nathanwoodburn/Nathanwoodburn.github.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "Astra Security"

Browse Source 
This reverts commit 9f437f9588.
This commit is contained in:
Nathanwoodburn 2021-08-30 15:11:06 +10:00
parent 9f437f9588
commit 070169ad6d
547 changed files with 0 additions and 65968 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
.gitignore vendored
View File

@ -1,49 +0,0 @@
/db
hack.php
post.html
astra-config.php
workspace.xml
/.idea
czar-A9EC79EC9B9113CAF4A4EBD5E04AFBC9.html
/.vscode
libraries/plugins/astra-gk
tests
# Compiled source #
###################
*.com
*.class
*.dll
*.exe
*.o
*.so
# Packages #
############
# it's better to unpack these files and commit the raw source
# git has its own built in compression methods
*.7z
*.dmg
*.gz
*.iso
*.jar
*.rar
*.tar
*.zip
*.db
# Logs and databases #
######################
*.log
*.sql
*.sqlite
# OS generated files #
######################
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db

26
.gitlab/issue_templates/Bug.md
View File

@ -1,26 +0,0 @@
<!--- Provide a general summary of the issue in the Title above -->
## Description
<!--- Provide a more detailed introduction to the issue itself, and why you consider it to be a bug -->
## Expected Behavior
<!--- Tell us what should happen -->
## Actual Behavior
<!--- Tell us what happens instead -->
## Possible Fix
<!--- Not obligatory, but suggest a fix or reason for the bug -->
## Steps to Reproduce
<!--- Provide a link to a live example, or an unambiguous set of steps to -->
<!--- reproduce this bug. Include code to reproduce, if relevant -->
1.
2.
3.
4.
## Context
<!--- How has this bug affected you? What were you trying to accomplish? -->
/label ~Bug

13
.gitlab/issue_templates/Feature.md
View File

@ -1,13 +0,0 @@
<!--- Provide a general summary of the issue in the Title above -->
## Detailed Description
<!--- Provide a detailed description of the change or addition you are proposing -->
## Context
<!--- Why is this change important to you? How would you use it? -->
<!--- How can it benefit other users? -->
## Possible Implementation
<!--- Not obligatory, but suggest an idea for implementing addition or change -->
/label ~Feature

32
.gitlab/merge_request_templates/Bugfix.md
View File

@ -1,32 +0,0 @@
<!--- Provide a general summary of your changes in the Title above -->
# Bugfix
<!-- This template should only be used for bugfix MRs from a development branch to develop!-->
## Description
<!--- Describe your changes in detail -->
## Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->
## How Has This Been Tested?
<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, tests ran to see how -->
<!--- your change affects other areas of the code, etc. -->
## Screenshots (if appropriate):
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [ ] My code follows the code style of this project.
- [ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.
/label ~Bugfix

35
.gitlab/merge_request_templates/DevelopToMaster.md
View File

@ -1,35 +0,0 @@
<!--- Provide a general summary of your changes in the Title above -->
# Develop -> Master
<!-- This template should only be used for merge requests from develop to master-->
## Issue(s)
<!-- List issues relevant to the contents of this merge request -->
## Description
<!--- Describe your changes in detail -->
## Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->
## How Has This Been Tested?
<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, tests ran to see how -->
<!--- your change affects other areas of the code, etc. -->
## Screenshots (if appropriate):
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [ ] My code follows the code style of this project.
- [ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.
/label ~Feature

32
.gitlab/merge_request_templates/Feature.md
View File

@ -1,32 +0,0 @@
<!--- Provide a general summary of your changes in the Title above -->
# Feature
<!-- This template should only be used for Feature MRs from a development branch to develop!-->
## Description
<!--- Describe your changes in detail -->
## Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->
## How Has This Been Tested?
<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, tests ran to see how -->
<!--- your change affects other areas of the code, etc. -->
## Screenshots (if appropriate):
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [ ] My code follows the code style of this project.
- [ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.
/label ~Feature

32
.gitlab/merge_request_templates/Hotfix.md
View File

@ -1,32 +0,0 @@
<!--- Provide a general summary of your changes in the Title above -->
# Hotfix
<!-- This template should only be used for hotfic MRs from a development branch to master!-->
## Description
<!--- Describe your changes in detail -->
## Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->
## How Has This Been Tested?
<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, tests ran to see how -->
<!--- your change affects other areas of the code, etc. -->
## Screenshots (if appropriate):
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [ ] My code follows the code style of this project.
- [ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.
/label ~Hotfix

419
Astra.php
View File

@ -1,419 +0,0 @@
<?php
if (defined('CZ_DEBUG') && CZ_DEBUG) {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
}
if (!defined('ASTRAPATH'))
define('ASTRAPATH', dirname(__FILE__) . '/');
$inc_path = get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/libraries/plugins';
set_include_path($inc_path);
/**
* Description of Astra
*
*
*/
if (!class_exists('Astra')) {
class Astra
{
public static $_db;
public static $_config;
public static $_ip;
public static $_user_agent;
public static $_is_search_engine;
public static $_is_fake_search_engine_bot;
public static $cz_lvl;
public static function echo_debug($str)
{
if (CZ_DEBUG) {
echo '<p>' . $str . "</p>\r\n";
}
}
public function __construct()
{
require_once(ASTRAPATH . 'astra-config.php');
require_once(ASTRAPATH . 'libraries/Config_options.php');
if (!defined('CZ_DB_PATH')) {
define('CZ_DB_PATH', dirname(__FILE__) . '/');
}
echo_debug('Astra Constuctor Loaded');
echo_debug('Astra version - v' . CZ_ASTRA_CLIENT_VERSION . ' and PHP version - ' . PHP_VERSION);
if (!$this->meets_requirements()) {
echo_debug('Requirements not met');
return FALSE;
} else {
echo_debug('Meets all Requirements');
}
self::$_config = new AstraConfig();
if (CZ_ASTRA_ACTIVE) {
echo_debug('Astra Active');
require_once(ASTRAPATH . 'libraries/Astra_ip.php');
$client_ip = new Astra_ip();
self::$_ip = $client_ip->get_ip_address();
if (trim(self::$_ip) == "") {
self::$_ip = '103.16.70.12';
}
self::$_user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (!empty($cz_lvl)) {
self::$cz_lvl = $cz_lvl;
} else {
self::$cz_lvl = get_cz_lvl();
$cz_lvl = self::$cz_lvl;
}
echo_debug('Current IP: ' . self::$_ip);
echo_debug('Current UA: ' . self::$_user_agent);
echo_debug(self::$cz_lvl);
echo_debug($cz_lvl);
$this->check_search_engine();
if (CZ_SETUP) {
echo_debug('Has been Setup');
$this->init();
} else {
echo_debug('NOT been Setup');
if (isset($_SERVER['HTTP_HOST']) && $this->setup()) {
echo_debug('Setup Complete');
$this->init();
}
}
} else {
echo_debug('Astra not active');
show_astra_debug_log();
return;
}
show_astra_debug_log();
}
protected function meets_requirements()
{
if (!defined('PDO::ATTR_DRIVER_NAME')) {
echo_debug('PDO Driver Missing');
return FALSE;
} else {
echo_debug('PDO Loaded');
}
if (!in_array('sqlite', PDO::getAvailableDrivers(), TRUE)) {
echo_debug('sqlite3 extension not loaded');
return false;
} else {
echo_debug('SQLite loaded');
}
if (!file_exists(CZ_DB_PATH . 'db/' . CZ_DATABASE_NAME . '.db')) {
echo_debug('<strong>Updating DB</strong>');
$this->update_db();
} else {
/*
unlink(ASTRAPATH . 'db/' . CZ_DATABASE_NAME . '.db');
echo_debug('<strong>Updating DB</strong>');
$this->update_db();
*
*/
}
return TRUE;
}
public function init()
{
echo_debug('Initializing');
self::connect_db();
$this->run();
}
public static function connect_db()
{
require_once(ASTRAPATH . 'libraries/SQLite_db.php');
self::$_db = new SQLiteWrapper(self::$cz_lvl);
}
private function update_db()
{
require_once(ASTRAPATH . 'libraries/Update_DB.php');
$update_db = new Update_DB();
}
public function setup()
{
if (empty($_SERVER)) {
return false;
}
// Added for TC
if (!defined("CZ_SECRET_KEY") || (defined("CZ_SECRET_KEY") && strlen(CZ_SECRET_KEY) < 2)) {
echo_debug('Enc keys not set');
return false;
}
/*
if (file_exists(CZ_DB_PATH . 'db/' . CZ_DATABASE_NAME . 'db')) {
if (unlink(CZ_DB_PATH . 'db/' . CZ_DATABASE_NAME . 'db')) {
echo_debug('Deletd Already Set Database');
} else {
echo_debug('Unable to Delete Database');
return FALSE;
}
}
*/
require_once(ASTRAPATH . 'libraries/Astra_setup.php');
$astraSetup = new Astra_setup();
$astraSetup->createAstraFiles();
$rootApiUri = $astraSetup->getRootApiFileUri();
require_once(ASTRAPATH . 'libraries/API_connect.php');
$connect = new API_connect();
$connect->setRootApiUri($rootApiUri);
if (!$connect->setup()) {
return FALSE;
}
require_once(ASTRAPATH . 'libraries/Update_DB.php');
$update_db = new Update_DB();
if (!$update_db) {
return FALSE;
}
require_once(ASTRAPATH . 'libraries/Update_config.php');
$update_config_file = Update_config('CZ_SETUP', base64_encode('TRUE'), FALSE);
return $update_config_file;
}
public function run()
{
echo_debug('About to run');
$blocked_or_trusted = self::$_db->is_blocked_or_trusted(self::$_ip, false, self::$_config);
if ($blocked_or_trusted == "blocked" && !self::$_is_search_engine) {
self::show_block_page();
}
if ($blocked_or_trusted == "trusted" || self::is_whitelisted_url() || self::$_is_search_engine) {
echo_debug("Is trusted or whitelisted or a search engine");
if (self::$_is_search_engine) {
$is_trusted = self::$_db->edit_ip_exception('add', 'trusted', self::$_ip);
}
return TRUE;
}
$is_bad_bot = $this->is_bad_bot();
if ($blocked_or_trusted == "blocked" || $is_bad_bot || self::$_is_fake_search_engine_bot) {
echo_debug('You have been blocked');
require_once(ASTRAPATH . 'libraries/API_connect.php');
$connect = new API_connect();
if ($is_bad_bot || self::$_is_fake_search_engine_bot) {
// self::$_db->log_hit(self::$_ip);
self::$_db->edit_ip_exception('add', 'blocked', self::$_ip);
echo_debug('You are a badbot');
$connect->send_request("badbot", array());
echo_debug('Reported Blackbot status');
}
self::show_block_page();
}
$this->run_upload_scan();
$this->run_IDS();
$this->run_patches();
if (!self::$_is_search_engine) {
$this->run_token_bucket();
}
}
protected function is_whitelisted_url()
{
if (!empty($_SERVER['REQUEST_URI'])) {
$url = $_SERVER['REQUEST_URI'];
$db_params = self::$_db->get_custom_params();
$db_allowed_urls = $db_params['url'];
$allowed_urls = array('/admin/', '/wp-admin', 'checkout', 'paypal', '/ipn.php', '/transaction', 'callback', 'contact-form-7', 'wc-ajax=', '/wc-api', '/wp-json', 'api/soap', 'api/v2_soap');
$merge = array_merge($allowed_urls, $db_allowed_urls);
//print_r($merge);
foreach ($merge as $allowed_url) {
if (strpos($url, $allowed_url) !== false) {
return TRUE;
}
}
}
return FALSE;
}
public static function show_block_page($attack_param = null)
{
if (defined('CZ_ASTRA_MODE') && CZ_ASTRA_MODE == 'monitor') {
return TRUE;
}
if (!headers_sent()) {
header('HTTP/1.0 403 Forbidden');
}
echo_debug('About to show block page');
if (file_exists(ASTRAPATH . 'block-page-custom.php')) {
$block_page_path = ASTRAPATH . 'block-page-custom.php';
} else {
$block_page_path = ASTRAPATH . 'block-page.php';
}
if (!headers_sent()) {
header('X-XSS-Protection: 1; mode=block');
header('X-Frame-Options: deny');
header('X-Content-Type-Options: nosniff');
/* No cache headers */
header('X-LiteSpeed-Cache-Control: no-cache');
header("Expires: Tue, 03 Jul 2001 06:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header("Connection: close");
}
if (file_exists($block_page_path)) {
include($block_page_path);
exit;
die();
}
if (!headers_sent()) {
header("Location: " . CZ_BLOCK_PAGE_URL); /* Redirect browser */
} else {
echo '<script>';
echo "window.location = '" . CZ_BLOCK_PAGE_URL . "';";
echo '</script>';
}
die("You are blocked");
exit();
}
protected function run_upload_scan()
{
if (empty($_FILES)) {
return true;
}
if (version_compare(PHP_VERSION, '5.4.0') >= 0) {
echo_debug('Including mussel');
$config = new AstraConfig();
$data['key'] = 'file_uploads';
$musselResult = $config->get_config($data);
if ($musselResult) {
$phpMusselConfig = json_decode($musselResult, true);
if ($phpMusselConfig['status'] == 'TRUE') {
require_once(ASTRAPATH . 'libraries/plugins/phpMussel/loader.php');
} else {
return false;
}
} else { // Run upload scan by default
require_once(ASTRAPATH . 'libraries/plugins/phpMussel/loader.php');
}
} else {
echo_debug('PHP version (' . PHP_VERSION . ') < 5.4.0 so not including Mussel');
}
}
protected function run_ids()
{
require_once(ASTRAPATH . 'libraries/PHPIDS.php');
echo_debug('Including IDS');
$phpids = new PHPIDS(self::$_db, self::$_ip);
}
protected function run_patches()
{
require_once(ASTRAPATH . 'libraries/Virtual_patches.php');
$patches = new Astra_virtual_patches();
$patches->apply();
$applied_patches = $patches->get_applied_patches();
if (count($applied_patches) > 0) {
self::$_db->log_hit(self::$_ip);
self::show_block_page();
}
}
protected function is_bad_bot()
{
$db = self::$_db->is_bad_bot(self::$_user_agent);
if ($db && !self::$_is_search_engine) {
return TRUE;
}
return FALSE;
}
protected function check_search_engine()
{
require_once(ASTRAPATH . 'libraries/Bad_bots.php');
$bot = new Bad_bots(self::$_user_agent, self::$_ip);
self::$_is_search_engine = $bot->is_search_engine();
self::$_is_fake_search_engine_bot = $bot->is_fake_bot();
return true;
}
function get_sso_token()
{
$time = strtolower(gmdate("FYhiA"));
$str = CZ_CLIENT_KEY . '|' . CZ_ACCESS_KEY . '|' . $time;
$token = hash_hmac('sha256', $str, CZ_SECRET_KEY, false);
return $token;
}
protected function run_token_bucket()
{
return TRUE;
require_once(ASTRAPATH . 'libraries/Token_bucket.php');
Token_bucket::run();
}
}
}

