mirror of https://github.com/1Panel-dev/1Panel
appstorecrontabdatabasedockerdocker-composedocker-containerdocker-imagedocker-uifilemanagerlamplnmppanel
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
145 lines
3.4 KiB
145 lines
3.4 KiB
{ |
|
"rules": [ |
|
{ |
|
"state": "on", |
|
"name": "sqlInject1", |
|
"rule": "select.+(from|limit)", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject2", |
|
"rule": "(?:(union(.*?)select))", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject3", |
|
"rule": "having|rongjitest", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject4", |
|
"rule": "sleep\\((\\s*)(\\d*)(\\s*)\\)", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject5", |
|
"rule": "benchmark\\((.*)\\,(.*)\\)", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject6", |
|
"rule": "group\\s+by.+\\(", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject7", |
|
"rule": "(?:from\\W+information_schema\\W)", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject8", |
|
"rule": "(?:(?:current_)user|database|schema|connection_id)\\s*\\(", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject9", |
|
"rule": "into(\\s+)+(?:dump|out)file\\s*", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "sqlInject10", |
|
"rule": "\\s+(or|xor|and)\\s+.*(=|<|>|'|\")", |
|
"type": "sqlInject" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "args1", |
|
"rule": "xwork.MethodAccessor", |
|
"type": "args", |
|
"description": "Struts 恶意参数过滤" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "args2", |
|
"rule": "xwork\\.MethodAccessor", |
|
"type": "args", |
|
"description": "Struts 恶意参数过滤" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "oneWordTrojan1", |
|
"rule": "(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\(", |
|
"type": "oneWordTrojan" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "oneWordTrojan2", |
|
"rule": "\\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\\[", |
|
"type": "oneWordTrojan" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "protocolFilter1", |
|
"rule": "(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\\:\\/", |
|
"type": "protocolFilter", |
|
"description": "协议过滤" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "dirFilter1", |
|
"rule": "(?:etc\\/\\W*passwd)", |
|
"type": "dirFilter" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "dirFilter2", |
|
"rule": "java\\.lang", |
|
"type": "dirFilter" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "xss1", |
|
"rule": "\\<(iframe|script|body|img|layer|div|meta|style|base|object|input)", |
|
"type": "xss" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "xss2", |
|
"rule": "(onmouseover|onerror|onload)\\=", |
|
"type": "xss" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "xss3", |
|
"rule": "base64_decode\\(", |
|
"type": "xss" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "webshell1", |
|
"rule": "/shell?cd+/tmp;\\s*rm+-rf\\+\\*;\\s*wget", |
|
"type": "webshell" |
|
}, |
|
{ |
|
"state": "on", |
|
"name": "phpExec1", |
|
"rule": "/systembc/password.php", |
|
"type": "phpExec" |
|
}, |
|
{ |
|
"state":"on", |
|
"name": "scannerFilter1", |
|
"rule":"(Acunetix-Aspect|Acunetix-Aspect-Password|Acunetix-Aspect-Queries|X-WIPP|X-RequestManager-Memo|X-Request-Memo|X-Scan-Memo)", |
|
"type": "scannerFilter" |
|
} |
|
] |
|
} |