0x1 前言
最近一段时间typecho出了不少漏洞xss等这里加个简单的Waf来防御,用的是360Webscan-0.1.3.4的规则,只针对未登入的用户进行拦截,因为我的博客实际情况就只有我一个用户
0x02 添加Waf
首先在/var/Widget/Login.php
加上下列代码
/** 登入设置Session **/
session_start();
$_SESSION['WAF'] = 1;
然后在/config.inc.php
加上包含waf文件的代码
/** 包含Waf文件 **/
session_start();
if(!$_SESSION['WAF']){
include_once '文件名.php';
}
然后就WAF文件本体,保存到网站根目录然后修改包含的文件名即可
<?php
//禁止直接访问
if (strtolower(basename(__FILE__)) == strtolower(basename($_SERVER['PHP_SELF']))) {
header('HTTP/1.0 403 Forbidden');
exit;
}
webscan_error();
//拦截开关(1为开启,0关闭)
$webscan_switch=1;
//提交方式拦截(1开启拦截,0关闭拦截,post,get,cookie,referre选择需要拦截的方式)
$webscan_post=1;
$webscan_get=1;
$webscan_cookie=1;
$webscan_referre=1;
//后台白名单,后台操作将不会拦截,添加"|"隔开
$adminurl=__TYPECHO_ADMIN_DIR__;
$webscan_white_directory=str_replace('/','\/',$adminurl);
//url白名单,可以自定义添加url白名单
$webscan_white_url = array();
//防护脚本版本号
define("WEBSCAN_VERSION", '0.1.3.4');
$getfilter = "\\<.+javascript:window\\[.{1}\\\\x|<.*=(&#\\d+?;?)+?>|<.*(data|src)=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\s*?\(.*\)|sleep\s*?\(.*\)|\\b(group_)?concat[\\s\\/\\*]*?\\([^\\)]+?\\)|\bcase[\s\/\*]*?when[\s\/\*]*?\([^\)]+?\)|load_file\s*?\\()|<[a-z]+?\\b[^>]*?\\bon([a-z]{4,})\s*?=|^\\+\\/v(8|9)|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)|UPDATE\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)@{0,2}(\\(.+\\)|\\s+?.+?\\s+?|(`|'|\").*?(`|'|\"))FROM(\\(.+\\)|\\s+?.+?|(`|'|\").*?(`|'|\"))|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
//post拦截规则
$postfilter = "<.*=(&#\\d+?;?)+?>|<.*data=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\s*?\(.*\)|sleep\s*?\(.*\)|\\b(group_)?concat[\\s\\/\\*]*?\\([^\\)]+?\\)|\bcase[\s\/\*]*?when[\s\/\*]*?\([^\)]+?\)|load_file\s*?\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover)\\b|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)|UPDATE\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?|(`|'|\").*?(`|'|\"))FROM(\\(.+\\)|\\s+?.+?|(`|'|\").*?(`|'|\"))|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
//cookie拦截规则