74
ak.php
View File

@ -1,74 +0,0 @@
<?php
if (function_exists("opcache_reset")) {
opcache_reset();
}
if (!class_exists('Astra_ak')) {
class Astra_ak
{
function auth()
{
$rcvd = !empty($_REQUEST['key']) ? $_REQUEST['key'] : "";
$expected = $this->get_sso_key();
$stored = $this->get_session_key();
if ($stored === $expected || $rcvd === $expected) {
$this->store_key($expected);
unset($_GET['key']);
return true;
}
header("HTTP/1.0 404 Not Found");
exit;
}
protected function get_session_key()
{
if (function_exists('session_status')) {
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
} else {
if (session_id() == '') {
session_start();
}
}
$key = !empty($_SESSION['astra_ak_key']) ? $_SESSION['astra_ak_key'] : "";
return $key;
}
protected function store_key($key)
{
$_SESSION['astra_ak_key'] = $key;
}
protected function get_sso_key()
{
define("CZ_DEBUG", TRUE);
require_once __DIR__ . '/astra-config.php';
$time = strtolower(gmdate("FYhiA"));
$str = CZ_CLIENT_KEY . '|' . CZ_ACCESS_KEY . '|' . $time;
$token = hash_hmac('sha256', $str, CZ_SECRET_KEY, false);
return $token;
}
public function __construct()
{
if ($this->auth()) {
$this->load();
}
}
function load()
{
require __DIR__ . '/Astra.php';
$astra = new Astra();
}
}
new Astra_ak;
}

417
api.php
View File

@ -1,417 +0,0 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
ini_set('display_errors', 'Off');
error_reporting(-1);
if (function_exists("opcache_reset")) {
opcache_reset();
}
if (!defined('ASTRAPATH'))
define('ASTRAPATH', dirname(__FILE__) . '/');
require_once(ASTRAPATH . 'Astra.php');
require_once(ASTRAPATH . 'astra-config.php');
require_once(ASTRAPATH . 'libraries/Crypto.php');
require_once(ASTRAPATH . 'libraries/Config_options.php');
/* Dream */
if (!class_exists('Api')) {
class Api
{
protected $receivedResponse;
protected $response = array();
public function __construct($included = FALSE)
{
if (!$included)
$this->run();
}
protected function respond($code, $msg = "", $slug = "")
{
$this->response['origin'] = 'client';
$this->response['code'] = $code;
$this->response['slug'] = $slug;
if ($msg == "") {
switch ($code) {
case 0:
$msg = "failed";
break;
case 1:
$msg = "success";
break;
default:
$msg = "error";
break;
}
}
$this->response['msg'] = $msg;
if (empty($this->response['errors'])) {
$this->response['errors'] = array();
}
header('Content-Type: application/json');
echo json_encode($this->response);
die();
}
protected function addError($slug, $msg)
{
$this->response['errors'][$slug] = $msg;
}
protected function authenticate()
{
$accessResponse = !empty($_POST['access_code']) ? $_POST['access_code'] : '';
if ($accessResponse != CZ_ACCESS_KEY)
$this->respond(-1, "Access Code doesn't match", 'access_code_missing');
$encResponse = $_POST['encRequest'];
$crypto = new Astra_crypto();
$this->receivedResponse = @unserialize($crypto->decrypt($encResponse, CZ_SECRET_KEY));
//echo $this->receivedResponse['client_key'] . "-" . CZ_CLIENT_KEY;
if (($this->receivedResponse == false) || ($this->receivedResponse['client_key'] != CZ_CLIENT_KEY))
$this->respond(-1, "Secret/Client Key Mismatch");
return TRUE;
}
public function bad_bots_update()
{
require_once(ASTRAPATH . 'libraries\Update_bad_bots.php');
if (update_bad_bots())
$this->respond(1);
else
$this->respond(0, "Unable to respond");
}
protected function filters_update()
{
require_once(ASTRAPATH . 'libraries\Crypto.php');
$dataArray['client_key'] = CZ_CLIENT_KEY;
$dataArray['api'] = "get_filters";
$str = serialize($dataArray);
$crypto = new Astra_crypto();
$encrypted_data = $crypto->encrypt($str, CZ_SECRET_KEY);
$postdata = http_build_query(
array(
'encRequest' => $encrypted_data,
'access_code' => CZ_ACCESS_KEY,
)
);
$opts = array('http' =>
array(
'method' => 'POST',
'header' => 'Content-type: application/x-www-form-urlencoded',
'content' => $postdata
)
);
$context = stream_context_create($opts);
$server_reply = file_get_contents(CZ_API_URL, FALSE, $context);
$filter_file_path = 'libraries/plugins/IDS/default_filter.xml';
if (!empty($server_reply)) {
if (is_writeable(dirname(ASTRAPATH . $filter_file_path))) {
$dlHandler = fopen(ASTRAPATH . $filter_file_path, 'w');
if (!fwrite($dlHandler, $server_reply)) {
$this->respond(0, "Unable to write");
exit();
}
fclose($dlHandler);
$this->respond(1);
} else {
$this->respond(0, "Directory not writable");
}
} else {
$this->respond(0, "Empty Response");
}
$this->respond(0);
}
protected function astra_update()
{
require_once(ASTRAPATH . 'libraries/Updater.php');
echo_debug("API Call received");
echo_debug($this->receivedResponse);
$server_version = $this->receivedResponse['version'];
$platform = isset($this->receivedResponse['platform']) ? $this->receivedResponse['platform'] : 'php';
echo_debug("Loading updater");
$updater = new Astra_updater($server_version);
if ($updater->is_update()) {
if ($updater->download_file()) {
sleep(1);
if ($updater->update($platform)) {
sleep(1);
$updater->delete();
## Initialize the Setup Process
require_once('libraries/API_connect.php');
$connect = new API_connect();
if (!$connect->report_update()) {
$this->respond(-1, "Unable to report update");
}
}
$this->response['errors'] = $updater->get_errors();
$this->respond(1);
}
}
$this->response['errors'] = $updater->get_errors();
$this->respond(-1, "Noting to update");
}
protected function update_config()
{
require_once(ASTRAPATH . 'libraries/Update_config.php');
if (isset($this->receivedResponse['constant_check_for_quotes'])) {
$quotes = $this->receivedResponse['constant_check_for_quotes'];
} else
$quotes = FALSE;
if (update_config($this->receivedResponse['constant_name'], $this->receivedResponse['constant_value'], $quotes)) {
$this->respond(1);
} else {
$this->respond(0);
}
}
protected function get_version()
{
$ret = explode(".", CZ_ASTRA_CLIENT_VERSION);
$this->response['version'] = array('major' => $ret[0], 'minor' => $ret[1], 'patch' => $ret[2]);
$this->respond(1);
}
protected function valid_param($val)
{
if ($this->receivedResponse['rule_type'] === "url") {
return true;
}
$val = strtolower($val);
$allowed = array('get.', 'post.', 'request.', 'cookie.', 'session.');
foreach ($allowed as $a) {
if (substr($val, 0, strlen($a)) == $a)
return TRUE;
}
return FALSE;
}
protected function whitelist_url()
{
ASTRA::connect_db();
$action = $this->receivedResponse['rule_action'];
$val = $this->receivedResponse['rule_val'];
$allowed_rule_action = array('add', 'delete');
if (in_array($action, $allowed_rule_action)) {
switch ($action) {
case 'add':
$result = ASTRA::$_db->add_whitelist_url($val);
break;
case 'delete':
$result = ASTRA::$_db->delete_whitelist_url($val);
break;
}
if ($result == TRUE) {
$this->respond(1);
} else {
$this->respond(0, "Unable to update db");
}
} else {
$this->respond('0', 'Not a valid action');
}
}
protected function custom_rule()
{
//rule_action = add, delete
//rule_type = "trusted", "blocked", "exception", "html" ,"json"
ASTRA::connect_db();
$action = $this->receivedResponse['rule_action'];
$type = $this->receivedResponse['rule_type'];
$val = $this->receivedResponse['rule_val'];
$allowed_rule_action = array('add', 'delete', 'update');
$ip_check = array('trusted', 'blocked');
$param_check = array('exception', 'html', 'json', 'url',);
$allowed_rule_type = array_merge($ip_check, $param_check);
if (in_array($action, $allowed_rule_action) && in_array($type, $allowed_rule_type)) {
if (in_array($type, $ip_check) && is_string($val) && strlen($val) == 2) {
if ($type == "blocked") {
$config_data = array(
"key" => "country_blocked",
"value" => $val,
"autoload" => 1,
);
} elseif ($type == "trusted") {
$config_data = array(
"key" => "country_trusted",
"value" => $val,
"autoload" => 1,
);
}
switch ($action) {
case 'add':
$this->config_actions("add_config", $config_data);
break;
case 'delete':
$this->config_actions("delete_config", $config_data);
break;
case 'update':
$this->config_actions("update_country", $config_data);
break;
}
} elseif (in_array($type, $ip_check) && filter_var($val, FILTER_VALIDATE_IP) !== TRUE) {
if (ASTRA::$_db->edit_ip_exception($action, $type, $val)) {
$this->respond(1);
} else {
$this->respond('0', 'Unable to set custom IP rule');
}
} elseif (in_array($type, $param_check) && $this->valid_param($val)) {
if (ASTRA::$_db->edit_param_exception($action, $type, $val)) {
$this->respond(1);
} else {
$this->respond(0, "Couldn't edit exception");
}
} else {
$this->respond('0', 'Could not validate');
}
} else {
$this->respond('0', 'Not Allowed');
}
}
protected function is_value_exist($_config_option, $config_data)
{
$blocked_countries = json_decode($_config_option->get_config(array("key" => "country_blocked")));
$trusted_countries = json_decode($_config_option->get_config(array("key" => "country_trusted")));
if (!empty($trusted_countries) && !empty($blocked_countries)) {
if (is_array($blocked_countries)) {
return in_array($config_data['value'], $blocked_countries);
} else {
return ($config_data['value'] == $blocked_countries) ? true : false;
}
if (is_array($trusted_countries)) {
return in_array($config_data['value'], $trusted_countries);
} else {
return ($config_data['value'] == $trusted_countries) ? true : false;
}
} else
return false;
}
protected function config_actions($func_name, $data)
{
$config = new AstraConfig();
$result = null;
switch ($func_name) {
case "get_config":
$result = $config->get_config($data);
break;
case "add_config":
$_is_exist = $this->is_value_exist($config, $data);
$result = (!$_is_exist) ? $config->add_config($data) : true;
break;
case "delete_config":
$result = $config->delete_config($data);
break;
case "update_config":
$result = $config->update_config($data);
break;
case "update_country":
$result = $config->update_country($data);
break;
}
if ($result)
$this->respond(1);
else
$this->respond(0, 'Unable to update configuration');
}
public function run()
{
if (!$this->authenticate()) {
$this->respond(-1, "Invalid API Call");
}
echo_debug($this->receivedResponse);
$api = $this->receivedResponse['api'];
switch ($api) {
case "ping":
$this->respond(1);
break;
case "version":
$this->get_version();
break;
case "update":
$this->astra_update();
break;
case "update_bad_bots":
$this->bad_bots_update();
break;
case "update_filters":
$this->filters_update();
break;
case "custom_rule":
$this->custom_rule();
break;
case "update_config":
$this->update_config();
break;
default:
echo "ping";
}
}
}
}
if (class_exists('Api')) {
$astra_api = new Api();
}

16
astra-inc.php
View File

@ -1,16 +0,0 @@
<?php
try{
$path_to_astra = dirname(__FILE__) .'/Astra.php';
if(file_exists($path_to_astra)){
include($path_to_astra);
if(class_exists('Astra')){
$astra = new Astra();
}
}
}
catch(Exception $e) {
// Graceful degradation
}
?>

12
blackhole.php
View File

@ -1,12 +0,0 @@
<?php
require_once (dirname(__FILE__) . '/Astra.php');
require_once(dirname(__FILE__) . '/libraries/Astra_ip.php');
$client_ip = new Astra_ip();
$ip_address = $client_ip->get_ip_address();
ASTRA::$_db->block_bot($ip_address);
ASTRA::show_block_page();
die();

