|
48 | 48 | { |
49 | 49 | "enabled": 1, |
50 | 50 | "version_min": 300000, |
51 | | - "title": "Testing Operator :: @detectXSS benign input", |
| 51 | + "title": "Testing Operator :: @detectXSS :: basic script payload", |
52 | 52 | "client": { |
53 | 53 | "ip": "200.249.12.31", |
54 | 54 | "port": 123 |
|
62 | 62 | "Host": "localhost", |
63 | 63 | "User-Agent": "curl/7.38.0", |
64 | 64 | "Accept": "*/*", |
65 | | - "Content-Length": "19", |
| 65 | + "Content-Length": "45", |
66 | 66 | "Content-Type": "application/x-www-form-urlencoded" |
67 | 67 | }, |
68 | 68 | "uri": "/", |
69 | 69 | "method": "POST", |
70 | 70 | "body": [ |
71 | | - "param1=safevalue123" |
| 71 | + "param1=<script>alert(1)</script¶m2=value2" |
72 | 72 | ] |
73 | 73 | }, |
74 | 74 | "response": { |
|
83 | 83 | ] |
84 | 84 | }, |
85 | 85 | "expected": { |
86 | | - "debug_log": "libinjection was not able to find any XSS in: safevalue123", |
| 86 | + "debug_log": "Added DetectXSS match TX.0: <script>alert(1)</script", |
| 87 | + "http_code": 200 |
| 88 | + }, |
| 89 | + "rules": [ |
| 90 | + "SecRuleEngine On", |
| 91 | + "SecRule ARGS \"@detectXSS\" \"id:1,phase:2,capture,pass,t:trim\"" |
| 92 | + ] |
| 93 | + }, |
| 94 | + { |
| 95 | + "enabled": 1, |
| 96 | + "version_min": 300000, |
| 97 | + "title": "Testing Operator :: @detectXSS :: trim preserves captured payload", |
| 98 | + "client": { |
| 99 | + "ip": "200.249.12.31", |
| 100 | + "port": 123 |
| 101 | + }, |
| 102 | + "server": { |
| 103 | + "ip": "200.249.12.31", |
| 104 | + "port": 80 |
| 105 | + }, |
| 106 | + "request": { |
| 107 | + "headers": { |
| 108 | + "Host": "localhost", |
| 109 | + "User-Agent": "curl/7.38.0", |
| 110 | + "Accept": "*/*", |
| 111 | + "Content-Length": "53", |
| 112 | + "Content-Type": "application/x-www-form-urlencoded" |
| 113 | + }, |
| 114 | + "uri": "/", |
| 115 | + "method": "POST", |
| 116 | + "body": [ |
| 117 | + "param1= <script>alert(1)</script ¶m2=value2" |
| 118 | + ] |
| 119 | + }, |
| 120 | + "response": { |
| 121 | + "headers": { |
| 122 | + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", |
| 123 | + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", |
| 124 | + "Content-Type": "text/html", |
| 125 | + "Content-Length": "8" |
| 126 | + }, |
| 127 | + "body": [ |
| 128 | + "no need." |
| 129 | + ] |
| 130 | + }, |
| 131 | + "expected": { |
| 132 | + "debug_log": "Added DetectXSS match TX.0: <script>alert(1)</script", |
87 | 133 | "http_code": 200 |
88 | 134 | }, |
89 | 135 | "rules": [ |
90 | 136 | "SecRuleEngine On", |
91 | 137 | "SecRule ARGS \"@detectXSS\" \"id:2,phase:2,capture,pass,t:trim\"" |
92 | 138 | ] |
| 139 | + }, |
| 140 | + { |
| 141 | + "enabled": 1, |
| 142 | + "version_min": 300000, |
| 143 | + "title": "Testing Operator :: @detectXSS :: image onerror payload", |
| 144 | + "client": { |
| 145 | + "ip": "200.249.12.31", |
| 146 | + "port": 123 |
| 147 | + }, |
| 148 | + "server": { |
| 149 | + "ip": "200.249.12.31", |
| 150 | + "port": 80 |
| 151 | + }, |
| 152 | + "request": { |
| 153 | + "headers": { |
| 154 | + "Host": "localhost", |
| 155 | + "User-Agent": "curl/7.38.0", |
| 156 | + "Accept": "*/*", |
| 157 | + "Content-Length": "42", |
| 158 | + "Content-Type": "application/x-www-form-urlencoded" |
| 159 | + }, |
| 160 | + "uri": "/", |
| 161 | + "method": "POST", |
| 162 | + "body": [ |
| 163 | + "param1=<img src=x onerror=alert(1)>&p=1" |
| 164 | + ] |
| 165 | + }, |
| 166 | + "response": { |
| 167 | + "headers": { |
| 168 | + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", |
| 169 | + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", |
| 170 | + "Content-Type": "text/html", |
| 171 | + "Content-Length": "8" |
| 172 | + }, |
| 173 | + "body": [ |
| 174 | + "no need." |
| 175 | + ] |
| 176 | + }, |
| 177 | + "expected": { |
| 178 | + "debug_log": "Added DetectXSS match TX.0: <img src=x onerror=alert(1)>", |
| 179 | + "http_code": 200 |
| 180 | + }, |
| 181 | + "rules": [ |
| 182 | + "SecRuleEngine On", |
| 183 | + "SecRule ARGS \"@detectXSS\" \"id:3,phase:2,capture,pass,t:trim\"" |
| 184 | + ] |
| 185 | + }, |
| 186 | + { |
| 187 | + "enabled": 1, |
| 188 | + "version_min": 300000, |
| 189 | + "title": "Testing Operator :: @detectXSS :: benign input should not match", |
| 190 | + "client": { |
| 191 | + "ip": "200.249.12.31", |
| 192 | + "port": 123 |
| 193 | + }, |
| 194 | + "server": { |
| 195 | + "ip": "200.249.12.31", |
| 196 | + "port": 80 |
| 197 | + }, |
| 198 | + "request": { |
| 199 | + "headers": { |
| 200 | + "Host": "localhost", |
| 201 | + "User-Agent": "curl/7.38.0", |
| 202 | + "Accept": "*/*", |
| 203 | + "Content-Length": "24", |
| 204 | + "Content-Type": "application/x-www-form-urlencoded" |
| 205 | + }, |
| 206 | + "uri": "/", |
| 207 | + "method": "POST", |
| 208 | + "body": [ |
| 209 | + "param1=hello-world&x=1" |
| 210 | + ] |
| 211 | + }, |
| 212 | + "response": { |
| 213 | + "headers": { |
| 214 | + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", |
| 215 | + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", |
| 216 | + "Content-Type": "text/html", |
| 217 | + "Content-Length": "8" |
| 218 | + }, |
| 219 | + "body": [ |
| 220 | + "no need." |
| 221 | + ] |
| 222 | + }, |
| 223 | + "expected": { |
| 224 | + "http_code": 200 |
| 225 | + }, |
| 226 | + "rules": [ |
| 227 | + "SecRuleEngine On", |
| 228 | + "SecRule ARGS \"@detectXSS\" \"id:4,phase:2,capture,pass,t:trim\"" |
| 229 | + ] |
93 | 230 | } |
94 | 231 | ] |
0 commit comments