From af233f68aa24a11d9da53b6cb67b8bb4d98a8f27 Mon Sep 17 00:00:00 2001 From: Roland Haeder Date: Sat, 30 Mar 2013 06:01:32 +0000 Subject: [PATCH] Better use this? --- libs/lib_detector.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libs/lib_detector.php b/libs/lib_detector.php index fae3751..4d71463 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -53,7 +53,7 @@ function initCrackerTrackerArrays () { 'passwd%20', '%20passwd', 'passwd(', 'telnet%20', 'vi(', 'vi%20', 'cgi-', '.eml', 'insert%20into', 'select%20', 'nigga(', '%20nigga', 'nigga%20', 'fopen', 'fwrite', '%20like', 'like%20', '$_request', '$_get', '$request', '$get', '.system', 'HTTP_PHP', '&aim', '%20getenv', 'getenv%20', - 'new_password', '&icq','/etc/passwd','/etc/shadow', '/etc/groups', '/etc/gshadow', + 'new_password', '&icq', '/self/', '/environ', '/shadow', '/gshadow', '/etc/', '/passwd', 'HTTP_USER_AGENT', 'HTTP_HOST', 'wget%20', 'uname\x20-', 'uname%20-', 'bin/id', '/bin/', '/chgrp', '/chown', '/usr/bin', 'g\+\+', 'bin/python', 'bin/tclsh', 'bin/nasm', 'perl%20', 'traceroute%20', 'ping%20', 'bin/xterm', 'lsof%20', '.conf', 'motd%20', 'HTTP/1.', '.inc.php', '.lib.php', '.class.php', @@ -67,7 +67,7 @@ function initCrackerTrackerArrays () { 'div style=', 'overflow: auto', 'height: 1px', 'cc%20', 'admin_action=', 'path=', 'starhack', 'busca', // @TODO These two lines may block DokuWiki searches for e.g. http_request2_response 'action=http', 'page=http', 'module=http', 'op=http', 'id=http', - 'action%3Dhttp', 'page%3Dhttp', 'module%3Dhttp', 'op%3Dhttp', 'id%3Dhttp', + 'action%3Dhttp', 'page%3Dhttp', 'module%3Dhttp', 'op%3Dhttp', 'id%3Dhttp', '/groups', '../../','..//', 'directory=http', 'dir=http', 'uol.com', '=http://', '=https://','=ftp://','=file://','_SESSION','CFG_ROOT','/proc/', ',0x', '(0x', '=%7BQUOT%7D', '=%5C', 'DOCUMENT_ROOT', '_SERVER','=%22http','=%22ftp','=%22file','=%27http','=%27ftp', -- 2.39.2