459
block-page.php
View File

@ -1,459 +0,0 @@
<?php
include('libraries/Astra_ip.php');
$astra_ip = new Astra_ip();
$client_ip = $astra_ip->get_ip_address();
$formCheck = false;
if($_POST){
$formCheck = true;
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Attention!</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
* {
line-height: 1.2;
margin: 0;
}
html {
color: #888;
display: table;
font-family: sans-serif;
height: 100%;
text-align: center;
width: 100%;
}
body {
display: table-cell;
vertical-align: middle;
margin: 2em auto;
}
h1 {
color: #555;
font-size: 2em;
font-weight: 400;
}
p {
margin: 0 auto;
}
div.image {
margin-bottom: 20px;
}
div.image img {
width: 50%;
}
#toast-container{
position: fixed;
z-index: 999999;
pointer-events: none;
}
@media
(-webkit-min-device-pixel-ratio: 2),
(min-resolution: 192dpi) {
/* Retina-specific stuff here */
#toast-container>div{
width: 430px;
padding:15px;
}
}
#toast-container>div{
background-image: linear-gradient(to right,#0074ff 0%,#0003f5 51%,#0974f5 100%);
transition: .5s;
background-size: 200% auto;
position: relative;
pointer-events: auto;
margin-bottom: 6px;
padding: 10px;
color: #fff;
border-radius: 30px;
width: 474px;
}
.toast-bottom-right{
right: 12px;
bottom: 12px;
}
input#foo{
padding: 7px;
float: left;
border: none;
width: 75%;
border-radius:13px;
margin-left: 8px;
}
.btn{
font-weight: bold;
border: none;
padding: 7px 8px;
text-align: center;
text-decoration: none;
display: inline-block;
cursor: pointer;
border-radius: 13px;
}
.notes-list{
text-align: left;
list-style: none;
clear: both;
padding: 0;
text-align: center;
}
.owner-check ul{
padding: 0px;
}
.green{
background-color: #14b800;
width: 48%;
border-radius: 15px;
margin-left: 2px;
padding: 5px;
}
.blue{
/* background-color: #0c5292;*/
background-color: #14b800;
width: 25%;
padding: 2px;
}
.button{
border: none;
color: white;
text-align: center;
text-decoration: none;
display: inline-block;
font-size: 14px;
cursor: pointer;
border-radius: 9px;
margin-left: 2px;
}
lable{
text-align: left;
width: 100%;
margin-bottom: 10px;
clear: both;
float: left;
}
/*********************/
.toast-title {
font-weight: 700
}
.toast-message {
-ms-word-wrap: break-word;
word-wrap: break-word
}
.toast-message a,
.toast-message label {
color: #fff;
margin-right: 18px;
}
.toast-message a:hover {
color: #ccc;
text-decoration: none
}
.toast-top-full-width {
top: 0;
right: 0;
width: 100%
}
.toast-bottom-full-width {
bottom: 0;
right: 0;
width: 100%
}
.toast-bottom-right {
right: 12px;
bottom: 12px
}
#toast-container {
position: fixed;
z-index: 999999;
pointer-events: none
}
#toast-container * {
-moz-box-sizing: border-box;
-webkit-box-sizing: border-box;
box-sizing: border-box
}
#toast-container>div {
opacity: .8;
-ms-filter: progid:DXImageTransform.Microsoft.Alpha(Opacity=80);
filter: alpha(opacity=80)
}
#toast-container>:hover {
-moz-box-shadow: 0 0 12px #000;
-webkit-box-shadow: 0 0 12px #000;
box-shadow: 0 0 12px #000;
opacity: 1;
-ms-filter: progid:DXImageTransform.Microsoft.Alpha(Opacity=100);
filter: alpha(opacity=100);
cursor: pointer
}
#toast-container.toast-bottom-center>div,
#toast-container.toast-top-center>div {
width: 300px;
margin-left: auto;
margin-right: auto
}
#toast-container.toast-bottom-full-width>div,
#toast-container.toast-top-full-width>div {
width: 96%;
margin-left: auto;
margin-right: auto
}
.toast-progress {
position: absolute;
left: 0;
bottom: 0;
height: 4px;
background-color: #000;
opacity: .4;
-ms-filter: progid:DXImageTransform.Microsoft.Alpha(Opacity=40);
filter: alpha(opacity=40)
}
@media all and (max-width:240px) {
#toast-container>div {
padding: 8px 8px 8px 50px;
width: 11em
}
#toast-container .toast-close-button {
right: -.2em;
top: -.2em
}
}
@media all and (min-width:241px) and (max-width:480px) {
#toast-container>div {
padding: 8px 8px 8px 50px;
width: 18em
}
#toast-container .toast-close-button {
right: -.2em;
top: -.2em
}
}
@media all and (min-width:481px) and (max-width:768px) {
#toast-container>div {
padding: 15px 15px 15px 50px;
width: 25em
}
}
/*********************/
@media (min-width: 768px) {
div.image img {
width: 15%;
}
}
div.go-back {
padding-top: 20px;
}
div.go-back a {
font-size: 14px;
}
p {
width: 600px;
margin-top: 30px;
}
a {
cursor: pointer;
color: #2b64d0;
}
@media only screen and (max-width: 280px) {
body, p {
width: 95%;
}
h1 {
font-size: 1.5em;
margin: 0 0 0.3em;
}
}
.call_support {
text-decoration: underline;
}
</style>
<?php
function hide_email($email)
{
$character_set = '+-.0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz';
$key = str_shuffle($character_set);
$cipher_text = '';
$id = 'e' . rand(1, 999999999);
for ($i = 0; $i < strlen($email); $i += 1) $cipher_text .= $key[strpos($character_set, $email[$i])];
$script = 'var a="' . $key . '";var b=a.split("").sort().join("");var c="' . $cipher_text . '";var d="";';
$script .= 'for(var e=0;e<c.length;e++)d+=b.charAt(a.indexOf(c.charAt(e)));';
$script .= 'document.getElementById("' . $id . '").innerHTML="<a href=\\"mailto:"+d+"\\">"+d+"</a>"';
$script = "eval(\"" . str_replace(array("\\", '"'), array("\\\\", '\"'), $script) . "\")";
$script = '<script type="text/javascript">/*<![CDATA[*/' . $script . '/*]]>*/</script>';
return '<span id="' . $id . '">[javascript protected email address]</span>' . $script;
}
$support_email = hide_email('help@getastra.com');
?>
</head>
<body>
<div class='image'>
<img alt='What ASTRA Means' src='https://www.getastra.com/assets/images/hotlink-ok/astra-logo-landing-pages.png'>
</div>
<h1>Sorry, this is not allowed.</h1>
<p>Thank you for visiting our website, unfortunately our website protection system has detected an issue with your IP
address and wont let you proceed any further.</p>
<p>If you feel this is an error, please submit a <a class="call_support" onclick="FreshWidget.show(); return false;">support request</a>. Thank you for your patience.</p>
<p>
<small><a href='https://www.getastra.com/'>https://www.getastra.com/</a></small>
</p>
<div class='go-back'>
<p><a href='/'>Go to Homepage</a></p>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/clipboard@2/dist/clipboard.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js"></script>
<script type="text/javascript" src="https://s3.amazonaws.com/assets.freshdesk.com/widget/freshwidget.js"></script>
<script type="text/javascript">
var ip = '<?php echo $client_ip; ?>';
var attack_id = '<?php if(!empty($attack_param)) echo implode(",",$attack_param); else ""; ?>';
var attack_param = null;
if(attack_id != "" && attack_id != null)
attack_param = "["+attack_id+"]"
else
attack_param = "";
FreshWidget.init("", {
"queryString": "&formTitle=Request block review&submitTitle=Submit&submitThanks=We+have+received+your+request.+Our+engineers+will+get+back+to+you+via+email+shortly.&widgetType=popup&captcha=yes&helpdesk_ticket[subject]=Requesting block review [" + (window.location.hostname) + "][" + ip + "]"+attack_param+"&searchArea=no&disable[custom_field][product_id]=true&helpdesk_ticket[ticket_body_attributes]=<div>test</div>",
"utf8": "",
"widgetType": "popup",
"buttonType": "text",
"buttonText": "Support",
"buttonColor": "white",
"buttonBg": "rgb(12, 82, 146)",
"alignment": "4",
"offset": "235px",
"formHeight": "500px",
"captcha": "yes",
"url": "https://astrawebsecurity.freshdesk.com"
});
var clipboard = new ClipboardJS('.btn');
function reloadPage(){
window.location.href = window.location.href;
}
toastr.options = {
"closeButton": false,
"debug": false,
"newestOnTop": false,
"progressBar": false,
"positionClass": "toast-bottom-right",
"preventDuplicates": true,
"onclick": null,
"showDuration": "300",
"hideDuration": "1000",
"timeOut": 0,
"extendedTimeOut": 0,
"showEasing": "linear",
"hideEasing": "linear",
"showMethod": "fadeIn",
"hideMethod": "fadeOut",
"tapToDismiss": false
}
var x = toastr["success"]("Are you the owner of the website?");
var x1 = false;
$(x).click(function(){
if($('#toast-container>div').length == 5 || $('body').find('div#toast-container div:first-child').attr('disable') == 'true'){
return false;
}else{
$('body').find('div#toast-container div:first-child').attr('disable',true)
setTimeout(function(){ toastr["success"]("Great! Lets' get you out of here! Follow steps below"); }, 500);
setTimeout(function(){ toastr["success"](" <input id='foo' value='<?php echo $client_ip; ?>'><button class='btn' data-clipboard-target='#foo'>Copy your IP</button>").attr('style', 'background: #0F2027; background: -webkit-linear-gradient(to right, #2C5364, #203A43, #0F2027); background: linear-gradient(to right, #2C5364, #203A43, #0F2027); !important'); }, 2000);
setTimeout(function(){ toastr["success"]("<ul class='notes-list'><li><label>Whitelist your IP/parameter</label><a target='_blank' href='https://www.getastra.com/kb/knowledgebase/whitelisting-ip-on-website-with-astra/' class='button blue'> Learn how </a></li></ul>").attr('style', 'background: #0F2027; background: -webkit-linear-gradient(to right, #0F2027, #203A43, #2C5364); background: linear-gradient(to right, #0F2027, #203A43, #2C5364); !important'); }, 4000);
setTimeout(function(){ toastr["success"]("<ul class='notes-list'><li><button onclick='reloadPage()' class='button green'> Refresh </button> </li></ul>").attr('style', 'background: #0F2027; background: -webkit-linear-gradient(to right, #2C5364, #203A43, #0F2027); background: linear-gradient(to right, #2C5364, #203A43, #0F2027); !important'); }, 6000);
}
});
// toastr.success("Great! Lets' get you out of here! Follow steps below")
</script>
</body>
</html>

1
czar-89FC3CFA43E356C42382A941A99E4386.html
View File

@ -1 +0,0 @@
89FC3CFA43E356C42382A941A99E4386

13
gk.php
View File

@ -1,13 +0,0 @@
<?php
/**
*
*
* @author Ananda Krishna <ak@getastra.com>
* @date 2019-04-07
*/
$path_to_ms = __DIR__ . "/libraries/plugins/astra-gk/index.php";
if(file_exists($path_to_ms)){
include_once $path_to_ms;
}

735
install-astra.php
View File

File diff suppressed because one or more lines are too long

292
libraries/API_connect.php
View File

@ -1,292 +0,0 @@
<?php
require_once('Crypto.php');
require_once('browser.php');
class API_connect
{
protected $site = "";
protected $get_api;
protected $api_url;
private $rootApiUri;
public function __construct($url = "")
{
if ($url == "") {
$this->api_url = CZ_API_URL;
} else {
$this->api_url = $url;
}
}
public function ping()
{
$dataArray = array();
return $this->send_request("ping", $dataArray);
}
public function report_update()
{
return true;
$ak = $this->get_end_point_url(FALSE);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $ak . 'ak.php');
curl_setopt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cz-Setup: true'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
echo_debug('cURL Executed');
echo_debug('cURL Error >> ' . curl_error($ch));
echo_debug("<pre style='border: 2px solid #000; padding: 20px;'>$output</pre>");
curl_close($ch);
echo_debug('cURLd');
$resp = $output;
$resp = json_decode($resp);
if (isset($resp->code) && $resp->code == 1) {
return TRUE;
} else {
return FALSE;
}
}
protected function get_end_point_url($api = TRUE)
{
$current_url = $this->getHttpsPrefix();
$current_url .= str_replace(realpath($_SERVER["DOCUMENT_ROOT"]), $_SERVER['HTTP_HOST'], realpath(dirname(dirname(__FILE__))));
if ($api) {
$current_url .= '/api.php';
} else {
$current_url .= '/';
}
$current_url = rtrim($current_url, '/');
return $current_url;
}
public function setRootApiUri($rootApiUri)
{
if ($rootApiUri == false) {
return false;
}
$subFolderIfAny = str_replace($_SERVER['DOCUMENT_ROOT'], '', $rootApiUri);
$current_url = $this->getHttpsPrefix();
$current_url .= rtrim($_SERVER['HTTP_HOST'], '/') . '/' . ltrim($subFolderIfAny, '/');
$this->rootApiUri = $current_url;
return;
}
protected function getHttpsPrefix(){
if (@$_SERVER['HTTPS'] == 'on' || @$_SERVER['SERVER_PORT'] == '443' || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) {
return "https://";
} else {
return "http://";
}
}
protected function is_request_from_astra()
{
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : "empty";
if (strpos($user_agent, "astra") !== false) {
return true;
}
return false;
}
public function setup()
{
$res = explode(".", CZ_ASTRA_CLIENT_VERSION);
$version['major'] = $res[0];
$version['minor'] = $res[1];
$version['patch'] = $res[2];
$client_api_url = !empty($this->rootApiUri) ? $this->rootApiUri : $this->get_end_point_url();
$dataArray = array(
"version" => $version,
"client_api_url" => $client_api_url,
"platform" => CZ_PLATFORM,
);
/* print_r($dataArray); */
echo_debug('SETUP API Send Request');
echo_debug(serialize($dataArray));
return $this->send_request("setup", $dataArray);
}
public function custom_rule($action, $type, $ip_address = "")
{
$dataArray['rule_action'] = $action;
$dataArray['rule_type'] = $type;
$dataArray['ip_address'] = $ip_address;
return $this->send_request("custom_rule", $dataArray);
}
/*
public function custom_rule($action, $type, $ip_address = "") {
}
*
*/
public function hook_has_loggedin($dataArray = array())
{
if ($dataArray[0]['success'] === 1) {
return false;
}
require_once(__DIR__ . '/../Astra.php');
$astra = new Astra();
ASTRA::$_db->log_hit(ASTRA::$_ip);
$dataArray[0]['blocking'] = (ASTRA::$_db->is_blocked_or_trusted(ASTRA::$_ip, false, ASTRA::$_config) == "blocked") ? 1 : 0;
return true;
}
public function send_request($api = "", $dataArray = array(), $platform = "php")
{
if ($this->is_request_from_astra()) {
return false;
}
$callback = array($this, 'hook_' . $api);
if (is_callable($callback)) {
$hookResponse = call_user_func($callback, array($dataArray));
if (is_array($hookResponse)) {
$dataArray = $hookResponse;
}
}
$dataArray['client_key'] = CZ_CLIENT_KEY;
$dataArray['api'] = $api;
//$dataArray['site'] = $_SERVER['SERVER_NAME'];
$dataArray['site'] = $_SERVER['SERVER_NAME'];
if (!isset($dataArray['version'])) {
$dataArray['version'] = CZ_ASTRA_CLIENT_VERSION;
}
$browser = new Browser_Astra();
$browser_info['useragent'] = $browser->getUserAgent();
$browser_info['browser_name'] = $browser->getBrowser();
$browser_info['version'] = $browser->getVersion();
$browser_info['platform'] = $browser->getPlatform();
$browser_info['isMobile'] = $browser->isMobile();
$browser_info['isTablet'] = $browser->isTablet();
$dataArray['ip'] = ASTRA::$_ip;
if ($dataArray['ip'] == "") {
$dataArray['ip'] = "::1";
return false;
}
$dataArray['browser'] = $browser_info;
$dataArray['attack_url'] = htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES, 'UTF-8');
echo_debug($this->api_url);
echo_debug($dataArray);
$str = serialize($dataArray);
$crypto = new Astra_crypto();
$encrypted_data = $crypto->encrypt($str, CZ_SECRET_KEY);
if ($platform == "wordpress") {
$post_param = array(
"encRequest" => $encrypted_data,
"access_code" => CZ_ACCESS_KEY,
);
$response = wp_remote_post($this->api_url, array(
'method' => 'POST',
'timeout' => 5,
'redirection' => 5,
'httpversion' => '1.0',
'blocking' => true,
'headers' => array(),
'body' => $post_param,
'cookies' => array()
)
);
if (is_wp_error($response) || (isset($response['body']) && is_wp_error($response['body']))) {
return true;
}
$resp = $response['body'];
} else {
echo_debug('cURLing');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->api_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "encRequest=" . $encrypted_data . "&access_code=" . CZ_ACCESS_KEY);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$output = curl_exec($ch);
echo_debug('cURL Executed');
echo_debug('cURL Error >> ' . curl_error($ch));
echo_debug("<pre style='border: 2px solid #000; padding: 20px;'>$output</pre>");
if (curl_error($ch)) {
$error_msg = curl_error($ch);
}
curl_close($ch);
echo_debug('cURLd');
$resp = $output;
}
$resp = json_decode($resp);
if (isset($error_msg)) {
//echo $error_msg;
}
//var_dump($output);
if (isset($resp->code) && $resp->code == 1) {
return TRUE;
} else {
return FALSE;
}
}
}
/* End of file api_connect.php */
?>

45
libraries/Astra_country.php
View File

@ -1,45 +0,0 @@
<?php
if (!defined('ASTRAPATH'))
exit('No direct script access allowed');
use MaxMind\Db\Reader;
if (!class_exists("Astra_country")) {
class Astra_country
{
function __construct()
{
}
function get_country($ip_address){
$country_cf = $this->get_country_cf($ip_address);
if($country_cf !== false){
return $country_cf;
}
$ignore_ips = array("0.0.0.0", "0.255.255.255");
if(!in_array($ip_address, $ignore_ips) ){
require_once(ASTRAPATH . 'libraries/plugins/MaxMind-DB-Reader/autoload.php');
$reader = new Reader(ASTRAPATH . 'libraries/plugins/MaxMind-DB-Reader/GeoLite2-Country.mmdb');
if(isset($reader->get($ip_address)['country']['iso_code'])){
return strtoupper($reader->get($ip_address)['country']['iso_code']);
}
}
return 'US';
}
protected function get_country_cf($ip_address){
if(isset($_SERVER["HTTP_CF_IPCOUNTRY"]) && strlen($_SERVER["HTTP_CF_IPCOUNTRY"]) == 2 && is_string($_SERVER["HTTP_CF_IPCOUNTRY"])){
return strtoupper($_SERVER["HTTP_CF_IPCOUNTRY"]);
}
return false;
}
}
}

61
libraries/Astra_ip.php
View File

@ -1,61 +0,0 @@
<?php
if (!class_exists("Astra_ip")) {
class Astra_ip
{
function __construct()
{
}
function get_ip_address()
{
if (defined("CZ_IP_HEADER")) {
if (array_key_exists(CZ_IP_HEADER, $_SERVER)) {
return $_SERVER[CZ_IP_HEADER];
}
}
$serverIp = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : '';
$ip_keys = array('HTTP_CF_CONNECTING_IP', 'HTTP_X_SUCURI_CLIENTIP', 'HTTP_X_REAL_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR');
foreach ($ip_keys as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $ip) {
// trim for safety measures
$ip = trim($ip);
// attempt to validate IP
if (($this->validate_ip($ip) || $this->validate_ipv6($ip)) && $ip !== $serverIp) {
return $ip;
}
}
}
}
return isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : false;
}
/**
* Ensures an ip address is both a valid IP and does not fall within
* a private network range.
*/
function validate_ipv6($ip)
{
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
return true;
}
return false;
}
function validate_ip($ip)
{
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false) {
return false;
}
return true;
}
}
}

150
libraries/Astra_setup.php
View File

@ -1,150 +0,0 @@
<?php
/**
*
*
* @author Ananda Krishna <ak@getastra.com>
* @date 2019-04-15
*/
class Astra_setup
{
private $basePath;
private $filesCreated = false;
public function getFilesCreated()
{
return $this->filesCreated;
}
public function createAstraFiles()
{
$folderPath = $this->getBasePath();
if ($folderPath == false || !file_exists($folderPath)) {
return false;
}
$astraPath = rtrim($folderPath, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . 'astra' . DIRECTORY_SEPARATOR;
if (!file_exists($astraPath) && !is_dir($astraPath) && is_writable($folderPath)) {
mkdir($astraPath, 0755);
}
if (file_exists($astraPath)) {
$this->createFiles($folderPath, $astraPath);
}
}
public function getRootApiFilePath()
{
$folderPath = $this->getBasePath();
if ($folderPath == false || !file_exists($folderPath)) {
return false;
}
$astraPath = rtrim($folderPath, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . 'astra' . DIRECTORY_SEPARATOR;
return $astraPath . 'api.php';
}
public function getRootApiFileUri()
{
$folderPath = $this->getBasePath();
if ($folderPath == false || !file_exists($folderPath)) {
return false;
}
$astraPath = rtrim($folderPath, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . 'astra' . DIRECTORY_SEPARATOR;
$astraPath = str_replace('\\', '/', $astraPath);
return $astraPath . 'api.php';
}
public function getRealApiFileUri(){
}
public function createFiles($folderPath, $astraPath)
{
$dir = $this->processPath(dirname(__DIR__));
$files = array('api.php', 'ak.php', 'gk.php');
$relPath = $this->getRelativePluginFolderPath();
foreach ($files as $file) {
$content = "";
$content = <<<EDT
<?php
\$astraPath = getcwd() . "/../{$relPath}/{$file}";
if(file_exists(\$astraPath)){
include_once(\$astraPath);
}
EDT;
if (!file_exists($astraPath . $file)) {
@file_put_contents($astraPath . $file, $content);
}
if (file_exists($astraPath . $file)) {
$this->filesCreated = true;
}
}
}
public function getRelativePluginFolderPath()
{
$base = $this->getBasePath();
$dir = $this->processPath(__DIR__);
$rel = dirname(str_replace($base, "", $dir));
return $rel;
}
protected function processPath($path)
{
$isBitnami = strpos($path, "bitnami") !== false;
$isOpt = strpos($path, "/opt/") !== false;
if ($isBitnami && !$isOpt) {
return DIRECTORY_SEPARATOR . 'opt' . DIRECTORY_SEPARATOR . ltrim($path, DIRECTORY_SEPARATOR);
}
return $path;
}
public function getBasePath()
{
if (!empty($basePath)) {
return $basePath;
}
$path = $this->processPath(__FILE__);
$basePath = "";
$possibleBreakWords = array('/wp-content/', '/catalog/controller/extension/', '/sites/all/modules/', '/modules/', '/app/code/', '/astra/');
foreach ($possibleBreakWords as $word) {
if (strpos($path, $word) !== false) {
$basePath = strstr($path, $word, true) . DIRECTORY_SEPARATOR;
break;
}
}
if (empty($basePath)) {
$basePath = false;
}
$this->basePath = $basePath;
return $basePath;
}
}

108
libraries/Bad_bots.php
View File

@ -1,108 +0,0 @@
<?php
if (!defined('ASTRAPATH'))
define('ASTRAPATH', dirname(__FILE__) . '/');
if (!class_exists('Bad_bots')) {
class Bad_bots {
protected $user_agent;
protected $ip_address;
protected $is_fake_bot=false;
protected $search_engine = array();
function __construct($ua, $ip) {
$this->user_agent = $ua;
$this->ip_address = $ip;
$this->search_engine = array(
'google' => false,
'bing' => false,
);
}
public function is_search_engine(){
return $this->is_google_bot() || $this->is_bing_bot();
}
public function is_bing_bot(){
if(!strstr(strtolower($this->user_agent), "bingbot")){
return FALSE;
}
if(filter_var($this->ip_address, FILTER_VALIDATE_IP) === false){
return FALSE;
}
$host = gethostbyaddr($this->ip_address);
$allowed_domains = array("msn.com");
$domain = $this->get_host($host);
if(!in_array($domain, $allowed_domains)){
$this->is_fake_bot = TRUE;
return FALSE;
}
$forward_ip = gethostbyname($host);
if($forward_ip === $this->ip_address){
return TRUE;
}
return FALSE;
}
public function is_google_bot(){
//Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
if(!strstr(strtolower($this->user_agent), "googlebot")){
return FALSE;
}
return $this->verify_google_bot();
}
public function is_fake_bot(){
return $this->is_fake_bot;
}
protected function verify_google_bot(){
if(filter_var($this->ip_address, FILTER_VALIDATE_IP) === false){
return FALSE;
}
$host = gethostbyaddr($this->ip_address);
$allowed_domains = array("google.com", "googlebot.com", "googleusercontent.com");
$domain = $this->get_host($host);
if(!in_array($domain, $allowed_domains)){
//ip-returns-other-domain
$this->is_fake_bot = TRUE;
return FALSE;
}
$forward_ip = gethostbyname($host);
if($forward_ip === $this->ip_address){
return TRUE;
}
return FALSE;
}
protected function get_host($host_with_subdomain) {
$array = explode(".", $host_with_subdomain);
return (array_key_exists(count($array) - 2, $array) ? $array[count($array) - 2] : "").".".$array[count($array) - 1];
}
public function run() {
}
}
}
?>

18
libraries/Config_file.php
View File

@ -1,18 +0,0 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
/**
* Description of Config_file
*
* @author anandakrishna
*/
class Config_file {
public function __construct() {
echo "Hi";
}
}

84
libraries/Config_options.php
View File

@ -1,84 +0,0 @@
<?php
/**
* Class AstraConfig
*/
if (!class_exists('AstraConfig')) {
Class AstraConfig
{
private $_config = array();
private $_blocked_countries = null;
private $_trusted_countries = null;
function __construct(){
ASTRA::connect_db();
$this->_autoload_config();
}
protected function _autoload_config()
{
$rows = ASTRA::$_db->get_config_autoload();
foreach($rows as $row){
$this->_config[$row['config_key']] = $row['config_value'];
}
}
function get_config($data)
{
if(isset($this->_config[$data['key']])){
return $this->_config[$data['key']];
}
$key_value = ASTRA::$_db->get_config($data['key']);
$this->_config[$data['key']] = $key_value;
return $key_value;
}
function add_config($data)
{
$key_value = ASTRA::$_db->add_config($data['key'],$data['value'],$data['autoload']);
return $key_value;
}
function add_config_value($data)
{
$key_value = ASTRA::$_db->add_config_value($data['key'],$data['value']);
return $key_value;
}
function delete_config($data)
{
$key_value = ASTRA::$_db->delete_config($data['key'],$data['value']);
return $key_value;
}
function delete_config_value($data)
{
$key_value = ASTRA::$_db->delete_config_value($data['key'],$data['value']);
return $key_value;
}
function update_config($data)
{
$key_value = ASTRA::$_db->update_config($data['key'],$data['value'],$data['autoload']);
return $key_value;
}
function update_country($data)
{
$key_value = ASTRA::$_db->update_country($data['key'],$data['value']);
return $key_value;
}
}
}

71
libraries/Crypto.php
View File

@ -1,71 +0,0 @@
<?php
class Astra_crypto
{
function encrypt($plainText, $key)
{
$ivsize = openssl_cipher_iv_length('AES-128-CBC');
$plainPad = $this->pkcs5_pad($plainText, $ivsize);
$secretKey = $this->hextobin(md5($key));
$initVector = pack("C*", 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f);
$ciphertext = openssl_encrypt(
$plainPad,
'AES-128-CBC',
$secretKey,
OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING,
$initVector
);
return bin2hex($ciphertext);
}
function decrypt($encryptedText, $key)
{
$secretKey = $this->hextobin(md5($key));
$initVector = pack("C*", 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f);
$encryptedText = $this->hextobin($encryptedText);
$decryptedText = openssl_decrypt(
$encryptedText,
'AES-128-CBC',
$secretKey,
OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING,
$initVector
);
$decryptedText = rtrim($decryptedText, "\0");
return $decryptedText;
}
//*********** Padding Function *********************
protected function pkcs5_pad($plainText, $blockSize)
{
$pad = $blockSize - (strlen($plainText) % $blockSize);
return $plainText . str_repeat(chr($pad), $pad);
}
//********** Hexadecimal to Binary function for php 4.0 version ********
protected function hextobin($hexString)
{
$length = strlen($hexString);
$binString = "";
$count = 0;
while ($count < $length) {
$subString = substr($hexString, $count, 2);
$packedString = pack("H*", $subString);
if ($count == 0) {
$binString = $packedString;
} else {
$binString .= $packedString;
}
$count += 2;
}
return $binString;
}
}

