0x1 前言

最近一段时间typecho出了不少漏洞xss等这里加个简单的Waf来防御,用的是360Webscan-0.1.3.4的规则,只针对未登入的用户进行拦截,因为我的博客实际情况就只有我一个用户

0x02 添加Waf

首先在/var/Widget/Login.php 加上下列代码

/** 登入设置Session **/ session_start(); $_SESSION['WAF'] = 1;

52265-6i6pau77o3e.png

然后在/config.inc.php加上包含waf文件的代码

/** 包含Waf文件 **/ session_start(); if(!$_SESSION['WAF']){ include_once '文件名.php'; }

46311-rqnixr86r5q.png

然后就WAF文件本体,保存到网站根目录然后修改包含的文件名即可

<?php //禁止直接访问 if (strtolower(basename(__FILE__)) == strtolower(basename($_SERVER['PHP_SELF']))) { header('HTTP/1.0 403 Forbidden'); exit; } webscan_error(); //拦截开关(1为开启,0关闭) $webscan_switch=1; //提交方式拦截(1开启拦截,0关闭拦截,post,get,cookie,referre选择需要拦截的方式) $webscan_post=1; $webscan_get=1; $webscan_cookie=1; $webscan_referre=1; //后台白名单,后台操作将不会拦截,添加"|"隔开 $adminurl=__TYPECHO_ADMIN_DIR__; $webscan_white_directory=str_replace('/','\/',$adminurl); //url白名单,可以自定义添加url白名单 $webscan_white_url = array(); //防护脚本版本号 define("WEBSCAN_VERSION", '0.1.3.4'); $getfilter = "\\<.+javascript:window\\[.{1}\\\\x|<.*=(&#\\d+?;?)+?>|<.*(data|src)=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\s*?\(.*\)|sleep\s*?\(.*\)|\\b(group_)?concat[\\s\\/\\*]*?\\([^\\)]+?\\)|\bcase[\s\/\*]*?when[\s\/\*]*?\([^\)]+?\)|load_file\s*?\\()|<[a-z]+?\\b[^>]*?\\bon([a-z]{4,})\s*?=|^\\+\\/v(8|9)|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)|UPDATE\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)@{0,2}(\\(.+\\)|\\s+?.+?\\s+?|(`|'|\").*?(`|'|\"))FROM(\\(.+\\)|\\s+?.+?|(`|'|\").*?(`|'|\"))|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"; //post拦截规则 $postfilter = "<.*=(&#\\d+?;?)+?>|<.*data=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\s*?\(.*\)|sleep\s*?\(.*\)|\\b(group_)?concat[\\s\\/\\*]*?\\([^\\)]+?\\)|\bcase[\s\/\*]*?when[\s\/\*]*?\([^\)]+?\)|load_file\s*?\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover)\\b|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)|UPDATE\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?|(`|'|\").*?(`|'|\"))FROM(\\(.+\\)|\\s+?.+?|(`|'|\").*?(`|'|\"))|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"; //cookie拦截规则 $cookiefilter = "benchmark\s*?\(.*\)|sleep\s*?\(.*\)|load_file\s*?\\(|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)|UPDATE\s*(\(.