about mod_security.c

10 views
Skip to first unread message

唐不狐

unread,
Jan 13, 2010, 1:58:27 AM1/13/10
to Ph4nt0m
遇到apache里面加载了安全插件,具体配置如下:
<IfModule mod_security.c>
SecFilterEngine DynamicOnly

SecFilterScanPOST On
SecFilter "select.+from"
SecFilter "insert"
SecFilter "update.+set"
SecFilter "delete.+from"
SecFilter "union"

SecFilter "select.+\n"
SecFilter "update.+\n"
SecFilter "delete.+\n"

SecFilterSelective ARGS_VALUES "^http:/"
SecFilterSelective ARGS_NAMES "^php:/"

SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1"
SecFilterSelective ARGS "or 1=1--'"
SecFilterSelective ARGS "'.+--"

SecFilterSelective ARGS "into[[:space:]]+outfile"
SecFilterSelective ARGS "load[[:space:]]+data
SecFilterSelective ARGS "/\*.+\*/"

SecFilterSelective ARGS "<!--[[:space:]]*#[[:space:]]*exec"
SecFilterSelective ARGS "<!--[[:space:]]*#[[:space:]]*cmd"
SecFilterSelective ARGS "<!--[[:space:]]*#[[:space:]]*echo"
SecFilterSelective ARGS "<!--[[:space:]]*#[[:space:]]*include"
SecFilterSelective ARGS "<!--[[:space:]]*#[[:space:]]*printenv"

SecFilterDefaultAction "deny,log,status:400"
SecAuditEngine RelevantOnly
SecAuditLog logs/audit_log
</IfModule>

请教有什么好的办法绕过?
我想到是利用get形式提交数据

Reply all
Reply to author
Forward
0 new messages