276
libraries/PHPIDS.php
View File

@ -1,276 +0,0 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
/**
* Description of PHPIDS
*
* @author anandakrishna
*/
require_once(ASTRAPATH . 'Astra.php');
class PHPIDS
{
public function __construct($db, $ip)
{
$this->run();
}
protected function encode_items(&$item, $key)
{
$orig = $item;
//$item = iconv("UTF-8", "ASCII//IGNORE", $item);
$item = iconv("UTF-8", "ISO-8859-1//IGNORE", $item);
if ($orig !== $item) {
$item = preg_replace('/[^a-zA-Z0-9]/', '', $item);
$item = str_replace("--", "", $item);
}
}
protected function get_scan_array()
{
$keys_to_scan = defined('CZ_SCAN_ARRAYS') ? explode(',', CZ_SCAN_ARRAYS) : array('GET', 'POST');
$request = array();
if (in_array('GET', $keys_to_scan)) {
$request['GET'] = $_GET;
}
if (in_array('POST', $keys_to_scan)) {
$request['POST'] = $_POST;
}
if (in_array('REQUEST', $keys_to_scan)) {
$request['REQUEST'] = $_REQUEST;
}
if (in_array('COOKIE', $keys_to_scan)) {
$request['COOKIE'] = $_COOKIE;
}
return $request;
}
protected function is_monitoring_mode($keys_to_scan, $param)
{
$which_key = strtok($param, '.');
return !in_array($which_key, $keys_to_scan);
}
public function run()
{
if (file_exists(dirname(__FILE__) . '/plugins/IDS/Init.php')) {
require_once(dirname(__FILE__) . '/plugins/IDS/Init.php');
require_once(dirname(__FILE__) . '/plugins/IDS/Monitor.php');
} else {
return FALSE;
}
try {
$request = $this->get_scan_array();
// $request = array(
// 'GET' => $_GET,
// 'POST' => $_POST,
// );
if (defined('CZ_ALLOW_FOREIGN_CHARS') && CZ_ALLOW_FOREIGN_CHARS == TRUE) {
array_walk_recursive($request, array($this, 'encode_items'));
}
$tmpFolderPath = ASTRAPATH . 'libraries/plugins/IDS/Config/Config.ini.php';
if (!is_writable($tmpFolderPath)) {
//chmod($tmpFolderPath, 0775);
}
$init = IDS_Init::init(ASTRAPATH . 'libraries/plugins/IDS/Config/Config.ini.php');
$init->config['General']['base_path'] = ASTRAPATH . 'libraries/plugins/IDS/';
$init->config['General']['use_base_path'] = true;
$init->config['Caching']['caching'] = 'none';
$exceptions = $this->get_exceptions($request);
$ids = new IDS_Monitor($request, $init);
$ids->setExceptions($exceptions['exceptions']);
$ids->setHtml($exceptions['html']);
$ids->setJson($exceptions['json']);
echo_debug('IDS Initialized');
$result = $ids->run();
echo_debug('IDS has run');
if (!$result->isEmpty()) {
if ($result->getImpact() < 10) {
return true;
}
echo_debug('IDS found issues. Will do +1 now.');
//Increment Hack Attempt Count
$str_tags = "";
$dataArray = array();
foreach ($result->getTags() as $tag)
$str_tags .= '|' . $tag;
$iterator = $result->getIterator();
$param = "";
$attack_param = null;
$is_monitoring = true;
// $keys_to_scan = defined('CZ_SCAN_ARRAYS') ? explode(',', CZ_SCAN_ARRAYS) : array('GET', 'POST');
foreach ($iterator as $threat) {
$param = urlencode($threat->getName());
/*if (!$this->is_monitoring_mode($keys_to_scan, $param)) {
$is_monitoring = false;
}*/
if (CZ_ASTRA_MODE == 'monitor') {
$is_monitoring = TRUE;
} else {
$is_monitoring = FALSE;
}
$attack_param[] = urlencode($threat->getName());
$param .= "p=" . urlencode($threat->getName()) . "|v=" . urlencode($threat->getValue());
$param .= "|id=";
foreach ($threat->getFilters() as $filter) {
$param .= $filter->getId() . ",";
}
$param = rtrim($param, ',') . "#";
}
if ($is_monitoring) {
$dataArray['blocking'] = 3;
} else {
ASTRA::$_db->log_hit(ASTRA::$_ip);
$dataArray['blocking'] = (ASTRA::$_db->is_blocked_or_trusted(ASTRA::$_ip, false, ASTRA::$_config) == "blocked") ? 2 : 1;
}
$param = rtrim($param, '#');
$dataArray['i'] = $result->getImpact();
$dataArray["tags"] = $str_tags;
$dataArray['param'] = $param;
require_once(ASTRAPATH . 'libraries/API_connect.php');
$connect = new API_connect();
$connect->send_request("ids", $dataArray);
if (!$is_monitoring) {
ASTRA::show_block_page($attack_param);
}
} else {
echo_debug('IDS says all is okay');
}
} catch (Exception $e) {
printf('An error occured: %s', $e->getMessage());
}
}
protected function get_exceptions($request = array())
{
$data = array('exceptions' => array(), 'json' => array(), 'html' => array());
$db_params = ASTRA::$_db->get_custom_params();
$default_exceptions = array(
'REQUEST._pk_ref_3_913b',
'COOKIE._pk_ref_3_913b',
'REQUEST._lf',
'REQUEST.comment',
'POST.comment',
'REQUEST.permalink_structure',
'POST.permalink_structure',
'REQUEST.selection',
'POST.selection',
'REQUEST.content',
'POST.content',
'REQUEST.__utmz',
'COOKIE.__utmz',
'REQUEST.s_pers',
'COOKIE.s_pers',
'REQUEST.user_pass',
'POST.user_pass',
'REQUEST.pass1',
'POST.pass1',
'REQUEST.pass2',
'POST.pass2',
'REQUEST.password',
'POST.password',
'GET.gclid',
'GET.access_token',
'POST.customize',
'POST.post_data',
'POST.mail.body',
'POST.mail.subject',
'POST.mail.sender',
'POST.form',
'POST.customized',
'POST.partials',
'GET.mc_id',
'POST.shortcode',
'POST.mail_2.body',
'POST.mail_2.subject',
'POST.enquiry',
'POST.pwd',
'POST.g-recaptcha-response',
'POST.g-recaptcha-res',
'/POST.state_([0-999]*)$/',
'/POST.input_([0-999]*)$/',
'POST.form_token',
'GET.fbclid',
'POST.itsec_two_factor_on_board_data',
'GET.mainwpsignature',
'POST.wp_statistics_hit',
'POST.customize_messenger_channel',
'POST.product.media_gallery.values',
'GET.utm_source',
'GET.utm_medium',
'GET.utm_campaign',
'POST.fl_builder_data.data.settings.content',
'/POST.fl_builder_data.node_preview.items.([0-999]*)$/',
'POST.fl_builder_data.settings.text',
'/POST.fl_builder_data.*/',
);
$data['exceptions'] = array_merge($default_exceptions, $db_params['exception']);
$data['html'] = $db_params['html'];
//if (!defined('CZ_JSON_EXCLUDE_ALL') || CZ_JSON_EXCLUDE_ALL === FALSE) {
// $data['json'] = $db_params['json'];
//} else {
$data['json'] = array();
foreach ($request as $array => $keys) {
foreach ($keys as $k => $par) {
$data['json'][] = "$array.$k";
}
}
//}
return $data;
}
}

1289
libraries/SQLite_db.php
View File

File diff suppressed because it is too large Load Diff

76
libraries/Token_bucket.php
View File

@ -1,76 +0,0 @@
<?php
/**
* Description of Token_bucket
*
* @author anandakrishna
*/
if (!defined('ASTRAPATH'))
define('ASTRAPATH', dirname(__FILE__) . '/');
if (!class_exists('Token_bucket')) {
class Token_bucket {
protected static $_minute;
protected static $_minute_limit;
function __construct() {
}
public static function run() {
require_once(ASTRAPATH . 'Astra.php');
self::$_minute = ASTRA::$cz_lvl[CZ_CONFIG_LVL]['token_bucket']['minute'];
self::$_minute_limit = ASTRA::$cz_lvl[CZ_CONFIG_LVL]['token_bucket']['minute_limit']; #users are limited to 100 requests/minute
ASTRA::connect_db();
$get_api_request = ASTRA::$_db->get_api_request(ASTRA::$_ip);
//print_r($get_api_request);
$last_api_request = $get_api_request['last_api_request']; # get from the DB; in epoch seconds
$last_api_diff = time() - $last_api_request; # in seconds
$minute_throttle = $get_api_request['throttle_minute']; # get from the DB
$reported = isset($get_api_request['reported']) ? $get_api_request['reported'] : 0;
if (is_null(self::$_minute_limit)) {
$new_minute_throttle = 0;
} else {
$new_minute_throttle = $minute_throttle - $last_api_diff;
$new_minute_throttle = $new_minute_throttle < 0 ? 0 : $new_minute_throttle;
$new_minute_throttle += self::$_minute / self::$_minute_limit;
$minute_hits_remaining = floor(( self::$_minute - $new_minute_throttle ) * self::$_minute_limit / self::$_minute);
# can output this value with the request if desired:
$minute_hits_remaining = $minute_hits_remaining >= 0 ? $minute_hits_remaining : 0;
$reported = 0;
}
if ($new_minute_throttle > self::$_minute) {
$wait = ceil($new_minute_throttle - self::$_minute);
if (!$reported) {
/* Send API hit */
require_once(ASTRAPATH . 'libraries/API_connect.php');
$connect = new API_connect();
$reported = (int) $connect->send_request("token_bucket", array('blocking' => 2));
}
usleep(250000);
/**/
die('The one-minute Request limit of ' . self::$_minute_limit . ' requests has been exceeded. Please wait ' . $wait . ' seconds before attempting again.');
}
# Save the values back to the database.
$data = array(
'last_api_request' => time(),
);
ASTRA::$_db->save_api_request(ASTRA::$_ip, time(), $new_minute_throttle, $reported);
}
}
}

111
libraries/Update_DB.php
View File

@ -1,111 +0,0 @@
<?php
if (!class_exists('Update_DB')) {
class Update_DB {
function __construct() {
$this->run();
echo_debug('<strong>Constructor DB</strong>');
}
protected function is_request_from_astra(){
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : "empty";
if(strpos($user_agent, "astra") !== false){
return true;
}
if(file_exists(ASTRAPATH . 'db/astra-setup.flag')){
return true;
}
return false;
}
protected function make_request() {
if($this->is_request_from_astra()){
return false;
}
require_once(ASTRAPATH . 'libraries/Crypto.php');
echo_debug('cURLing to ' . CZ_API_URL);
$dataArray['client_key'] = CZ_CLIENT_KEY;
$dataArray['api'] = "get_db";
$str = serialize($dataArray);
$crypto = new Astra_crypto();
$encrypted_data = $crypto->encrypt($str, CZ_SECRET_KEY);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, CZ_API_URL);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "encRequest=" . $encrypted_data . "&access_code=" . CZ_ACCESS_KEY);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$output = curl_exec($ch);
echo_debug('cURL Executed');
echo_debug('cURL Error >> ' . curl_error($ch));
echo_debug("<pre style='border: 2px solid #000; padding: 20px;'>$output</pre>");
$errors = curl_error($ch);
curl_close($ch);
if ($errors) {
return FALSE;
} else {
return $output;
}
}
function run() {
$server_reply = $this->make_request();
if ($server_reply === FALSE) {
echo_debug('Update False');
return FALSE;
} else {
$server_reply = json_decode($server_reply);
echo_debug('JSON Decoded');
}
if ($server_reply->code == 1) {
echo_debug('Valid Response');
$bots = json_decode($server_reply->bots);
$custom_rules = json_decode($server_reply->custom_rules);
}
else{
echo_debug('Not a valid Response');
echo_debug(json_encode($server_reply));
}
//print_r($bots);
//print_r($custom_rules);
echo_debug('Connecting DB');
ASTRA::connect_db();
echo_debug('DB Connected');
$update_bad_bots = ASTRA::$_db->update_bad_bots($bots);
$update_custom_params = ASTRA::$_db->update_custom_params($custom_rules->params);
$update_custom_ip = ASTRA::$_db->update_custom_ip($custom_rules->ip);
if ($update_bad_bots && $update_custom_params && $update_custom_ip) {
return TRUE;
} else {
return FALSE;
}
}
}
}

91
libraries/Update_config.php
View File

@ -1,91 +0,0 @@
<?php
if (!function_exists('Update_config')) {
function Update_config($str_constant, $str_replace, $check_for_quotes = TRUE) {
if (base64_decode($str_replace, true))
$str_replace = base64_decode($str_replace);
else
return FALSE;
$first_char = substr($str_replace, 0, 1);
$last_char = substr($str_replace, -1);
$allowed = array("'", '"');
if ($check_for_quotes == TRUE) {
if (in_array($first_char, $allowed) && in_array($last_char, $allowed)) {
} else {
return FALSE;
}
}
$path_to_astra_config = CZ_CONFIG_PATH;
if (file_exists($path_to_astra_config))
$config_file = file($path_to_astra_config);
else
return FALSE;
if(count($config_file) < 4){
$dirty = file_get_contents($path_to_astra_config);
$config_file = preg_split("/\\r\\n|\\r|\\n/", $dirty);
}
foreach ($config_file as $line_num => $line) {
$line_trim = trim($line);
$str_define = strpos($line_trim, 'define("');
if ($str_define === false || $str_define != 0)
continue;
$line_temp = str_replace('define(', '', $line_trim);
$line_temp = str_replace(');', '', $line_temp);
$matches = explode(",", $line_temp);
$constant = $matches[0];
$padding = $matches[1];
$constant = str_replace('"', "", $constant);
json_decode(substr($str_replace, 1, -1));
if (json_last_error() == 0) {
$data['key'] = 'file_uploads';
$config = new AstraConfig();
if($config->get_config($data)){
$data['value'] = "";
$config->delete_config($data);
$data['value'] = json_decode(substr($str_replace, 1, -1));
$data['autoload'] = 1;
$config->add_config($data);
}else{
$data['value'] = json_decode(substr($str_replace, 1, -1));
$data['autoload'] = 1;
$config->add_config($data);
}
}else{
if ($constant == $str_constant) {
$config_file[$line_num] = 'define("' . $constant . '", ' . $str_replace . ');' . "\r\n";
break;
} else {
}
}
}
$handle = fopen($path_to_astra_config, 'w');
foreach ($config_file as $line) {
fwrite($handle, rtrim($line) . "\r\n");
}
fclose($handle);
chmod($path_to_astra_config, 0666);
return TRUE;
}
}

235
libraries/Updater.php
View File

@ -1,235 +0,0 @@
<?php
ini_set('max_execution_time', 60);
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
if (!class_exists('Astra_updater')) {
class Astra_updater
{
protected $paths = array();
protected $errors = array();
protected $server_version;
protected $update_file_name;
protected $updated = FALSE;
public function __construct($server_version = "")
{
$this->server_version = $server_version;
$this->paths['local_path'] = dirname(dirname(__FILE__)) . '/updates/';
echo_debug("Local path: " . $this->paths['local_path']);
}
public function is_update()
{
if (1 == 1 || version_compare($this->server_version, CZ_ASTRA_CLIENT_VERSION) > 0) {
$this->update_file_name = 'astra-' . trim($this->server_version) . '.zip';
echo_debug("Needs to be updated: " . $this->update_file_name);
return TRUE;
} else {
echo_debug("Update not required as:");
echo_debug(array("Server Version" => $this->server_version, "Client Version" => CZ_ASTRA_CLIENT_VERSION));
$this->add_error('update_not_required', 'Update not required. Latest version as per server is ' . $this->server_version . ' and client version is ' . CZ_ASTRA_CLIENT_VERSION);
return FALSE;
}
}
public function get_errors()
{
return $this->errors;
}
public function add_error($error_code, $error_message)
{
$this->errors[$error_code] = $error_message;
return true;
}
protected function is_valid_zip()
{
$zip = new ZipArchive;
$res = $zip->open($this->paths['local_path'] . $this->update_file_name, ZipArchive::CHECKCONS);
if ($res !== TRUE) {
switch ($res) {
case ZipArchive::ER_NOZIP :
echo_debug("Not a ZIP");
$this->add_error('zip_nozip', "The update zip is invalid");
$ret = FALSE;
/* Not a zip archive */
case ZipArchive::ER_INCONS :
echo_debug("Consistency check failed");
$this->add_error('zip_incons', "Failed to download update zip");
$ret = FALSE;
/* die('consistency check failed'); */
case ZipArchive::ER_CRC :
echo_debug("Error with CRC");
$this->add_error('zip_crc', "Update zip CRC failed");
$ret = FALSE;
default :
echo_debug("Checksum Failed");
$this->add_error('zip_checksum', "Update zip checksum failed");
$ret = FALSE;
}
if ($ret) {
$zip->close();
}
return $ret;
} else {
echo_debug("Update file is a valid ZIP");
return TRUE;
}
}
public function download_file()
{
$download_filename = $this->paths['local_path'] . $this->update_file_name;
if (file_exists($download_filename) && filesize($download_filename) < 5) {
unlink($download_filename);
}
if (!is_file($download_filename)) {
/* Download the File */
require_once(ASTRAPATH . 'libraries/Crypto.php');
$dataArray['client_key'] = CZ_CLIENT_KEY;
$dataArray['api'] = "download_package";
$str = serialize($dataArray);
$crypto = new Astra_crypto();
$encrypted_data = $crypto->encrypt($str, CZ_SECRET_KEY);
if (!is_dir($this->paths['local_path'])) {
echo_debug("Making updates directory");
mkdir($this->paths['local_path']);
}
if (is_writable(dirname($this->paths['local_path'] . $this->update_file_name))) {
$dlHandler = fopen($this->paths['local_path'] . $this->update_file_name, 'w');
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, "encRequest=" . $encrypted_data . "&access_code=" . CZ_ACCESS_KEY);
curl_setopt($ch, CURLOPT_URL, CZ_API_URL);
curl_setopt($ch, CURLOPT_FILE, $dlHandler);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-type: application/x-www-form-urlencoded',
));
$result = curl_exec($ch);
curl_close($ch);
fclose($dlHandler);
if ($this->is_valid_zip()) {
return TRUE;
} else {
/*
unlink($this->paths['local_path'] . $this->update_file_name);
echo_debug("Deleted ZIP file since it was not a valid.");
*
*/
return FALSE;
}
} else {
$this->add_error('update_folder_not_writable', 'Please ensure the following path is writable: ' . dirname($this->paths['local_path'] . $this->update_file_name));
return false;
}
} else {
echo_debug("Unable to write the file since the file probably exists");
return TRUE;
}
}
protected function migration()
{
if (file_exists(ASTRAPATH . 'upgrade.php')) {
echo_debug("Upgrade file exists and will be executed");
$output = shell_exec('php ' . ASTRAPATH . 'upgrade.php');
echo_debug($output);
unlink(ASTRAPATH . 'upgrade.php');
echo_debug("Upgrade file deleted");
return TRUE;
}
if (!strpos(__FILE__, 'xampp')) {
} else {
echo_debug("We are in local");
$fp = dirname(dirname(dirname(__FILE__))) . '/astra/' . 'upgrade.php';
echo_debug($fp);
if (file_exists($fp)) {
echo_debug("Upgrade file exists and will be executed");
$output = shell_exec('php ' . $fp);
echo_debug($output);
unlink($fp);
echo_debug("Upgrade file deleted");
return TRUE;
}
}
echo_debug('Upgrade file does not exist');
return TRUE;
}
public function update($platform = 'php')
{
$zip = new ZipArchive;
if ($zip->open($this->paths['local_path'] . $this->update_file_name) === TRUE) {
if ($platform == 'php') {
$extract_to = dirname(ASTRAPATH);
} else {
$extract_to = dirname(dirname(ASTRAPATH));
}
echo_debug("Will extract Update to: " . $extract_to);
$extracted = $zip->extractTo($extract_to);
$zip->close();
$this->migration();
if ($extracted) {
echo_debug("ZIP successfully extracted");
return TRUE;
} else {
$this->add_error('zip_extract_error', 'Failed to extract the update file');
echo_debug("ZIP extraction not successful");
return FALSE;
}
}
$this->add_error('zip_open_error', 'Failed to open the update file');
echo_debug("Unable to open Update ZIP File");
return FALSE;
}
public function delete()
{
if (file_exists($this->paths['local_path'] . $this->update_file_name)) {
if (unlink($this->paths['local_path'] . $this->update_file_name)) {
echo_debug("Just deleted: " . $this->paths['local_path'] . $this->update_file_name);
return TRUE;
} else {
echo_debug("File Exists but unable to delete: " . $this->paths['local_path'] . $this->update_file_name);
return FALSE;
}
} else {
$this->add_error('zip_delete_error', 'Failed to delete update file: ' . $this->paths['local_path'] . $this->update_file_name);
echo_debug("Unable to delete: " . $this->paths['local_path'] . $this->update_file_name);
}
}
}
}

