Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import os
- import sys
- sys.path.insert(0, 'ModSecurity.cpython-35m-x86_64-linux-gnu.so')
- from ModSecurity import Rules
- from ModSecurity import ModSecurity
- from ModSecurity import Transaction
- from ModSecurity import ModSecurityIntervention
- from os import listdir
- from os.path import isfile, join
- rule_files = [f for f in listdir('rules/') if isfile(join('rules/', f))]
- modsec = ModSecurity()
- rules = Rules()
- request = {
- "method": "GET",
- "source_ip": "42.114.255.46",
- "url": "/docs/index.html?a=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&q=test",
- "http_version": "HTTP/1.1",
- "headers": {
- "accept-encoding": "gzip, deflate",
- "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
- "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
- "cookie": "cart=18",
- "host": "35.201.157.47",
- "upgrade-insecure-requests": "1",
- "connection": "keep-alive",
- "purpose": "prefetch",
- "accept-language": "en-US,en;q=0.9"
- },
- "source_port": "24671",
- "protocol": "tcp",
- "params": {
- "id": "<script>alert(1)</script>"
- },
- "body": ""
- }
- for f in rule_files:
- filename, file_extension = os.path.splitext('rules/' + f)
- if file_extension == '.conf':
- count = rules.loadFromUri('rules/' + f)
- def filter_request(request):
- transaction = Transaction(modsec, rules, None)
- transaction.processURI(
- request['url'], request['method'], request['http_version'])
- for key, value in request['headers'].items():
- transaction.addRequestHeader(key, value)
- transaction.processRequestHeaders()
- transaction.appendRequestBody(request['body'])
- transaction.processRequestBody()
- run_intervention(transaction)
- def run_intervention(transaction):
- intervention = ModSecurityIntervention()
- if transaction.intervention(intervention):
- print('Bad request')
- print('Good request')
- filter_request(request)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement