UNPKG

onguard

Version:

RegExp attack-defense & IP-blacklisting for ExpressJS and HarperDB

github.com/geekhunger/onguard

geekhunger/onguard

66 lines (62 loc) 1.78 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
const Attack = require("./attack") let collection = module.exports = new Map() collection.set("SQLInjection", new Attack([ "' or '1'='1", "or 'x'='x'", "or 1=1", '" or "1"="1', '" or ""=""', "' or ''=''", "DROP TABLE", "INSERT INTO", ])) collection.set("ReflectedXSS", new Attack([ "<script", "\\x3cscript", "%3cscript", "alert(", "onclick=", "onerror=", "onkeydown=", "onkeypress=", "onkeyup=", "onmouseout=", "onmouseover=", "onload=", "document.cookie", ".addeventlistener", "javascript:", "jav&#x0D;ascript:", "java\0script", ])) collection.set("PathTraversal", new Attack([ "\\windows\\system32\\drivers\\etc\\hosts", "Windows\\System32\\cmd.exe", "Windows/System32/cmd.exe", "/wp-includes", "/.git", "/node_modules", "/cgi-bin", "/var/opt", "/bin/sh", "/etc/issue", "/etc/shadow", "/etc/hosts", "/etc/passwd", "c+dir+c:\\", "/stalker_portal", "microsoft.exchange.ediscovery.exporttool.application", "Autodiscover.xml", "?XDEBUG_SESSION_START=phpstorm", /\.+[\/\\]+/, // ./ | ..\\ | ./////\/\/ | ..// /[\/\\]{2,}/, // \\\ | //// | // /\.*%\d+[a-z]*\.*/i, // ..%00 | %2C. | ..%3fac /%+[a-z]%+/i, // %unfeudalize% /\w+.php/i, // config.inc.php | xmlrpc.php | index.php?filter= | PHP/eval-stdin.php | wp-login.php /\/owa\/auth\/\w+\.(js|aspx)/i, // /owa/logon/x.js /\.aspx\?[a-z]+=/i, /\.well\-known\/.*\/?[a-z]+\.txt$/i, /\/\.[\da-z\-_]+$/i, // /.env | /.hidden | /sitemap//.secret /invoke[\-_]?fun|function|[\W]*call[\W]\w+/i, // invokefunction | &function=call_user_func_array /&?[a-z]+(\[\d*\])+=/i, // &vars[1][]=HelloThinkPHP21 | &vars[0]=md5 ]))