ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
\.\./
|
|
|
|
|
\:\$
|
|
|
|
|
\$\{
|
|
|
|
|
select.+(from|limit)
|
|
|
|
|
(?:(union(.*?)select))
|
|
|
|
|
having|rongjitest
|
|
|
|
|
sleep\((\s*)(\d*)(\s*)\)
|
|
|
|
|
benchmark\((.*)\,(.*)\)
|
|
|
|
|
base64_decode\(
|
|
|
|
|
(?:from\W+information_schema\W)
|
|
|
|
|
(?:(?:current_)user|database|schema|connection_id)\s*\(
|
|
|
|
|
(?:etc\/\W*passwd)
|
|
|
|
|
into(\s+)+(?:dump|out)file\s*
|
|
|
|
|
group\s+by.+\(
|
|
|
|
|
xwork.MethodAccessor
|
|
|
|
|
(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(
|
|
|
|
|
xwork\.MethodAccessor
|
|
|
|
|
(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\:\/
|
|
|
|
|
java\.lang
|
|
|
|
|
\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\[
|
|
|
|
|
\<(iframe|script|body|img|layer|div|meta|style|base|object|input)
|
|
|
|
|
(onmouseover|onerror|onload)\=
|