+\)\s*|@{1,2}.+?\s*|\s+?.+?|(`|'|\").*?(`|'|\")\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)@{0,2}(\\(.+\\)|\\s+?.+?\\s+?|(`|'|\").*?(`|'|\"))FROM(\\(.+\\)|\\s+?.+?|(`|'|\").*?(`|'|\"))|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"; //referer获取 $webscan_referer = empty($_SERVER['HTTP_REFERER']) ? array() : array('HTTP_REFERER'=>$_SERVER['HTTP_REFERER']); /** * 关闭用户错误提示 */ function webscan_error() { if (ini_get('display_errors')) { ini_set('display_errors', '0'); } } /** * 参数拆分 */ function webscan_arr_foreach($arr) { static $str; static $keystr; if (!is_array($arr)) { return $arr; } foreach ($arr as $key => $val ) { $keystr=$keystr.$key; if (is_array($val)) { webscan_arr_foreach($val); } else { $str[] = $val.$keystr; } } return implode($str); } /** * 防护提示页 */ function webscan_pape(){ $pape1=<<<HTML <!DOCTYPE html> <html lang="zh-cn"> <script src="https://cdn.bootcss.com/jquery/2.0.2/jquery.min.js" type="text/javascript"></script> <script src="https://static.runoob.com/assets/jquery/jquery.growl/javascripts/jquery.growl.js" type="text/javascript"></script> <link href="https://static.runoob.com/assets/jquery/jquery.growl/stylesheets/jquery.growl.css" rel="stylesheet" type="text/css"/> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,minimum-scale=1.0,user-scalable=no"> <meta name="data-spm" content="a3c0e" /> <title>405</title> <!-- aHR0cHM6Ly9ibG9nLm1vNjAuY24vaW5kZXgucGhwL2FyY2hpdmVzL1R5cGVjaG8tYWRkLXdhZi5odG1s --> <style> html, body, div, a, h2, p { margin: 0; padding: 0; } a { text-decoration: none; color: #3b6ea3; } .container { width: 1000px; margin: auto; color: #696969; } .header { padding: 50px 0; } .header .message { height: 36px; padding-left: 120px; background: url(https://errors.aliyun.com/images/TB1TpamHpXXXXaJXXXXeB7nYVXX-104-162.png) no-repeat 0 -128px; line-height: 36px; } .main { padding: 50px 0; background: #f4f5f7; } .main img { position: relative; left: 120px; } .footer { margin-top: 30px; text-align: right; } .footer a { padding: 8px 30px; border-radius: 10px; border: 1px solid #4babec; } .footer a:hover { opacity: .8; } .alert-shadow { display: none; position: absolute; top: 0; left: 0; width: 100%; height: 