67
libraries/Virtual_patches.php
View File

@ -1,67 +0,0 @@
<?php
/**
*
*
* @author Ananda Krishna <ak@getastra.com>
* @date 12/5/19
*/
if (!class_exists('Astra_virtual_patches')) {
class Astra_virtual_patches
{
protected $url;
protected $applied_patches = array();
function __construct()
{
if (!empty($_SERVER['REQUEST_URI'])) {
$this->url = $_SERVER['REQUEST_URI'];
}
}
function apply()
{
$methods = preg_grep('/^patch_/', get_class_methods($this));
foreach ($methods as $method) {
$is_applied = $this->{$method}();
if ($is_applied === TRUE) {
$this->applied_patches[] = $method;
}
}
//print_r($this->applied_patches);
}
function get_applied_patches()
{
return $this->applied_patches;
}
function url_contains($slug = '')
{
return (false !== strpos($this->url, $slug)) ? TRUE : FALSE;
}
function string_after($haystack, $needle)
{
return substr($haystack, strpos($haystack, $needle) + strlen($needle));
}
function patch_magento_smartwave_quickview()
{
if (!$this->url_contains('quickview/index/view/path')) {
return false;
}
$string_after = $this->string_after($this->url, 'quickview/index/view/path');
if ($this->url_contains(';') || strlen($string_after) > 3) {
return true;
}
}
}
}

1730
libraries/browser.php
View File

File diff suppressed because it is too large Load Diff

10
libraries/index.html
View File

@ -1,10 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
</body>
</html>

5
libraries/plugins/IDS/.htaccess
View File

@ -1,5 +0,0 @@
# in case PHPIDS is placed in the web-root
deny from all
# silence is golden
php_flag display_errors off

151
libraries/plugins/IDS/Caching/Apc.php
View File

@ -1,151 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Caching/Interface.php';
/**
* APC caching wrapper
*
* This class inhabits functionality to get and set cache via memcached.
*
* @category Security
* @package PHPIDS
* @author Yves Berkholz <godzilla80@gmx.net>
* @copyright 2007-2009 The PHPIDS Groupoup
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id$
* @link http://php-ids.org/
* @since Version 0.6.5
*/
class IDS_Caching_Apc implements IDS_Caching_Interface
{
/**
* Caching type
*
* @var string
*/
private $type = null;
/**
* Cache configuration
*
* @var array
*/
private $config = null;
/**
* Flag if the filter storage has been found in memcached
*
* @var boolean
*/
private $isCached = false;
/**
* Holds an instance of this class
*
* @var object
*/
private static $cachingInstance = null;
/**
* Constructor
*
* @param string $type caching type
* @param array $init the IDS_Init object
*
* @return void
*/
public function __construct($type, $init)
{
$this->type = $type;
$this->config = $init->config['Caching'];
}
/**
* Returns an instance of this class
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return object $this
*/
public static function getInstance($type, $init)
{
if (!self::$cachingInstance) {
self::$cachingInstance = new IDS_Caching_Apc($type, $init);
}
return self::$cachingInstance;
}
/**
* Writes cache data
*
* @param array $data the caching data
*
* @return object $this
*/
public function setCache(array $data)
{
if(!$this->isCached)
apc_store($this->config['key_prefix'] . '.storage',
$data, $this->config['expiration_time']);
return $this;
}
/**
* Returns the cached data
*
* Note that this method returns false if either type or file cache is
* not set
*
* @return mixed cache data or false
*/
public function getCache()
{
$data = apc_fetch($this->config['key_prefix'] . '.storage');
$this->isCached = !empty($data);
return $data;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

291
libraries/plugins/IDS/Caching/Database.php
View File

@ -1,291 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Caching/Interface.php';
/**
* Needed SQL:
*
#create the database
CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER
SET utf8 COLLATE utf8_general_ci;
DROP TABLE IF EXISTS `cache`;
#now select the created datbase and create the table
CREATE TABLE `cache` (
`type` VARCHAR( 32 ) NOT null ,
`data` TEXT NOT null ,
`created` DATETIME NOT null ,
`modified` DATETIME NOT null
) ENGINE = MYISAM ;
*/
/**
* Database caching wrapper
*
* This class inhabits functionality to get and set cache via a database.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Groupup
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Database.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Caching_Database implements IDS_Caching_Interface
{
/**
* Caching type
*
* @var string
*/
private $type = null;
/**
* Cache configuration
*
* @var array
*/
private $config = null;
/**
* DBH
*
* @var object
*/
private $handle = null;
/**
* Holds an instance of this class
*
* @var object
*/
private static $cachingInstance = null;
/**
* Constructor
*
* Connects to database.
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return void
*/
public function __construct($type, $init)
{
$this->type = $type;
$this->config = $init->config['Caching'];
$this->handle = $this->_connect();
}
/**
* Returns an instance of this class
*
* @static
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return object $this
*/
public static function getInstance($type, $init)
{
if (!self::$cachingInstance) {
self::$cachingInstance = new IDS_Caching_Database($type, $init);
}
return self::$cachingInstance;
}
/**
* Writes cache data into the database
*
* @param array $data the caching data
*
* @throws PDOException if a db error occurred
* @return object $this
*/
public function setCache(array $data)
{
$handle = $this->handle;
$rows = $handle->query('SELECT created FROM `' .
$this->config['table'].'`');
if (!$rows || $rows->rowCount() === 0) {
$this->_write($handle, $data);
} else {
foreach ($rows as $row) {
if ((time()-strtotime($row['created'])) >
$this->config['expiration_time']) {
$this->_write($handle, $data);
}
}
}
return $this;
}
/**
* Returns the cached data
*
* Note that this method returns false if either type or file cache is
* not set
*
* @throws PDOException if a db error occurred
* @return mixed cache data or false
*/
public function getCache()
{
try{
$handle = $this->handle;
$result = $handle->prepare('SELECT * FROM `' .
$this->config['table'] .
'` where type=?');
$result->execute(array($this->type));
foreach ($result as $row) {
return unserialize($row['data']);
}
} catch (PDOException $e) {
throw new PDOException('PDOException: ' . $e->getMessage());
}
return false;
}
/**
* Connect to database and return a handle
*
* @return object PDO
* @throws Exception if connection parameters are faulty
* @throws PDOException if a db error occurred
*/
private function _connect()
{
// validate connection parameters
if (!$this->config['wrapper']
|| !$this->config['user']
|| !$this->config['password']
|| !$this->config['table']) {
throw new Exception('
Insufficient connection parameters'
);
}
// try to connect
try {
$handle = new PDO(
$this->config['wrapper'],
$this->config['user'],
$this->config['password']
);
$handle->setAttribute(
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true
);
} catch (PDOException $e) {
throw new PDOException('PDOException: ' . $e->getMessage());
}
return $handle;
}
/**
* Write the cache data to the table
*
* @param object $handle the database handle
* @param array $data the caching data
*
* @return object PDO
* @throws PDOException if a db error occurred
*/
private function _write($handle, $data)
{
try {
$handle->query('TRUNCATE ' .
$this->config['table'].'');
$statement = $handle->prepare('
INSERT INTO `' .
$this->config['table'].'` (
type,
data,
created,
modified
)
VALUES (
:type,
:data,
now(),
now()
)
');
$statement->bindParam('type',
$handle->quote($this->type));
$statement->bindParam('data', serialize($data));
if (!$statement->execute()) {
throw new PDOException($statement->errorCode());
}
} catch (PDOException $e) {
throw new PDOException('PDOException: ' . $e->getMessage());
}
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

94
libraries/plugins/IDS/Caching/Factory.php
View File

@ -1,94 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* Caching factory
*
* This class is used as a factory to load the correct concrete caching
* implementation.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Factory.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Caching
{
/**
* Factory method
*
* @param object $init the IDS_Init object
* @param string $type the caching type
*
* @return object the caching facility
*/
public static function factory($init, $type)
{
$object = false;
$wrapper = preg_replace(
'/\W+/m',
null,
ucfirst($init->config['Caching']['caching'])
);
$class = 'IDS_Caching_' . $wrapper;
$path = dirname(__FILE__) . DIRECTORY_SEPARATOR .
$wrapper . '.php';
if (file_exists($path)) {
include_once $path;
if (class_exists($class)) {
$object = call_user_func(array($class, 'getInstance'),
$type, $init);
}
}
return $object;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

187
libraries/plugins/IDS/Caching/File.php
View File

@ -1,187 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Caching/Interface.php';
/**
* File caching wrapper
*
* This class inhabits functionality to get and set cache via a static flatfile.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:File.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Caching_File implements IDS_Caching_Interface
{
/**
* Caching type
*
* @var string
*/
private $type = null;
/**
* Cache configuration
*
* @var array
*/
private $config = null;
/**
* Path to cache file
*
* @var string
*/
private $path = null;
/**
* Holds an instance of this class
*
* @var object
*/
private static $cachingInstance = null;
/**
* Constructor
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return void
*/
public function __construct($type, $init)
{
$this->type = $type;
$this->config = $init->config['Caching'];
$this->path = $init->getBasePath() . $this->config['path'];
if (file_exists($this->path) && !is_writable($this->path)) {
throw new Exception('Make sure all files in ' .
htmlspecialchars($this->path, ENT_QUOTES, 'UTF-8') .
'are writeable!');
}
}
/**
* Returns an instance of this class
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return object $this
*/
public static function getInstance($type, $init)
{
if (!self::$cachingInstance) {
self::$cachingInstance = new IDS_Caching_File($type, $init);
}
return self::$cachingInstance;
}
/**
* Writes cache data into the file
*
* @param array $data the cache data
*
* @throws Exception if cache file couldn't be created
* @return object $this
*/
public function setCache(array $data)
{
if (!is_writable(preg_replace('/[\/][^\/]+\.[^\/]++$/', null,
$this->path))) {
throw new Exception('Temp directory ' .
htmlspecialchars($this->path, ENT_QUOTES, 'UTF-8') .
' seems not writable');
}
if ((!file_exists($this->path) || (time()-filectime($this->path)) >
$this->config['expiration_time'])) {
$handle = @fopen($this->path, 'w+');
$serialized = @serialize($data);
if (!$handle) {
throw new Exception("Cache file couldn't be created");
}
if (!$serialized) {
throw new Exception("Cache data couldn't be serialized");
}
fwrite($handle, $serialized);
fclose($handle);
}
return $this;
}
/**
* Returns the cached data
*
* Note that this method returns false if either type or file cache is
* not set
*
* @return mixed cache data or false
*/
public function getCache()
{
// make sure filters are parsed again if cache expired
if (file_exists($this->path) && (time()-filectime($this->path)) <
$this->config['expiration_time']) {
$data = unserialize(file_get_contents($this->path));
return $data;
}
return false;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

73
libraries/plugins/IDS/Caching/Interface.php
View File

@ -1,73 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* Caching wrapper interface
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @version SVN: $Id:Interface.php 517 2007-09-15 15:04:13Z mario $
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @since Version 0.4
* @link http://php-ids.org/
*/
interface IDS_Caching_Interface
{
/**
* Interface method
*
* @param array $data the cache data
*
* @return void
*/
public function setCache(array $data);
/**
* Interface method
*
* @return void
*/
public function getCache();
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

195
libraries/plugins/IDS/Caching/Memcached.php
View File

@ -1,195 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Caching/Interface.php';
/**
* File caching wrapper
*
* This class inhabits functionality to get and set cache via memcached.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Groupoup
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Memcached.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Caching_Memcached implements IDS_Caching_Interface
{
/**
* Caching type
*
* @var string
*/
private $type = null;
/**
* Cache configuration
*
* @var array
*/
private $config = null;
/**
* Flag if the filter storage has been found in memcached
*
* @var boolean
*/
private $isCached = false;
/**
* Memcache object
*
* @var object
*/
private $memcache = null;
/**
* Holds an instance of this class
*
* @var object
*/
private static $cachingInstance = null;
/**
* Constructor
*
* @param string $type caching type
* @param array $init the IDS_Init object
*
* @return void
*/
public function __construct($type, $init)
{
$this->type = $type;
$this->config = $init->config['Caching'];
$this->_connect();
}
/**
* Returns an instance of this class
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return object $this
*/
public static function getInstance($type, $init)
{
if (!self::$cachingInstance) {
self::$cachingInstance = new IDS_Caching_Memcached($type, $init);
}
return self::$cachingInstance;
}
/**
* Writes cache data
*
* @param array $data the caching data
*
* @return object $this
*/
public function setCache(array $data)
{
if(!$this->isCached) {
$this->memcache->set(
$this->config['key_prefix'] . '.storage',
$data, false, $this->config['expiration_time']
);
}
return $this;
}
/**
* Returns the cached data
*
* Note that this method returns false if either type or file cache is
* not set
*
* @return mixed cache data or false
*/
public function getCache()
{
$data = $this->memcache->get(
$this->config['key_prefix'] .
'.storage'
);
$this->isCached = !empty($data);
return $data;
}
/**
* Connect to the memcached server
*
* @throws Exception if connection parameters are insufficient
* @return void
*/
private function _connect()
{
if ($this->config['host'] && $this->config['port']) {
// establish the memcache connection
$this->memcache = new Memcache;
$this->memcache->pconnect(
$this->config['host'],
$this->config['port']
);
} else {
throw new Exception('Insufficient connection parameters');
}
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