$cookiefilter = "benchmark\s*?\(.*\)|sleep\s*?\(.*\)|load_file\s*?\\(|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)|UPDATE\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)@{0,2}(\\(.+\\)|\\s+?.+?\\s+?|(`|'|\").*?(`|'|\"))FROM(\\(.+\\)|\\s+?.+?|(`|'|\").*?(`|'|\"))|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
//referer获取
$webscan_referer = empty($_SERVER['HTTP_REFERER']) ? array() : array('HTTP_REFERER'=>$_SERVER['HTTP_REFERER']);
/**
* 关闭用户错误提示
*/
function webscan_error() {
if (ini_get('display_errors')) {
ini_set('display_errors', '0');
}
}
/**
* 参数拆分
*/
function webscan_arr_foreach($arr) {
static $str;
static $keystr;
if (!is_array($arr)) {
return $arr;
}
foreach ($arr as $key => $val ) {
$keystr=$keystr.$key;
if (is_array($val)) {
webscan_arr_foreach($val);
} else {
$str[] = $val.$keystr;
}
}
return implode($str);
}
/**
* 防护提示页
*/
function webscan_pape(){
$pape1=<<<HTML
<!DOCTYPE html>
<html lang="zh-cn">
<script src="https://cdn.bootcss.com/jquery/2.0.2/jquery.min.js" type="text/javascript"></script>
<script src="https://static.runoob.com/assets/jquery/jquery.growl/javascripts/jquery.growl.js" type="text/javascript"></script>
<link href="https://static.runoob.com/assets/jquery/jquery.growl/stylesheets/jquery.growl.css" rel="stylesheet" type="text/css"/>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,minimum-scale=1.0,user-scalable=no">
<meta name="data-spm" content="a3c0e" />
<title>405</title>
<!-- aHR0cHM6Ly9ibG9nLm1vNjAuY24vaW5kZXgucGhwL2FyY2hpdmVzL1R5cGVjaG8tYWRkLXdhZi5odG1s -->
<style>
html, body, div, a, h2, p { margin: 0; padding: 0; }
a { text-decoration: none; color: #3b6ea3; }
.container { width: 1000px; margin: auto; color: #696969; }
.header { padding: 50px 0; }
.header .message { height: 36px; padding-left: 120px; background: url(https://errors.aliyun.com/images/TB1TpamHpXXXXaJXXXXeB7nYVXX-104-162.png) no-repeat 0 -128px; line-height: 36px; }
.main { padding: 50px 0; background: #f4f5f7; }
.main img { position: relative; left: 120px; }
.footer { margin-top: 30px; text-align: right; }
.footer a { padding: 8px 30px; border-radius: 10px; border: 1px solid #4babec; }
.footer a:hover { opacity: .8; }
