zoukankan      html  css  js  c++  java
  • 360 webscan中防注入跨站攻击的核心

    //get拦截规则
    $getfilter = "\<.+javascript:window\[.{1}\\x|<.*=(&#\d+?;?)+?>|<.*(data|src)=data:text\/html.*>|\b(alert\(|confirm\(|expression\(|prompt\(|benchmarks*?\(d+?|sleeps*?\([d.]+?\)|load_files*?\()|<[a-z]+?\b[^>]*?\bon([a-z]{4,})s*?=|^\+\/v(8|9)|\b(and|or)\b\s*?([\(\)'"\d]+?=[\(\)'"\d]+?|[\(\)'"a-zA-Z]+?=[\(\)'"a-zA-Z]+?|>|<|s+?[\w]+?\s+?\bin\b\s*?(|\blike\b\s+?["'])|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT(\(.+\)|\s+?.+?)|UPDATE(\(.+\)|\s+?.+?)SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE)(\(.+\)|\s+?.+?\s+?)FROM(\(.+\)|\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
    //post拦截规则
    $postfilter = "<.*=(&#\d+?;?)+?>|<.*data=data:text\/html.*>|\b(alert\(|confirm\(|expression\(|prompt\(|benchmarks*?\(d+?|sleeps*?\([d.]+?\)|load_files*?\()|<[^>]*?\b(onerror|onmousemove|onload|onclick|onmouseover)\b|\b(and|or)\b\s*?([\(\)'"\d]+?=[\(\)'"\d]+?|[\(\)'"a-zA-Z]+?=[\(\)'"a-zA-Z]+?|>|<|s+?[\w]+?\s+?\bin\b\s*?(|\blike\b\s+?["'])|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT(\(.+\)|\s+?.+?)|UPDATE(\(.+\)|\s+?.+?)SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE)(\(.+\)|\s+?.+?\s+?)FROM(\(.+\)|\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
    //cookie拦截规则
    $cookiefilter = "benchmarks*?\(d+?|sleeps*?\([d.]+?\)|load_files*?\(|\b(and|or)\b\s*?([\(\)'"\d]+?=[\(\)'"\d]+?|[\(\)'"a-zA-Z]+?=[\(\)'"a-zA-Z]+?|>|<|s+?[\w]+?\s+?\bin\b\s*?(|\blike\b\s+?["'])|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT(\(.+\)|\s+?.+?)|UPDATE(\(.+\)|\s+?.+?)SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE)(\(.+\)|\s+?.+?\s+?)FROM(\(.+\)|\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";

    不多说。

  • 相关阅读:
    JSON数据格式
    段寄存器
    进程 PCB 进程挂起
    python3:文件读写+with open as语句(转)
    Python 中 'unicodeescape' codec can't decode bytes in position XXX: trun错误解决方案
    intelx86为何从0xFFFF0处执行
    Linux内核调度分析(转,侵删)
    调度器简介,以及Linux的调度策略(转)
    nm命令
    Vim文本编辑器中常用的一些命令
  • 原文地址:https://www.cnblogs.com/x3d/p/3902531.html
Copyright © 2011-2022 走看看