Selemong se fetileng re ile ra lokolla Nemesida WAF Free, module e matla bakeng sa NGINX e thibelang litlhaselo lits'ebetsong tsa marang-rang. Ho fapana le mofuta oa khoebo, o ipapisitseng le thuto ea mochini, mofuta oa mahala o sekaseka likopo feela o sebelisa mokhoa oa ho saena.
Likarolo tsa ho lokolloa ha Nemesida WAF 4.0.129
Pele ho tokollo ea hajoale, mojule o matla oa Nemesida WAF o ne o ts'ehelitse feela Nginx Stable 1.12, 1.14 le 1.16. Tokollo e ncha e eketsa tšehetso bakeng sa Nginx Mainline, ho qala ho 1.17, le Nginx Plus, ho qala ho 1.15.10 (R18).
Hobaneng ho etsa WAF e 'ngoe?
NAXSI le mod_security mohlomong ke li-module tsa WAF tse tsebahalang haholo, 'me mod_security e khothaletsoa ka mafolofolo ke Nginx, leha qalong e ne e sebelisoa feela ho Apache2. Litharollo ka bobeli ke mahala, mohloli o bulehileng ebile li na le basebelisi ba bangata lefatšeng ka bophara. Bakeng sa mod_security, li-signature tsa mahala le tsa khoebo li fumaneha bakeng sa $ 500 ka selemo, bakeng sa NAXSI ho na le sete sa mahala sa li-signature ho tsoa lebokoseng, 'me u ka boela ua fumana lihlopha tse eketsehileng tsa melao, tse kang doxsi.
Selemong sena re lekile ts'ebetso ea NAXSI le Nemesida WAF Free. Ka bokhutšoanyane ka liphetho:
- NAXSI ha e etse li-URL tse peli ho li-cookie
- NAXSI e nka nako e telele haholo ho e lokisa - ka mokhoa o ikhethileng, litlhophiso tsa melao ea kamehla li tla thibela likopo tse ngata ha u sebetsa ka ts'ebeliso ea webo (tumello, ho hlophisa profil kapa thepa, ho nka karolo lipatlisisong, joalo-joalo) mme hoa hlokahala ho hlahisa manane a ikhethileng. , e nang le phello e mpe tšireletsehong. Nemesida WAF Free e nang le litlhophiso tsa kamehla ha ea ka ea etsa phoso e le 'ngoe ha e ntse e sebetsa le sebaka sa marang-rang.
- palo ea litlhaselo tse fetotsoeng bakeng sa NAXSI e phahame ka makhetlo a mangata, joalo-joalo.
Leha ho na le mefokolo, NAXSI le mod_security bonyane li na le melemo e 'meli - mohloli o bulehileng le palo e kholo ea basebelisi. Re ts'ehetsa mohopolo oa ho senola khoutu ea mohloli, empa ha re khone ho etsa sena hajoale ka lebaka la mathata a ka bang teng ka "piracy" ea mofuta oa khoebo, empa ho lefella bofokoli bona, re senola ka botlalo se ka har'a sete sa signature. Re ananela khupamarama mme re fana ka maikutlo a hore u netefatse sena ka bouena u sebelisa seva ea proxy.
Likarolo tsa Nemesida WAF Free:
- polokelongtshedimosetso ya mesaeno ya maemo a hodimo e nang le palo e fokolang ya False Positive le False Negative.
- ho kenya le ho ntlafatsa ho tloha sebakeng sa polokelo (ho potlakile ebile ho bonolo);
- liketsahalo tse bonolo le tse utloisisoang ka liketsahalo, eseng "bohlasoa" bo kang NAXSI;
- e lokolohile ka botlalo, ha e na lithibelo mabapi le palo ea sephethephethe, mabotho a fumanehang, jj.
Qetellong, ke tla fana ka lipotso tse 'maloa ho lekola ts'ebetso ea WAF (ho khothaletsoa ho e sebelisa sebakeng se seng le se seng: URL, ARGS, Headers & Body):
')) un","ion se","lect 1,2,3,4,5,6,7,8,9,0,11#"]
')) union/**/select/**/1,/**/2,/**/3,/**/4,/**/5,/**/6,/**/7,/**/8,/**/9,/**/'some_text',/**/11#"]
union(select(1),2,3,4,5,6,7,8,9,0x70656e746573746974,11)#"]
')) union+/*!select*/ (1),(2),(3),(4),(5),(6),(7),(8),(9),(0x70656e746573746974),(11)#"]
')) /*!u%6eion*/ /*!se%6cect*/ (1),(2),(3),(4),(5),(6),(7),(8),(9.),(0x70656e746573746974),(11)#"]
')) %2f**%2funion%2f**%2fselect (1),(2),(3),(4),(5),(6),(7),(8),(9),(0x70656e746573746974),(11)#"]
%5B%221807182982%27%29%29%20uni%22%2C%22on
%20sel%22%2C%22ect%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C%2some_text%27%2C11%23%22%5D
cat /et?/pa?swd
cat /et'c/pa'ss'wd
cat /et*/pa**wd
e'c'ho 'swd test pentest' |awk '{print "cat /etc/pas"$1}' |bas'h
cat /etc/passwd
cat$u+/etc$u/passwd$u
<svg/onload=alert()//
Haeba likopo li sa thijoe, ho ka etsahala hore ebe WAF e tla fetoa ke tlhaselo ea 'nete. Pele o sebelisa mehlala, etsa bonnete ba hore WAF ha e thibele likopo tse molaong.
Source: www.habr.com