.alert-shadow { display: none; position: absolute; top: 0; left: 0; width: 100%; height: 100%; background: #999; opacity: .5; }
.alert { display: none; position: absolute; top: 200px; left: 50%; width: 600px; margin-left: -300px; padding-bottom: 25px; border: 1px solid #ddd; box-shadow: 0 2px 2px 1px rgba(0, 0, 0, .1); background: #fff; font-size: 14px; color: #696969; }
.alert h2 { margin: 0 2px; padding: 10px 15px 5px 15px; font-size: 14px; font-weight: normal; border-bottom: 1px solid #ddd; }
.alert a { display: block; position: absolute; right: 10px; top: 8px; width: 30px; height: 20px; text-align: center; }
.alert p { padding: 20px 15px; }
</style>
</head>
<body data-spm="7663354">
<div data-spm="1998410538">
<div class="header">
<div class="container">
<div class="message">
很抱歉,由于您访问的URL有可能对网站造成安全威胁,您的访问被阻断。
<div>您的请求ID是: <strong id="reqid">
</strong></div>
</div>
</div>
</div>
<div class="main">
<div class="container">
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAApQAAAB1CAMAAADHloEAAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAwBQTFRF4u32aX2EVZvJ6fPt5ObooqiqkZiZzfPR19rcjpaXnqWm6Orsq7GygcXy7O7wmaChfcHv0vTVqK6wr9S5yc3P0+7YTKnoneOl5Ojtq9bzrbO09f325efqZoGO3uHjlZ2eYIuktNS+sba4gYqLipKT7O7y3N/hVdVhtNnzhI2OjuKXTajlvezCWdZly87QtOi70tXXuNvzg4uM4uTmUtVf1Ov72t3gcHp7fIWG2tzeUa7t6u3xpauswcXHvsPE4eTnvMHDc3x9z9LUV7DtxcnLWZW75+ruW5O2ms7xpqytdH1+tbq8uL2/xPHIub7A8/n+gd6LxsrM3uDistv3X4yorrO1zNDSU67tcr7wnKKkwcbHnrTBY7bvcXt85fLpgMPvn6anu8DCs7i60tbab3h5tLm7dn+Aho+Qt7y94+Xn0NTZaWlpTNNZ4+fss7S1////vL2+4eLkz9DRfHx8eoOEjo6PoaGieYKD8vT2hYWF2Nnbbnd4cnJy6+zu7vDy1dja3eDipKqrxsbIl5iYqqqrb3l6eIGC+/3/8/T2zOf66PD2d4CBn9L18vT37vDzbXh5a3p/8fP19PX3Tafk1tnb8vP20ub1T63sk8rxe8Hx7/Dy6ezw8vX1foeI8vP1e4SF6vH27/Hzj5eY6OvvZYOTl8zx8PL0sLW35unub7zw1NfZf4iJuem/6+3v8fL0v8TFsLa3t9331fXYztHTjJSVz+n6lcvx8PTz09bY6uzulJucl+KgkeSZ7/H0hMbyqrCxUNRdhIyN5OfsVa/tsre5p62vYoif6+7xf92J8PL18fL1yMvN2NvdiJCRc6rOiMjycYuZsNfz3vHjb4qYnqqv7PPww+P57vf9stjz8PH0a7rvleKe8PHzsOe34ePlk830udTC6uzvl56fkuGbq7GzluWdZ7jvveD4w8jJedyEk5qb5+/21NjdqOaw8/X35/T87fDz7e/y7O3v4vHm5entddt/5+nr7O3wv+/D7e/x2Nvg3+Lk4OPlS6vsbXd49PX3fsTrRwAAAQB0Uk5T////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AFP3ByUAABLnSURBVHja7J0NfBTlnccjL5EklLQ2INIonMQgtVCkNKTylgBKTTTotUiDUKBggEycnRd2yA67KLubdM8oEgQpIFKwBQVfi20V9agWaltKr3ft9a7XXu9quTtOvRfuvJzIZeeeZ95n9pmdmd2dTZh5/p+PYXf2mXXnt9/5P////3nZEsHS9h4/VV5aWn7f/F4BG7YiWonVC8Ou2pSWrX5cBRYqu6VSvz/f8LVVZe/Obm6YuvfJQGpwpKlnU+7W03TKFsrmmWmdNTVg7rJYb98LpW2aWhMrXwniXXxVOj87aQflO+YzyjF6lva5021mudZV/Q5D6dJG2kD5cuYpJzB80DqfH/XcwU79kYvnD6AkfvcLGMqCQlmJOmcrJlKoOLqwpbL0yMKpG7aobrLcQuOm5ucwlIWDciH6pPlBR/Li8UNdStg4sk869spka5VbN2AoCwVlqhF90saAMznsdJdOjZppMMeuqs8mc2l18KBsa5291Z3Nbm2zh3KulcZnAs3kpRqjGm0NgnCmJ/vNX1kROCjfvLR3izvbe+lNeyjftJK4LMhMVh/KCBrnjphu0yOtvf3JwEHpPmbZYA9ltaXEmy8Gl8m9qzL16J64wi5O6lkYNCin17o+sXa6LZRV1hIfDS6Uy1bkFr3XXBc0KB9EvJR6Xr25Ea8+aA9li7XCywLL5LyaHFPKzVtTgYfyTHnpofI5h0En/OL4svEn63KA8nprhVuC6yjX5lro2HhPwKFMnROzwaYTG+pehmPXXfXr3UPZbC1wYEfAK8bnXn5rfS7YUC6RA5/N+5XyWdN611DOsdZ36gBc6ujRowde7531uUMZGFeJhnIaQrqJO91CudNa388V9yqHfuauSR3QJt317NCBlLtz7oo8Riq2bgkylFsRgc/MkW6h7G20UvdAcZG8ekaHZj94bQCxfLJlZh5QTv5ZgKEcVboZkf2NH+USSmGV/YS3ItizUzqMNunvB85TNuTjKRvnBhbKJ7f0HUJCWdHrEspLVur2Fe8Cn3itI9P++P0BS77zgTK9alQwoUzRDafLN6LqZPWrWuoOu4ISPXMtnZ5dRCbv6kDZvxafyudeWX3fHfeMywvK0r5AQtl5piZLIW168yhXUF5ERlA9ncW7vtc60Pbpoqr8aktrWc2xppmN9Zs25wOlKdkMCpRTbUoW47a4gVI4inqP2uJd3rMdVlbEuDI1p6YpXRBb8UIQodxgNwjWOMcVlIjx765pxbu6v55iCeWkouXgIyp70gWytatTAYSy2bZ3OVTtCkph535TWaOIflK4usPaflukz/DCsXTBbO2yAHrKindtdWmqcgelcPicru/qPlXUAuUkhcB/ulMqVU6683W1XvnVotSAljSlC2iTW6oDB+WDDqawtLiEEqDeMl7cjuDAOw3FLWl8VmUyFPoEpHLGd0Ihlcp/szn70o4CfIQX16YLak3HZg8LGJS1Z+1laXANJbC9f/rAA9c9X+yL+7HC350hkUrIZOgzysH/sTm7vW5X3p/gnu50oa3r2MJgQTmszFaT+qO5QDkwpqY5Mz4BqZwC/16pDjnOeMIGyvaP8r2N/q8s7YG13ZdXTW1ee9FsXiGg7DxlP3/qonsoq0ccP3N+4Zn5PytuQDRUy2pEKj9lYLKj46/soGx//0JeH+DgVWlvbOvBPD7VmuJBuaYg2betqzxw3F1JqPrukScmqnFV18Tx46oKsC7P2c3+jx0mKo1MdnzSgap/yOdjzl/hEZTpq3qD4ykF4ZU3sxaFZp5KuYCyYvW7iCGdxvFz8813nN3sf6KvAE2BfvJThrrlJ528SR7O/dVWr5hMN1YFqE4pCHUn1zV2WVhT6TJ1GaI9lF8YblkN6Zlde3l4yvY1eYw2z097Z2XzggSl0DnvzJFzSxB27oi+57WDstbGTQz/fVFjyu/kFFO2f5RH8LZ3q4dQpps7gwSlQ8sOZec5+9LG9cXLvidBJq+ccmVIrlc6zL7b5+VTqhy20Uso91/CULqD8oGJTnRdV1fMOiXwkTMglR86rlO+/795/d/vTntqPh4Gl6Cc7H6UYNhkayjvcCqsx5Ne1BGd1+V+G0aWjkd0avPcKOWUt1Cuq/A5lMfu3vmAO9t59zFLKF3EUie9DSrVse/XP5R67Rkfflod+/5vj6Ut9xbKmTt9DmVX94GN7uxAd5cVlJVupB3u6dVlmyX0R6+lne4tlOn1PoeykPtTVrp7A0+pHND5lN0eQzkSQ+kUytNu38HTJHwgZ557DWUZhtIhlMvcv4Wnu2UM4Bodr6Gsx1DaZioilMNymU79qofXN4CrGQ94DOUm30I5PE9lZhuhXGfZ8Nprr7VcOOrlBQ7cuu9SV0Jm0cfCun0L5fEj12eze++9N9vLLx6Zb4ASXS/e/qMhN/VDu2nIj7ajGni7lGygdsgY6ZQuoM+YrPoErfsWOq3svZtXLhWl+uHKm9+zbCUYoEQt29u+SFJcsjGLELLv9/YSh179A/1eQr8t0jrGFodI2uuDtnf8imTf+lXDkb/+8Kuf79ZJtfvnv0K2Gr7qjgodlHMR0k14rN9oj03IbOT1RKyhz8q7rs348We/Wixtd3Y5QevLNznQB2lLfMpk6msrNiMNIRW64YrmlAZl5mLSR2/tz7RbHzU3O1uMix09evQTxRR3lINVeA71QZpfl9tW9eQtlbqTZwliP8pHh/SjbEjGW/lxk/lUgz2TTvVBzUn16TShupoCSFVTq0A5O+M1HdwL9izQAW5ueMSP8l6y3Ybg1n603eoAyvKDvmSyorUgUpVXyFBmDPZOUIl8aXEoFFr80nLlwIQgjE6kmm24mtBvZQ7iSn/+wGXvfTMLItWK9eIcr5K+jLxSyXEWLA5JtvgZJUQ15ZhdOS2F2fXg4FZ43svZ8+7HLJV+zDYHb33Vl1BO7SmQVJvEFY4lU83HFynnvRQKPfxM//KHQ6HvKocWmdrmssf8qPfbB7nE57Puj7Go39oW2e2U4U9HWbuuYFKdhXlKibkut12pvy0ATIoPAJVKBz7GxPdq159/x4b29sEOZW+2UdztY7IoPcbGVY7r9SOTo1oLKFX5KADlSXMFTjlrTygkJTnLQ6E9ysEv51l0O/hR++CHUqg4lKVCiRD4K39noY+5cO7PaefNXQWUauYdAErzTOshOiilB8/ooBxibHy72297zWBfUS8XOCx/yTeNqHF87Otq1D0kG5PTR/iSyWk9BZWq+6hQYv4trTFaNUhG8dehxZrTNflal5+/etDvPSLbdZZ7joxBCB0KfQmtj8GOTfMlk9WTCyzV2b4S0yDjFRlv9A9KbCnaFYbWrn+s8Q9rLgtPCXz6SXSfdAVS6D+7Ba2PYVZVrS+ZtP6Fm5yl2lpimpt5rfmNQJrzku6pYabWKveXcPH9yyCmhHZ4PrIypOrzz19aihC632om28Zmv/5EY5vltL4cpUp3lwjCiNt1e0l/K5PJh/XPv6XN8j1xJpdr+N2IywNKQfivuesyf3xN0Wf534Q+f0um0Dp99BOi207P8+3WGJa7/OQklVg4k5ZD1J1fUlmzv21thqdcbmJSxLux/mzl9VW57iG1q+4ygVJIPV87Z/WLJ+p7ujX7pZJFAoWB1Gah+38pttqkWs/+yubVVX0+3q3l5U0WS2d/YSPVLyzO6y4zb3BVYnaU/2E8UIBNVndcznMSSvTx0ef/wix0f4mALW+pMl5ZamDw16FrDM+XBl7qpXqpQ2ahsT6FkCoDyo8bIPyuqff+eOCV1vT5869nCI31KYhUGVBe05/Nrgm80jp9gNQmobE+BZEqA8qHdmdhcvdDgVf6PZ0+H/uXW7A+HkiVGW1+MUv3/UWstFEfk2F9CiJVJpQPLbCEcgF2BCZ9jIb1KYxUiLz8Rv0Y48N7dM9uxDoD+1tLpbE+hZEKVSz6nsUbfQ+rLNo3sD7eSoWC8pGVyDda+QgWWbTOPVgfT6VCltUfQQH+Daw51qc4UlmM9dxoDlEX4HhJb3/5Q6yPd1JZDUB+89v6utIt3/4mVtekz26sj1dSWY+KP6RslbV05c241IH1KaJUNrNaHn/8cawp1qfIUuGpVtgGnWEosWEosWHDUGLDUGLD5g8o+QhvfM4yyHZUOKZvJQiRKP4KMZSFMiaqx47kjK+SrP5JRHlEs7xAiAZP5qO8EE7irxBDWQhjCc0ogdM9oxnxHy5MooilTf4zzsbCFP4KMZQFsliU1j2jo7pemaAFRgFWxy