100%; background: #999; opacity: .5; } .alert { display: none; position: absolute; top: 200px; left: 50%; width: 600px; margin-left: -300px; padding-bottom: 25px; border: 1px solid #ddd; box-shadow: 0 2px 2px 1px rgba(0, 0, 0, .1); background: #fff; font-size: 14px; color: #696969; } .alert h2 { margin: 0 2px; padding: 10px 15px 5px 15px; font-size: 14px; font-weight: normal; border-bottom: 1px solid #ddd; } .alert a { display: block; position: absolute; right: 10px; top: 8px; width: 30px; height: 20px; text-align: center; } .alert p { padding: 20px 15px; } </style> </head> <body data-spm="7663354"> <div data-spm="1998410538"> <div class="header"> <div class="container"> <div class="message"> 很抱歉,由于您访问的URL有可能对网站造成安全威胁,您的访问被阻断 <div>您的请求ID是: <strong id="reqid"> </strong></div> </div> </div> </div> <div class="main"> <div class="container"> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAApQAAAB1CAMAAADHloEAAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAwBQTFRF4u32aX2EVZvJ6fPt5ObooqiqkZiZzfPR19rcjpaXnqWm6Orsq7GygcXy7O7wmaChfcHv0vTVqK6wr9S5yc3P0+7YTKnoneOl5Ojtq9bzrbO09f325efqZoGO3uHjlZ2eYIuktNS+sba4gYqLipKT7O7y3N/hVdVhtNnzhI2OjuKXTajlvezCWdZly87QtOi70tXXuNvzg4uM4uTmUtVf1Ov72t3gcHp7fIWG2tzeUa7t6u3xpauswcXHvsPE4eTnvMHDc3x9z9LUV7DtxcnLWZW75+ruW5O2ms7xpqytdH1+tbq8uL2/xPHIub7A8/n+gd6LxsrM3uDistv3X4yorrO1zNDSU67tcr7wnKKkwcbHnrTBY7bvcXt85fLpgMPvn6anu8DCs7i60tbab3h5tLm7dn+Aho+Qt7y94+Xn0NTZaWlpTNNZ4+fss7S1////vL2+4eLkz9DRfHx8eoOEjo6PoaGieYKD8vT2hYWF2Nnbbnd4cnJy6+zu7vDy1dja3eDipKqrxsbIl5iYqqqrb3l6eIGC+/3/8/T2zOf66PD2d4CBn9L18vT37vDzbXh5a3p/8fP19PX3Tafk1tnb8vP20ub1T63sk8rxe8Hx7/Dy6ezw8vX1foeI8vP1e4SF6vH27/Hzj5eY6OvvZYOTl8zx8PL0sLW35unub7zw1NfZf4iJuem/6+3v8fL0v8TFsLa3t9331fXYztHTjJSVz+n6lcvx8PTz09bY6uzulJucl+KgkeSZ7/H0hMbyqrCxUNRdhIyN5OfsVa/tsre5p62vYoif6+7xf92J8PL18fL1yMvN2NvdiJCRc6rOiMjycYuZsNfz3vHjb4qYnqqv7PPww+P57vf9stjz8PH0a7rvleKe8PHzsOe34ePlk830udTC6uzvl56fkuGbq7GzluWdZ7jvveD4w8jJedyEk5qb5+/21NjdqOaw8/X35/T87fDz7e/y7O3v4vHm5entddt/5+nr7O3wv+/D7e/x2Nvg3+Lk4OPlS6vsbXd49PX3fsTrRwAAAQB0Uk5T////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AFP3ByUAABLnSURBVHja7J0NfBTlnccjL5EklLQ2INIonMQgtVCkNKTylgBKTTTotUiDUKBggEycnRd2yA67KLubdM8oEgQpIFKwBQVfi20V9agWaltKr3ft9a