From 749efd6a1a984b1d732f9542f53fc8d43ce83cf9 Mon Sep 17 00:00:00 2001
From: loveshell <82163261@qq.com>
Date: Fri, 8 Nov 2013 23:55:40 +0800
Subject: [PATCH] Create post

---
 wafconf/post | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 wafconf/post

diff --git a/wafconf/post b/wafconf/post
new file mode 100644
index 0000000..30554ca
--- /dev/null
+++ b/wafconf/post
@@ -0,0 +1,20 @@
+\.\./
+\:\$
+\$\{
+select.+(from|limit)
+(?:(union(.*?)select))
+having|rongjitest
+sleep\((\s*)(\d*)(\s*)\)
+benchmark\((.*)\,(.*)\)
+base64_decode\(
+(?:from\W+information_schema\W)
+(?:(?:current_)user|database|schema|connection_id)\s*\(
+(?:etc\/\W*passwd)
+into(\s+)+(?:dump|out)file\s*
+group\s+by.+\(
+xwork.MethodAccessor
+(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(
+xwork\.MethodAccessor
+(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\:\/
+java\.lang
+\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\[