/0jJRgdIwkH46LdOLvEUOZvyUN/TV0jBFOgzKSAKBFEH07pYs9Sc3B4j4cQ5m/xdm4FhtKQaPaERN0MgLYIxOZUNIsrXAoH4tCSDkSf48YyryzHEIkkAyLfThHkEYogSNNCglwkCIM0SfNsnIOrvX7NK07FRuGMlcjiSilskVHiAgZVoNICUoQZIo+UGB0npKKcmYoSY4E7SIM/h4xlPkZFWXCYcX/kfEwz5k8JU8KHCuFlFxCgjIOUyGGMUEZA+k4E6UNSVOOtmMHZiHgMWWY0rNlgBLkLwlOiBNx9SUIpYSjGcokjDv5GBHL8+P03vDUW289dcNPMQ4YSgSUJMGJLxERlreFkmJFGpm8RnV2/ee+sffLNnbfhV0YCQylSJ5ajZTSaCoCHgA8AXJchOMi4L+EHkpSOpEjeDGsjCRy/RipN2Z9cL/JPpi1LYWxCCKULAniQUKp5HDGOiPDJmjxH0AuKbeJs+pfkmAlpyqnQhyXc+99v4Xh+DKIUA4SG4tmcqyuCc86yKKYrKlWXC4OJHmMWw5QxiKaz4qjv4044aNKtdZ33zZLiywNUAqsLjjgNX1oLqxvZJ5QoleJUZI2lg44bIpmcZsxOAnKcCQmi6nphtaQkVqQvigN3qbEkfDX6XbsU6B82njBmoOj9cX8MBRXnEUCHxi1ovTPZckEA8b+N8PIh3ST8qzEGU1QDqCMReSRZv1UsDArhA0JiKYwTURiPoLyDfHZDuXpbXJ3SxgHlBQxSUJUJyyJkYxqbRhLKNnMNn43Rq+BTCEdTTiHEqQdCc7gBCiCoWPGt2TU1yOEP276p2QK/1162jtLwvIpuQ9mze1RUMJ5oaw+pKHE8VHxDbRvh46S0FMyRHCG6UEXQwmxMAVilyRlpNAhlAIDx6F1X4Mkq5FzVWFzCHW5mthhj511QTuyTQclJaqRFO/3ZMwCSrGRAcpEQlaPEW9dcTITC3oujgtTRIAGRBkiwcIUhKB58IfSpnUxQMcwB0VxlOg4g5L3C5PCLBhP7so4tE8nAS1OqeOlrsEcUwIxxOnIBigjiqdUUiQ54uGhpxSCBCUfpZJhIcwBrFSCeMeeEoaOfCaUkvhRCUrIOcdxCeU7YX0C5TbjoZ+AQ7MUCeCcOgZ6tyRr4Sn5CAyuWYVSkV8e1lBhohhTodTN/SQCFFOSEXCHMgT4I4XksDOGjxx234wUBGmxuAglJYMKHyg3eSLqn9v9BkDgTzKhfFvNVkAkCOmLRSnLmBJ6UtFTJqT+IxkVcyTAIY+K+IPkKWlaLE2EgRKicFAqLiq4hZIVb3UaBaXSwYdj/tHtQqanfBscukHtLOJATxiws9aJTpyICSKzcg0zCR+zBKd11bCVWh+JBAlKIRER9YpJBMn3cNS2yzBCGREfxqyg1EpP/lgVA9OasYaY8jBMdOTEhwI3NVQ1mmQpdJ1SzPoIJib2Lay+bkbpFAKtkgBksa5EhgMFJRsVgxu5+4bhdjQuC0WyDqGEsxflFAcBJRMm5I6I9kkWKebaY7WZQT99WxzW2aalfaJvVBwl0lMCPxAXb2OtO4mBFIfUJIoDgCGUjBAOGJRUFPQhVBRE2JI4SZYHUrmBkialHkhqrSU6MpTJKJTWX1D+Bj32/YZW2xFnhLBq6ij6Pz2UHBxY4GAHE1N9Ix2BKY4y0kiCrhx230GEEpbBAINAGtmtcdDtuYCSZllJV0m3jJIQn+B15XN/QNmJhlL+HeQoaS6UUVKNQgclw/HgFiX1NyoZjdBSY3GZBpmQo6Hgdd8cQceJJOjBEwmlG4nGSdIxlHEiGgZyxpQ+HF2nZHzmKdUhHYMptXMiaR68ldYIGbtvECmxEna07BiVGRx8hFBXBFO6SDQ4UFJCjKKgQxNXCpJiQTHqHMoESBd5qcORFmAHA8pdiMlrYzvlwDCDH1kg6PtIDo7iQj1iESAGDzJKkUU+rN8ViUxqPlY+EpzsWz/+T8M+mCQinFSasCt0yxMyQPzEw7VaYaVr1qCkSVIJlxjfTSvYlgmlkuZEMqY/quVwODke9NtixYgWa0AkafcNBa5Oqc04Y6Rl+spcCtlTRm09pehPwZvwysJ+UlMxQii1ybjqKX2zUcoFM5MXBGzemhSrM0knUAbUjFS+tQ1DM/CGN019QxdXfoBX2WIoB4Wl1Cnn+/A6RgzlYLHfPC2ugjiMlcBQDh7bse3pp7fhhbWDxf5fgAEA+gaSVA6ENCcAAAAASUVORK5CYII=" alt="图片Base64编码" style="max-width:90%; max-height:2000px;"/>
