64_decode\\(",
|
|
"type": "xss"
|
|
}
|
|
]
|
|
} |