7XXu9quTtOvRfuvJzIZeeeZ95n9pmdmd2dTZh5/p+PYXf2mXXnt9/5P////3nZEsHS9h4/VV5aWn7f/F4BG7YiWonVC8Ou2pSWrX5cBRYqu6VSvz/f8LVVZe/Obm6YuvfJQGpwpKlnU+7W03TKFsrmmWmdNTVg7rJYb98LpW2aWhMrXwniXXxVOj87aQflO+YzyjF6lva5021mudZV/Q5D6dJG2kD5cuYpJzB80DqfH/XcwU79kYvnD6AkfvcLGMqCQlmJOmcrJlKoOLqwpbL0yMKpG7aobrLcQuOm5ucwlIWDciH6pPlBR/Li8UNdStg4sk869spka5VbN2AoCwVlqhF90saAMznsdJdOjZppMMeuqs8mc2l18KBsa5291Z3Nbm2zh3KulcZnAs3kpRqjGm0NgnCmJ/vNX1kROCjfvLR3izvbe+lNeyjftJK4LMhMVh/KCBrnjphu0yOtvf3JwEHpPmbZYA9ltaXEmy8Gl8m9qzL16J64wi5O6lkYNCin17o+sXa6LZRV1hIfDS6Uy1bkFr3XXBc0KB9EvJR6Xr25Ea8+aA9li7XCywLL5LyaHFPKzVtTgYfyTHnpofI5h0En/OL4svEn63KA8nprhVuC6yjX5lro2HhPwKFMnROzwaYTG+pehmPXXfXr3UPZbC1wYEfAK8bnXn5rfS7YUC6RA5/N+5XyWdN611DOsdZ36gBc6ujRowde7531uUMZGFeJhnIaQrqJO91CudNa388V9yqHfuauSR3QJt317NCBlLtz7oo8Riq2bgkylFsRgc/MkW6h7G20UvdAcZG8ekaHZj94bQCxfLJlZh5QTv5ZgKEcVboZkf2NH+USSmGV/YS3ItizUzqMNunvB85TNuTjKRvnBhbKJ7f0HUJCWdHrEspLVur2Fe8Cn3itI9P++P0BS77zgTK9alQwoUzRDafLN6LqZPWrWuoOu4ISPXMtnZ5dRCbv6kDZvxafyudeWX3fHfeMywvK0r5AQtl5piZLIW168yhXUF5ERlA9ncW7vtc60Pbpoqr8aktrWc2xppmN9Zs25wOlKdkMCpRTbUoW47a4gVI4inqP2uJd3rMdVlbEuDI1p6YpXRBb8UIQodxgNwjWOMcVlIjx765pxbu6v55iCeWkouXgIyp70gWytatTAYSy2bZ3OVTtCkph535TWaOIflK4usPaflukz/DCsXTBbO2yAHrKindtdWmqcgelcPicru/qPlXUAuUkhcB/ulMqVU6683W1XvnVotSAljSlC2iTW6oDB+WDDqawtLiEEqDeMl7cjuDAOw3FLWl8VmUyFPoEpHLGd0Ihlcp/szn70o4CfIQX16YLak3HZg8LGJS1Z+1laXANJbC9f/rAA9c9X+yL+7HC350hkUrIZOgzysH/sTm7vW5X3p/gnu50oa3r2MJgQTmszFaT+qO5QDkwpqY5Mz4BqZwC/16pDjnOeMIGyvaP8r2N/q8s7YG13ZdXTW1ee9FsXiGg7DxlP3/qonsoq0ccP3N+4Zn5PytuQDRUy2pEKj9lYLKj46/soGx//0JeH+DgVWlvbOvBPD7VmuJBuaYg2betqzxw3F1JqPrukScmqnFV18Tx46oKsC7P2c3+jx0mKo1MdnzSgap/yOdjzl/hEZTpq3qD4ykF4ZU3sxaFZp5KuYCyYvW7iCGdxvFz8813nN3sf6KvAE2BfvJThrrlJ528SR7O/dVWr5hMN1YFqE4pCHUn1zV2WVhT6TJ1GaI9lF8YblkN6Zlde3l4yvY1eYw2z097Z2XzggSl0DnvzJFzSxB27oi+57WDstbGTQz/fVFjyu/kFFO2f5RH8LZ3q4dQpps7gwSlQ8sOZec5+9LG9cXLvidBJq+ccmVIrlc6zL7b5+VTqhy20Uso91/CULqD8oGJTnRdV1fMOiXwkTMglR86rlO+/795/d/vTntqPh4Gl6Cc7H6UYNhkayjvcCqsx5Ne1BGd1+V+G0aWjkd0avPcKOWUt1Cuq/A5lMfu3vmAO9t59zFLKF3EUie9DSrVse/XP5R67Rkfflod+/5vj6Ut9xbKmTt9DmVX94GN7uxAd5cVlJVupB3u6dVlmyX0R6+lne4tlOn1PoeykPtTVrp7A0+pHND5lN0eQzkSQ+kUytNu38HTJHwgZ557DWUZhtIhlMvcv4Wnu2UM4Bodr6Gsx1DaZioilMNymU79qofXN4CrGQ94DOUm30I5PE9lZhuhXGfZ8Nprr7VcOOrlBQ7cuu9SV0Jm0cfCun0L5fEj12eze++9N9vLLx6Zb4ASXS/e/qMhN/VDu2nIj7ajGni7lGygdsgY6ZQuoM+YrPoErfsWOq3svZtXLhWl+uHKm9+zbCUYoEQt29u+SFJcsjGLELLv9/YSh179A/1eQr8t0jrGFodI2uuDtnf8imTf+lXDkb/+8Kuf79ZJtfvnv0K2Gr7qjgodlHMR0k14rN9oj03IbOT1RKyhz8q7rs348We/Wixtd3Y5QevLNznQB2lLfMpk6msrNiMNIRW64YrmlAZl5mLSR2/tz7RbHzU3O1uMix09evQTxRR3lINVeA71QZpfl9tW9eQtlbqTZwliP8pHh/SjbEjGW/lxk/lUgz2TTvVBzUn16TShupoCSFVTq0A5O+M1HdwL9izQAW5ueMSP8l6y3Ybg1n603eoAyvKDvmSyorUgUpVXyFBmDPZOUIl8aXEoFFr80nLlwIQgjE6kmm24mtBvZQ7iSn/+wGXvfTMLItWK9eIcr5K+jLxSyXEWLA5JtvgZJUQ15ZhdOS2F2fXg4FZ43svZ8+7HLJV+zDYHb33Vl1BO7SmQVJvEFY4lU83HFynnvRQKPfxM//KHQ6HvKocWmdrmssf8qPfbB7nE57Puj7Go39oW2e2U4U9HWbuuYFKdhXlKibkut12pvy0ATIoPAJVKBz7GxPdq159/x4b29sEOZW+2UdztY7IoPcbGVY7r9SOTo1oLKFX5KADlSXMFTjlrTygkJTnLQ6E9ysEv51l0O/hR++CHUqg4lKVCiRD4K39noY+5cO7PaefNXQWUauYdAErzTOshOiilB8/ooBxibHy72297zWBfUS8XOCx/yTeNqHF87Otq1D0kG5PTR/iSyWk9BZWq+6hQYv4trTFaNUhG8dehxZrTNflal5+/etDvPSLbdZZ7joxBCB0KfQmtj8GOTfMlk9WTCyzV2b4S0yDjFRlv9A9KbCnaFYbWrn+s8Q9rLgtPCXz6SXSfdAVS6D+7Ba2PYVZVrS+ZtP6Fm5yl2lpimpt5rfmNQJrzku6pYabWKveXcPH9yyCmhHZ4PrIypOrzz19aihC632om28Zmv/5EY5vltL4cpUp3lwjCiNt1e0l/K5PJh/XPv6XN8j1xJpdr+N2IywNKQfivuesyf3xN0Wf534Q+f0um0Dp99BOi207P8+3WGJa7/OQklVg4k5ZD1J1fUlmzv21thqdcbmJSxLux/mzl9VW57iG1q+4ygVJIPV87Z/WLJ+p7ujX7pZJFAoWB1Gah+38pttqkWs/+yubVVX0+3q3l5U0WS2d/YSPVLyzO6y4zb3BVYnaU/2E8UIBNVndcznMSSvTx0ef/wix0f4mALW+pMl5ZamDw16FrDM+XBl7qpXqpQ2ahsT6FkCoDyo8bIPyuqff+eOCV1vT5869nCI31KYhUGVBe05/Nrgm80jp9gNQmobE+BZEqA8qHdmdhcvdDgVf6PZ0+H/uXW7A+HkiVGW1+MUv3/UWstFEfk2F9CiJVJpQPLbCEcgF2BCZ9jIb1KYxUiLz8Rv0Y48N7dM9uxDoD+1tLpbE+hZEKVSz6nsUbfQ+rLNo3sD7eSoWC8pGVyDda+QgWWbTOPVgfT6VCltUfQQH+Daw51qc4UlmM9dxoDlEX4HhJb3/5Q6yPd1JZDUB+89v6utIt3/4mVtekz26sj1dSWY+KP6RslbV05c241IH1KaJUNrNaHn/8cawp1qfIUuGpVtgGnWEosWEosWHDUGLDUGLD5g8o+QhvfM4yyHZUOKZvJQiRKP4KMZSFMiaqx47kjK+SrP5JRHlEs7xAiAZP5qO8EE7irxBDWQhjCc0ogdM9oxnxHy5MooilTf4zzsbCFP4KMZQFsliU1j2jo7pemaAFRgFWxy/0jJRgdIwkH46LdOLvEUOZvyUN/TV0jBFOgzKSAKBFEH07pYs9Sc3B4j4cQ5m/xdm4FhtKQaPaERN0MgLYIxOZUNIsrXAoH4tCSDkSf48YyryzHEIkkAyLfThHkEYogSNNCglwkCIM0SfNsnIOrvX7NK07FRuGMlcjiSilskVHiAgZVoNICUoQZIo+UGB0npKKcmYoSY4E7SIM/h4xlPkZFWXCYcX/kfEwz5k8JU8KHCuFlFxCgjIOUyGGMUEZA+k4E6UNSVOOtmMHZiHgMWWY0rNlgBLkLwlOiBNx9SUIpYSjGcokjDv5GBHL8+P03vDUW289dcNPMQ4YSgSUJMGJLxERlreFkmJFGpm8RnV2/ee+sffLNnbfhV0YCQylSJ5ajZTSaCoCHgA8AXJchOMi4L+EHkpSOpEjeDGsjCRy/RipN2Z9cL/JPpi1LYWxCCKULAniQUKp5HDGOiPDJmjxH0AuKbeJs+pfkmAlpyqnQhyXc+99v4Xh+DKIUA4SG4tmcqyuCc86yKKYrKlWXC4OJHmMWw5QxiKaz4qjv4044aNKtdZ33zZLiywNUAqsLjjgNX1oLqxvZJ5QoleJUZI2lg44bIpmcZsxOAnKcCQmi6nphtaQkVqQvigN3qbEkfDX6XbsU6B82njBmoOj9cX8MBRXnEUCHxi1ovTPZckEA8b+N8PIh3ST8qzEGU1QDqCMReSRZv1UsDArhA0JiKYwTURiPoLyDfHZDuXpbXJ3SxgHlBQxSUJUJyyJkYxqbRhLKNnMNn43Rq+BTCEdTTiHEqQdCc7gBCiCoWPGt2TU1yOEP276p2QK/1162jtLwvIpuQ9mze1RUMJ5oaw+pKHE8VHxDbRvh46S0FMyRHCG6UEXQwmxMAVilyRlpNAhlAIDx6F1X4Mkq5FzVWFzCHW5mthhj511QTuyTQclJaqRFO/3ZMwCSrGRAcpEQlaPEW9dcTITC3oujgtTRIAGRBkiwcIUhKB58IfSpnUxQMcwB0VxlOg4g5L3C5PCLBhP7so4tE8nAS1OqeOlrsEcUwIxxOnIBigjiqdUUiQ54uGhpxSCBCUfpZJhIcwBrFSCeMeeEoaOfCaUkvhRCUrIOcdxCeU7YX0C5TbjoZ+AQ7MUCeCcOgZ6tyRr4Sn5CAyuWYVSkV8e1lBhohhTodTN/SQCFFOSEXCHMgT4I4XksDOGjxx234wUBGmxuAglJYMKHyg3eSLqn9v9BkDgTzKhfFvNVkAkCOmLRSnLmBJ6UtFTJqT+IxkVcyTAIY+K+IPkKWlaLE2EgRKicFAqLiq4hZIVb3UaBaXSwYdj/tHtQqanfBscukHtLOJATxiws9aJTpyICSKzcg0zCR+zBKd11bCVWh+JBAlKIRER9YpJBMn3cNS2yzBCGREfxqyg1EpP/lgVA9OasYaY8jBMdOTEhwI3NVQ1mmQpdJ1SzPoIJib2Lay+bkbpFAKtkgBksa5EhgMFJRsVgxu5+4bhdjQuC0WyDqGEsxflFAcBJRMm5I6I9kkWKebaY7WZQT99WxzW2aalfaJvVBwl0lMCPxAXb2OtO4mBFIfUJIoDgCGUjBAOGJRUFPQhVBRE2JI4SZYHUrmBkialHkhqrSU6MpTJKJTWX1D+Bj32/YZW2xFnhLBq6ij6Pz2UHBxY4GAHE1N9Ix2BKY4y0kiCrhx230GEEpbBAINAGtmtcdDtuYCSZllJV0m3jJIQn+B15XN/QNmJhlL+HeQoaS6UUVKNQgclw/HgFiX1NyoZjdBSY3GZBpmQo6Hgdd8cQceJJOjBEwmlG4nGSdIxlHEiGgZyxpQ+HF2nZHzmKdUhHYMptXMiaR68ldYIGbtvECmxEna07BiVGRx8hFBXBFO6SDQ4UFJCjKKgQxNXCpJiQTHqHMoESBd5qcORFmAHA8pdiMlrYzvlwDCDH1kg6PtIDo7iQj1iESAGDzJKkUU+rN8ViUxqPlY+EpzsWz/+T8M+mCQinFSasCt0yxMyQPzEw7VaYaVr1qCkSVIJlxjfTSvYlgmlkuZEMqY/quVwODke9NtixYgWa0AkafcNBa5Oqc04Y6Rl+spcCtlTRm09pehPwZvwysJ+UlMxQii1ybjqKX2zUcoFM5MXBGzemhSrM0knUAbUjFS+tQ1DM/CGN019QxdXfoBX2WIoB4Wl1Cnn+/A6RgzlYLHfPC2ugjiMlcBQDh7bse3pp7fhhbWDxf5fgAEA+gaSVA6ENCcAAAAASUVORK5CYII=" alt="图片Base64编码" style="max-width:90%; max-height:2000px;"/> </div> </div> </div> <div id="alertShadow" class="alert-shadow"></div> </body> <div class="footer"> <div class="container"> <a