</div>
</div>
</div>
<div id="alertShadow" class="alert-shadow"></div>
</body>
<div class="footer">
<div class="container">
<a onclick="javascript:history.back(-1);" >返回上一页</a>
</div>
</div>
</div>
<script>
function randomString() {
let len = 32;
let chars ='abcdefg0123456789';
let maxPos = chars.length;
let character = '';
for (let i = 0; i < len; i++) {
character += chars.charAt(Math.floor(Math.random() * maxPos))
}
return character;
}
document.getElementById("reqid").innerHTML=randomString();
</script>
</html>
HTML;
echo $pape1;
}
/**
* 攻击检查拦截
*/
function webscan_StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq,$method) {
$StrFiltValue=webscan_arr_foreach($StrFiltValue);
if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){
exit(webscan_pape());
}
if (preg_match("/".$ArrFiltReq."/is",$StrFiltKey)==1){
exit(webscan_pape());
}
}
/**
* 拦截目录白名单
*/
function webscan_white($webscan_white_name,$webscan_white_url=array()) {
$url_path=$_SERVER['SCRIPT_NAME'];
$url_var=$_SERVER['QUERY_STRING'];
if (@preg_match("/".$webscan_white_name."/is",$url_path)==1&&!empty($webscan_white_name)) {
return false;
}
foreach ($webscan_white_url as $key => $value) {
if(!empty($url_var)&&!empty($value)){
if (stristr($url_path,$key)&&stristr($url_var,$value)) {
return false;
}
}
elseif (empty($url_var)&&empty($value)) {
if (stristr($url_path,$key)) {
return false;
}
}
}
return true;
}
if ($webscan_switch&&webscan_white($webscan_white_directory,$webscan_white_url)) {
if ($webscan_get) {
foreach($_GET as $key=>$value) {
webscan_StopAttack($key,$value,$getfilter,"GET");
}
}
if ($webscan_post) {
foreach($_POST as $key=>$value) {
webscan_StopAttack($key,$value,$postfilter,"POST");
}
}
if ($webscan_cookie) {
foreach($_COOKIE as $key=>$value) {
webscan_StopAttack($key,$value,$cookiefilter,"COOKIE");
}
}
if ($webscan_referre) {
foreach($webscan_referer as $key=>$value) {
webscan_StopAttack($key,$value,$postfilter,"REFERRER");
}
}
}
?>