146
libraries/plugins/IDS/Caching/Session.php
View File

@ -1,146 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Caching/Interface.php';
/**
* File caching wrapper
*
* This class inhabits functionality to get and set cache via session.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Session.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Caching_Session implements IDS_Caching_Interface
{
/**
* Caching type
*
* @var string
*/
private $type = null;
/**
* Cache configuration
*
* @var array
*/
private $config = null;
/**
* Holds an instance of this class
*
* @var object
*/
private static $cachingInstance = null;
/**
* Constructor
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return void
*/
public function __construct($type, $init)
{
$this->type = $type;
$this->config = $init->config['Caching'];
}
/**
* Returns an instance of this class
*
* @param string $type caching type
* @param object $init the IDS_Init object
*
* @return object $this
*/
public static function getInstance($type, $init)
{
if (!self::$cachingInstance) {
self::$cachingInstance = new IDS_Caching_Session($type, $init);
}
return self::$cachingInstance;
}
/**
* Writes cache data into the session
*
* @param array $data the caching data
*
* @return object $this
*/
public function setCache(array $data)
{
$_SESSION['PHPIDS'][$this->type] = $data;
return $this;
}
/**
* Returns the cached data
*
* Note that this method returns false if either type or file cache is not set
*
* @return mixed cache data or false
*/
public function getCache()
{
if ($this->type && $_SESSION['PHPIDS'][$this->type]) {
return $_SESSION['PHPIDS'][$this->type];
}
return false;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

89
libraries/plugins/IDS/Config/Config.ini.php
View File

@ -1,89 +0,0 @@
; <?php die(); ?>
; PHPIDS Config.ini
; General configuration settings
[General]
; basic settings - customize to make the PHPIDS work at all
filter_type = xml
base_path = /full/path/to/IDS/
use_base_path = false
filter_path = default_filter.xml
tmp_path = tmp
scan_keys = false
; in case you want to use a different HTMLPurifier source, specify it here
; By default, those files are used that are being shipped with PHPIDS
HTML_Purifier_Path = vendors/htmlpurifier/HTMLPurifier.auto.php
HTML_Purifier_Cache = vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer
; define which fields contain html and need preparation before
; hitting the PHPIDS rules (new in PHPIDS 0.5)
;html[] = POST.__wysiwyg
; define which fields contain JSON data and should be treated as such
; for fewer false positives (new in PHPIDS 0.5.3)
;json[] = POST.__jsondata
; define which fields shouldn't be monitored (a[b]=c should be referenced via a.b)
exceptions[] = GET.__utmz
exceptions[] = GET.__utmc
; you can use regular expressions for wildcard exceptions - example: /.*foo/i
; PHPIDS should run with PHP 5.1.2 but this is untested - set
; this value to force compatibilty with minor versions
min_php_version = 5.1.6
; If you use the PHPIDS logger you can define specific configuration here
[Logging]
; file logging
path = tmp/phpids_log.txt
; email logging
; note that enabling safemode you can prevent spam attempts,
; see documentation
recipients[] = test@test.com.invalid
subject = "PHPIDS detected an intrusion attempt!"
header = "From: <PHPIDS> info@phpids.org"
envelope = ""
safemode = true
urlencode = true
allowed_rate = 15
; database logging
wrapper = "mysql:host=localhost;port=3306;dbname=phpids"
user = phpids_user
password = 123456
table = intrusions
; If you would like to use other methods than file caching you can configure them here
[Caching]
; caching: session|file|database|memcached|none
caching = file
expiration_time = 600
; file cache
path = tmp/default_filter.cache
; database cache
wrapper = "mysql:host=localhost;port=3306;dbname=phpids"
user = phpids_user
password = 123456
table = cache
; memcached
;host = localhost
;port = 11211
;key_prefix = PHPIDS

750
libraries/plugins/IDS/Converter.php
View File

@ -1,750 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* PHPIDS specific utility class to convert charsets manually
*
* Note that if you make use of IDS_Converter::runAll(), existing class
* methods will be executed in the same order as they are implemented in the
* class tree!
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Converter.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Converter
{
/**
* Runs all converter functions
*
* Note that if you make use of IDS_Converter::runAll(), existing class
* methods will be executed in the same order as they are implemented in the
* class tree!
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function runAll($value)
{
foreach (get_class_methods(__CLASS__) as $method) {
if (strpos($method, 'run') === 0) {
continue;
}
$value = self::$method($value);
}
return $value;
}
/**
* Check for comments and erases them if available
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromCommented($value)
{
// check for existing comments
if (preg_match('/(?:\<!-|-->|\/\*|\*\/|\/\/\W*\w+\s*$)|' .
'(?:--[^-]*-)/ms', $value)) {
$pattern = array(
'/(?:(?:<!)(?:(?:--(?:[^-]*(?:-[^-]+)*)--\s*)*)(?:>))/ms',
'/(?:(?:\/\*\/*[^\/\*]*)+\*\/)/ms',
'/(?:--[^-]*-)/ms'
);
$converted = preg_replace($pattern, ';', $value);
$value .= "\n" . $converted;
}
//make sure inline comments are detected and converted correctly
$value = preg_replace('/(<\w+)\/+(\w+=?)/m', '$1/$2', $value);
$value = preg_replace('/[^\\\:]\/\/(.*)$/m', '/**/$1', $value);
$value = preg_replace('/([^\-&])#.*[\r\n\v\f]/m', '$1', $value);
$value = preg_replace('/([^&\-])#.*\n/m', '$1 ', $value);
$value = preg_replace('/^#.*\n/m', ' ', $value);
return $value;
}
/**
* Strip newlines
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromWhiteSpace($value)
{
//check for inline linebreaks
$search = array('\r', '\n', '\f', '\t', '\v');
$value = str_replace($search, ';', $value);
// replace replacement characters regular spaces
$value = str_replace('<27>', ' ', $value);
//convert real linebreaks
return preg_replace('/(?:\n|\r|\v)/m', ' ', $value);
}
/**
* Checks for common charcode pattern and decodes them
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromJSCharcode($value)
{
$matches = array();
// check if value matches typical charCode pattern
if (preg_match_all('/(?:[\d+-=\/\* ]+(?:\s?,\s?[\d+-=\/\* ]+)){4,}/ms',
$value, $matches)) {
$converted = '';
$string = implode(',', $matches[0]);
$string = preg_replace('/\s/', '', $string);
$string = preg_replace('/\w+=/', '', $string);
$charcode = explode(',', $string);
foreach ($charcode as $char) {
$char = preg_replace('/\W0/s', '', $char);
if (preg_match_all('/\d*[+-\/\* ]\d+/', $char, $matches)) {
$match = preg_split('/(\W?\d+)/',
(implode('', $matches[0])),
null,
PREG_SPLIT_DELIM_CAPTURE);
if (array_sum($match) >= 20 && array_sum($match) <= 127) {
$converted .= chr(array_sum($match));
}
} elseif (!empty($char) && $char >= 20 && $char <= 127) {
$converted .= chr($char);
}
}
$value .= "\n" . $converted;
}
// check for octal charcode pattern
if (preg_match_all('/(?:(?:[\\\]+\d+[ \t]*){8,})/ims', $value, $matches)) {
$converted = '';
$charcode = explode('\\', preg_replace('/\s/', '', implode(',',
$matches[0])));
foreach ($charcode as $char) {
if (!empty($char)) {
if (octdec($char) >= 20 && octdec($char) <= 127) {
$converted .= chr(octdec($char));
}
}
}
$value .= "\n" . $converted;
}
// check for hexadecimal charcode pattern
if (preg_match_all('/(?:(?:[\\\]+\w+\s*){8,})/ims', $value, $matches)) {
$converted = '';
$charcode = explode('\\', preg_replace('/[ux]/', '', implode(',',
$matches[0])));
foreach ($charcode as $char) {
if (!empty($char)) {
if (hexdec($char) >= 20 && hexdec($char) <= 127) {
$converted .= chr(hexdec($char));
}
}
}
$value .= "\n" . $converted;
}
return $value;
}
/**
* Eliminate JS regex modifiers
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertJSRegexModifiers($value)
{
$value = preg_replace('/\/[gim]+/', '/', $value);
return $value;
}
/**
* Converts from hex/dec entities
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertEntities($value)
{
$converted = null;
//deal with double encoded payload
$value = preg_replace('/&amp;/', '&', $value);
if (preg_match('/&#x?[\w]+/ms', $value)) {
$converted = preg_replace('/(&#x?[\w]{2}\d?);?/ms', '$1;', $value);
$converted = html_entity_decode($converted, ENT_QUOTES, 'UTF-8');
$value .= "\n" . str_replace(';;', ';', $converted);
}
// normalize obfuscated protocol handlers
$value = preg_replace(
'/(?:j\s*a\s*v\s*a\s*s\s*c\s*r\s*i\s*p\s*t\s*:)|(d\s*a\s*t\s*a\s*:)/ms',
'javascript:', $value
);
return $value;
}
/**
* Normalize quotes
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertQuotes($value)
{
// normalize different quotes to "
$pattern = array('\'', '`', '´', '', '');
$value = str_replace($pattern, '"', $value);
//make sure harmless quoted strings don't generate false alerts
$value = preg_replace('/^"([^"=\\!><~]+)"$/', '$1', $value);
return $value;
}
/**
* Converts SQLHEX to plain text
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromSQLHex($value)
{
$matches = array();
if(preg_match_all('/(?:(?:\A|[^\d])0x[a-f\d]{3,}[a-f\d]*)+/im', $value, $matches)) {
foreach($matches[0] as $match) {
$converted = '';
foreach(str_split($match, 2) as $hex_index) {
if(preg_match('/[a-f\d]{2,3}/i', $hex_index)) {
$converted .= chr(hexdec($hex_index));
}
}
$value = str_replace($match, $converted, $value);
}
}
// take care of hex encoded ctrl chars
$value = preg_replace('/0x\d+/m', ' 1 ', $value);
return $value;
}
/**
* Converts basic SQL keywords and obfuscations
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromSQLKeywords($value)
{
$pattern = array('/(?:is\s+null)|(like\s+null)|' .
'(?:(?:^|\W)in[+\s]*\([\s\d"]+[^()]*\))/ims');
$value = preg_replace($pattern, '"=0', $value);
$value = preg_replace('/[^\w\)]+\s*like\s*[^\w\s]+/ims', '1" OR "1"', $value);
$value = preg_replace('/null([,"\s])/ims', '0$1', $value);
$value = preg_replace('/\d+\./ims', ' 1', $value);
$value = preg_replace('/,null/ims', ',0', $value);
$value = preg_replace('/(?:between)/ims', 'or', $value);
$value = preg_replace('/(?:and\s+\d+\.?\d*)/ims', '', $value);
$value = preg_replace('/(?:\s+and\s+)/ims', ' or ', $value);
$pattern = array('/(?:not\s+between)|(?:is\s+not)|(?:not\s+in)|' .
'(?:xor|<>|rlike(?:\s+binary)?)|' .
'(?:regexp\s+binary)|' .
'(?:sounds\s+like)/ims');
$value = preg_replace($pattern, '!', $value);
$value = preg_replace('/"\s+\d/', '"', $value);
$value = preg_replace('/(\W)div(\W)/ims', '$1 OR $2', $value);
$value = preg_replace('/\/(?:\d+|null)/', null, $value);
return $value;
}
/**
* Detects nullbytes and controls chars via ord()
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromControlChars($value)
{
// critical ctrl values
$search = array(
chr(0), chr(1), chr(2), chr(3), chr(4), chr(5),
chr(6), chr(7), chr(8), chr(11), chr(12), chr(14),
chr(15), chr(16), chr(17), chr(18), chr(19), chr(24),
chr(25), chr(192), chr(193), chr(238), chr(255), '\\0'
);
$value = str_replace($search, '%00', $value);
//take care for malicious unicode characters
$value = urldecode(preg_replace('/(?:%E(?:2|3)%8(?:0|1)%(?:A|8|9)' .
'\w|%EF%BB%BF|%EF%BF%BD)|(?:&#(?:65|8)\d{3};?)/i', null,
urlencode($value)));
$value = urldecode(
preg_replace('/(?:%F0%80%BE)/i', '>', urlencode($value)));
$value = urldecode(
preg_replace('/(?:%F0%80%BC)/i', '<', urlencode($value)));
$value = urldecode(
preg_replace('/(?:%F0%80%A2)/i', '"', urlencode($value)));
$value = urldecode(
preg_replace('/(?:%F0%80%A7)/i', '\'', urlencode($value)));
$value = preg_replace('/(?:%ff1c)/', '<', $value);
$value = preg_replace(
'/(?:&[#x]*(200|820|200|820|zwn?j|lrm|rlm)\w?;?)/i', null,$value
);
$value = preg_replace('/(?:&#(?:65|8)\d{3};?)|' .
'(?:&#(?:56|7)3\d{2};?)|' .
'(?:&#x(?:fe|20)\w{2};?)|' .
'(?:&#x(?:d[c-f])\w{2};?)/i', null,
$value);
$value = str_replace(
array('«', '〈', '', '', '〈', '⟨'), '<', $value
);
$value = str_replace(
array('»', '〉', '', '', '〉', '⟩'), '>', $value
);
return $value;
}
/**
* This method matches and translates base64 strings and fragments
* used in data URIs
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromNestedBase64($value)
{
$matches = array();
preg_match_all('/(?:^|[,&?])\s*([a-z0-9]{30,}=*)(?:\W|$)/im',
$value,
$matches);
foreach ($matches[1] as $item) {
if (isset($item) && !preg_match('/[a-f0-9]{32}/i', $item)) {
$base64_item = base64_decode($item);
$value = str_replace($item, $base64_item, $value);
}
}
return $value;
}
/**
* Detects nullbytes and controls chars via ord()
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromOutOfRangeChars($value)
{
$values = str_split($value);
foreach ($values as $item) {
if (ord($item) >= 127) {
$value = str_replace($item, ' ', $value);
}
}
return $value;
}
/**
* Strip XML patterns
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromXML($value)
{
$converted = strip_tags($value);
if ($converted && ($converted != $value)) {
return $value . "\n" . $converted;
}
return $value;
}
/**
* This method converts JS unicode code points to
* regular characters
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromJSUnicode($value)
{
$matches = array();
preg_match_all('/\\\u[0-9a-f]{4}/ims', $value, $matches);
if (!empty($matches[0])) {
foreach ($matches[0] as $match) {
$chr = chr(hexdec(substr($match, 2, 4)));
$value = str_replace($match, $chr, $value);
}
$value .= "\n\u0001";
}
return $value;
}
/**
* Converts relevant UTF-7 tags to UTF-8
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromUTF7($value)
{
if(preg_match('/\+A\w+-?/m', $value)) {
if (function_exists('mb_convert_encoding')) {
if(version_compare(PHP_VERSION, '5.2.8', '<')) {
$tmp_chars = str_split($value);
$value = '';
foreach($tmp_chars as $char) {
if(ord($char) <= 127) {
$value .= $char;
}
}
}
$value .= "\n" . mb_convert_encoding($value, 'UTF-8', 'UTF-7');
} else {
//list of all critical UTF7 codepoints
$schemes = array(
'+ACI-' => '"',
'+ADw-' => '<',
'+AD4-' => '>',
'+AFs-' => '[',
'+AF0-' => ']',
'+AHs-' => '{',
'+AH0-' => '}',
'+AFw-' => '\\',
'+ADs-' => ';',
'+ACM-' => '#',
'+ACY-' => '&',
'+ACU-' => '%',
'+ACQ-' => '$',
'+AD0-' => '=',
'+AGA-' => '`',
'+ALQ-' => '"',
'+IBg-' => '"',
'+IBk-' => '"',
'+AHw-' => '|',
'+ACo-' => '*',
'+AF4-' => '^',
'+ACIAPg-' => '">',
'+ACIAPgA8-' => '">'
);
$value = str_ireplace(array_keys($schemes),
array_values($schemes), $value);
}
}
return $value;
}
/**
* Converts basic concatenations
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromConcatenated($value)
{
//normalize remaining backslashes
if ($value != preg_replace('/(\w)\\\/', "$1", $value)) {
$value .= preg_replace('/(\w)\\\/', "$1", $value);
}
$compare = stripslashes($value);
$pattern = array('/(?:<\/\w+>\+<\w+>)/s',
'/(?:":\d+[^"[]+")/s',
'/(?:"?"\+\w+\+")/s',
'/(?:"\s*;[^"]+")|(?:";[^"]+:\s*")/s',
'/(?:"\s*(?:;|\+).{8,18}:\s*")/s',
'/(?:";\w+=)|(?:!""&&")|(?:~)/s',
'/(?:"?"\+""?\+?"?)|(?:;\w+=")|(?:"[|&]{2,})/s',
'/(?:"\s*\W+")/s',
'/(?:";\w\s*\+=\s*\w?\s*")/s',
'/(?:"[|&;]+\s*[^|&\n]*[|&]+\s*"?)/s',
'/(?:";\s*\w+\W+\w*\s*[|&]*")/s',
'/(?:"\s*"\s*\.)/s',
'/(?:\s*new\s+\w+\s*[+",])/',
'/(?:(?:^|\s+)(?:do|else)\s+)/',
'/(?:[{(]\s*new\s+\w+\s*[)}])/',
'/(?:(this|self)\.)/',
'/(?:undefined)/',
'/(?:in\s+)/');
// strip out concatenations
$converted = preg_replace($pattern, null, $compare);
//strip object traversal
$converted = preg_replace('/\w(\.\w\()/', "$1", $converted);
// normalize obfuscated method calls
$converted = preg_replace('/\)\s*\+/', ")", $converted);
//convert JS special numbers
$converted = preg_replace('/(?:\(*[.\d]e[+-]*[^a-z\W]+\)*)' .
'|(?:NaN|Infinity)\W/ims', 1, $converted);
if ($converted && ($compare != $converted)) {
$value .= "\n" . $converted;
}
return $value;
}
/**
* This method collects and decodes proprietary encoding types
*
* @param string $value the value to convert
*
* @static
* @return string
*/
public static function convertFromProprietaryEncodings($value) {
//Xajax error reportings
$value = preg_replace('/<!\[CDATA\[(\W+)\]\]>/im', '$1', $value);
//strip false alert triggering apostrophes
$value = preg_replace('/(\w)\"(s)/m', '$1$2', $value);
//strip quotes within typical search patterns
$value = preg_replace('/^"([^"=\\!><~]+)"$/', '$1', $value);
//OpenID login tokens
$value = preg_replace('/{[\w-]{8,9}\}(?:\{[\w=]{8}\}){2}/', null, $value);
//convert Content and \sdo\s to null
$value = preg_replace('/Content|\Wdo\s/', null, $value);
//strip emoticons
$value = preg_replace(
'/(?:\s[:;]-[)\/PD]+)|(?:\s;[)PD]+)|(?:\s:[)PD]+)|-\.-|\^\^/m',
null,
$value
);
//normalize separation char repetion
$value = preg_replace('/([.+~=*_\-;])\1{2,}/m', '$1', $value);
//normalize multiple single quotes
$value = preg_replace('/"{2,}/m', '"', $value);
//normalize quoted numerical values and asterisks
$value = preg_replace('/"(\d+)"/m', '$1', $value);
//normalize pipe separated request parameters
$value = preg_replace('/\|(\w+=\w+)/m', '&$1', $value);
//normalize ampersand listings
$value = preg_replace('/(\w\s)&\s(\w)/', '$1$2', $value);
//normalize escaped RegExp modifiers
$value = preg_replace('/\/\\\(\w)/', '/$1', $value);
return $value;
}
/**
* This method is the centrifuge prototype
*
* @param string $value the value to convert
* @param IDS_Monitor $monitor the monitor object
*
* @static
* @return string
*/
public static function runCentrifuge($value, IDS_Monitor $monitor = null)
{
$threshold = 3.49;
if (strlen($value) > 25) {
//strip padding
$tmp_value = preg_replace('/\s{4}|==$/m', null, $value);
$tmp_value = preg_replace(
'/\s{4}|[\p{L}\d\+\-=,.%()]{8,}/m',
'aaa',
$tmp_value
);
// Check for the attack char ratio
$tmp_value = preg_replace('/([*.!?+-])\1{1,}/m', '$1', $tmp_value);
$tmp_value = preg_replace('/"[\p{L}\d\s]+"/m', null, $tmp_value);
$stripped_length = strlen(preg_replace('/[\d\s\p{L}\.:,%&\/><\-)!|]+/m',
null, $tmp_value));
$overall_length = strlen(
preg_replace('/([\d\s\p{L}:,\.]{3,})+/m', 'aaa',
preg_replace('/\s{2,}/m', null, $tmp_value))
);
if ($stripped_length != 0
&& $overall_length/$stripped_length <= $threshold) {
$monitor->centrifuge['ratio'] =
$overall_length/$stripped_length;
$monitor->centrifuge['threshold'] =
$threshold;
$value .= "\n$[!!!]";
}
}
if (strlen($value) > 40) {
// Replace all non-special chars
$converted = preg_replace('/[\w\s\p{L},.:!]/', null, $value);
// Split string into an array, unify and sort
$array = str_split($converted);
$array = array_unique($array);
asort($array);
// Normalize certain tokens
$schemes = array(
'~' => '+',
'^' => '+',
'|' => '+',
'*' => '+',
'%' => '+',
'&' => '+',
'/' => '+'
);
$converted = implode($array);
$_keys = array_keys($schemes);
$_values = array_values($schemes);
$converted = str_replace($_keys, $_values, $converted);
$converted = preg_replace('/[+-]\s*\d+/', '+', $converted);
$converted = preg_replace('/[()[\]{}]/', '(', $converted);
$converted = preg_replace('/[!?:=]/', ':', $converted);
$converted = preg_replace('/[^:(+]/', null, stripslashes($converted));
// Sort again and implode
$array = str_split($converted);
asort($array);
$converted = implode($array);
if (preg_match('/(?:\({2,}\+{2,}:{2,})|(?:\({2,}\+{2,}:+)|' .
'(?:\({3,}\++:{2,})/', $converted)) {
$monitor->centrifuge['converted'] = $converted;
return $value . "\n" . $converted;
}
}
return $value;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

