From 42ff8dfd602c876ce3bc95100719148e6695d944 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Thu, 28 Jul 2016 09:57:30 +0200
Subject: [PATCH] Continued: - esystem is, well, system is better to look for -
 block content-type header-insertion
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
---
 libs/lib_detector.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 5ed9917..8a13dda 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -73,7 +73,7 @@ function initCrackerTrackerArrays () {
 		// Other Linux programs (+ brace)
 		'locate(', 'grep(', 'kill(', 'mcd(', 'mrd(', 'rm(', 'mv(', 'rmdir(',
 		'chmod(', 'chmod(', 'chown(', 'chgrp(', 'passwd(', 'vi(', 'cp(',
-		'mdir(', 'esystem(', 'chr(', 'wget(', 'rush(', 'echr(',
+		'mdir(', 'system(', 'chr(', 'wget(', 'rush(', 'echr(',
 
 		// Other Linux programs (+ equal)
 		'mcd=', 'mrd=', 'chmod=', 'chr=', 'rush=', 'echr=',
@@ -135,6 +135,9 @@ function initCrackerTrackerArrays () {
 		// Attempts to insert links into a badly secured URL
 		'%3E%3C',
 
+		// Request header being inserted
+		'content-type',
+
 		// /proc/ and other forbidden paths
 		'proc/self/environ',
 
-- 
2.39.2