onclick="javascript:history.back(-1);" >返回上一页</a> </div> </div> </div> <script> function randomString() { let len = 32; let chars ='abcdefg0123456789'; let maxPos = chars.length; let character = ''; for (let i = 0; i < len; i++) { character += chars.charAt(Math.floor(Math.random() * maxPos)) } return character; } document.getElementById("reqid").innerHTML=randomString(); </script> </html> HTML; echo $pape1; } /** * 攻击检查拦截 */ function webscan_StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq,$method) { $StrFiltValue=webscan_arr_foreach($StrFiltValue); if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){ exit(webscan_pape()); } if (preg_match("/".$ArrFiltReq."/is",$StrFiltKey)==1){ exit(webscan_pape()); } } /** * 拦截目录白名单 */ function webscan_white($webscan_white_name,$webscan_white_url=array()) { $url_path=$_SERVER['SCRIPT_NAME']; $url_var=$_SERVER['QUERY_STRING']; if (@preg_match("/".$webscan_white_name."/is",$url_path)==1&&!empty($webscan_white_name)) { return false; } foreach ($webscan_white_url as $key => $value) { if(!empty($url_var)&&!empty($value)){ if (stristr($url_path,$key)&&stristr($url_var,$value)) { return false; } } elseif (empty($url_var)&&empty($value)) { if (stristr($url_path,$key)) { return false; } } } return true; } if ($webscan_switch&&webscan_white($webscan_white_directory,$webscan_white_url)) { if ($webscan_get) { foreach($_GET as $key=>$value) { webscan_StopAttack($key,$value,$getfilter,"GET"); } } if ($webscan_post) { foreach($_POST as $key=>$value) { webscan_StopAttack($key,$value,$postfilter,"POST"); } } if ($webscan_cookie) { foreach($_COOKIE as $key=>$value) { webscan_StopAttack($key,$value,$cookiefilter,"COOKIE"); } } if ($webscan_referre) { foreach($webscan_referer as $key=>$value) { webscan_StopAttack($key,$value,$postfilter,"REFERRER"); } } } ?>
Last modification:April 24, 2023
  • 本文作者:Juneha
  • 本文链接:https://blog.mo60.cn/index.php/archives/Typecho-add-waf.html
  • 版权声明:本博客所有文章除特别声明外,均默认采用 CC BY-NC-SA 4.0 许可协议。
  • 法律说明:
  • 文章声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由用户承担全部法律及连带责任,文章作者不承担任何法律及连带责任,本人坚决反对利用文章内容进行恶意攻击行为,推荐大家在了解技术原理的前提下,更好的维护个人信息安全、企业安全、国家安全,本文内容未隐讳任何个人、群体、公司。非文学作品,请勿过度理解,根据《计算机软件保护条例》第十七条,本站所有软件请仅用于学习研究用途。
如果觉得我的文章对你有用,请随意赞赏,可备注留下ID方便感谢