235
libraries/plugins/IDS/Event.php
View File

@ -1,235 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* PHPIDS event object
*
* This class represents a certain event that occured while applying the filters
* to the supplied data. It aggregates a bunch of IDS_Filter implementations and
* is a assembled in IDS_Report.
*
* Note that this class implements both Countable and IteratorAggregate
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Event.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Event implements Countable, IteratorAggregate
{
/**
* Event name
*
* @var scalar
*/
protected $name = null;
/**
* Value of the event
*
* @var scalar
*/
protected $value = null;
/**
* List of filter objects
*
* Filter objects in this array are those that matched the events value
*
* @var array
*/
protected $filters = array();
/**
* Calculated impact
*
* Total impact of the event
*
* @var integer
*/
protected $impact = 0;
/**
* Affecte tags
*
* @var array
*/
protected $tags = array();
/**
* Constructor
*
* Fills event properties
*
* @param scalar $name the event name
* @param scalar $value the event value
* @param array $filters the corresponding filters
*
* @return void
*/
public function __construct($name, $value, Array $filters)
{
if (!is_scalar($name)) {
throw new InvalidArgumentException(
'Expected $name to be a scalar,' . gettype($name) . ' given'
);
}
if (!is_scalar($value)) {
throw new InvalidArgumentException('
Expected $value to be a scalar,' . gettype($value) . ' given'
);
}
$this->name = $name;
$this->value = $value;
foreach ($filters as $filter) {
if (!$filter instanceof IDS_Filter) {
throw new InvalidArgumentException(
'Filter must be derived from IDS_Filter'
);
}
$this->filters[] = $filter;
}
}
/**
* Returns event name
*
* The name of the event usually is the key of the variable that was
* considered to be malicious
*
* @return scalar
*/
public function getName()
{
return $this->name;
}
/**
* Returns event value
*
* @return scalar
*/
public function getValue()
{
return $this->value;
}
/**
* Returns calculated impact
*
* @return integer
*/
public function getImpact()
{
if (!$this->impact) {
$this->impact = 0;
foreach ($this->filters as $filter) {
$this->impact += $filter->getImpact();
}
}
return $this->impact;
}
/**
* Returns affected tags
*
* @return array
*/
public function getTags()
{
$filters = $this->getFilters();
foreach ($filters as $filter) {
$this->tags = array_merge($this->tags,
$filter->getTags());
}
$this->tags = array_values(array_unique($this->tags));
return $this->tags;
}
/**
* Returns list of filter objects
*
* @return array
*/
public function getFilters()
{
return $this->filters;
}
/**
* Returns number of filters
*
* To implement interface Countable this returns the number of filters
* appended.
*
* @return integer
*/
public function count()
{
return count($this->getFilters());
}
/**
* IteratorAggregate iterator getter
*
* Returns an iterator to iterate over the appended filters.
*
* @return ArrayObject the filter collection
*/
public function getIterator()
{
return new ArrayObject($this->getFilters());
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

179
libraries/plugins/IDS/Filter.php
View File

@ -1,179 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* PHPIDS Filter object
*
* Each object of this class serves as a container for a specific filter. The
* object provides methods to get information about this particular filter and
* also to match an arbitrary string against it.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Filter.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Filter {
/**
* Filter rule
*
* @var string
*/
protected $rule;
/**
* List of tags of the filter
*
* @var array
*/
protected $tags = array();
/**
* Filter impact level
*
* @var integer
*/
protected $impact = 0;
/**
* Filter description
*
* @var string
*/
protected $description = null;
/**
* Constructor
*
* @param integer $id filter id
* @param mixed $rule filter rule
* @param string $description filter description
* @param array $tags list of tags
* @param integer $impact filter impact level
*
* @return void
*/
public function __construct($id, $rule, $description, array $tags, $impact) {
$this->id = $id;
$this->rule = $rule;
$this->tags = $tags;
$this->impact = $impact;
$this->description = $description;
}
/**
* Matches a string against current filter
*
* Matches given string against the filter rule the specific object of this
* class represents
*
* @param string $string the string to match
*
* @throws InvalidArgumentException if argument is no string
* @return boolean
*/
public function match($string) {
if (!is_string($string)) {
throw new InvalidArgumentException('
Invalid argument. Expected a string, received ' . gettype($string)
);
}
return (bool) preg_match(
'/' . $this->getRule() . '/ms', strtolower($string)
);
}
/**
* Returns filter description
*
* @return string
*/
public function getDescription() {
return $this->description;
}
/**
* Return list of affected tags
*
* Each filter rule is concerned with a certain kind of attack vectors.
* This method returns those affected kinds.
*
* @return array
*/
public function getTags() {
return $this->tags;
}
/**
* Returns filter rule
*
* @return string
*/
public function getRule() {
return $this->rule;
}
/**
* Get filter impact level
*
* @return integer
*/
public function getImpact() {
return $this->impact;
}
/**
* Get filter ID
*
* @return integer
*/
public function getId() {
return $this->id;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

381
libraries/plugins/IDS/Filter/Storage.php
View File

@ -1,381 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* Filter Storage
*
* This class provides various default functions for gathering filter patterns
* to be used later on by the detection mechanism. You might extend this class
* to your requirements.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Storage.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Filter_Storage
{
/**
* Filter source file
*
* @var string
*/
protected $source = null;
/**
* Holds caching settings
*
* @var array
*/
protected $cacheSettings = null;
/**
* Cache container
*
* @var object IDS_Caching wrapper
*/
protected $cache = null;
/**
* Filter container
*
* @var array
*/
protected $filterSet = array();
/**
* Constructor
*
* Loads filters based on provided IDS_Init settings.
*
* @param object $init IDS_Init instance
*
* @throws Exception if unsupported filter type is given
* @return void
*/
public final function __construct(IDS_Init $init)
{
if ($init->config) {
$caching = isset($init->config['Caching']['caching']) ?
$init->config['Caching']['caching'] : 'none';
$type = $init->config['General']['filter_type'];
$this->source = $init->getBasePath()
. $init->config['General']['filter_path'];
if ($caching && $caching != 'none') {
$this->cacheSettings = $init->config['Caching'];
include_once 'IDS/Caching/Factory.php';
$this->cache = IDS_Caching::factory($init, 'storage');
}
switch ($type) {
case 'xml' :
$this->getFilterFromXML();
break;
case 'json' :
$this->getFilterFromJson();
break;
default :
throw new Exception('Unsupported filter type.');
}
}
}
/**
* Sets the filter array
*
* @param array $filterSet array containing multiple IDS_Filter instances
*
* @return object $this
*/
public final function setFilterSet($filterSet)
{
foreach ($filterSet as $filter) {
$this->addFilter($filter);
}
return $this;
}
/**
* Returns registered filters
*
* @return array
*/
public final function getFilterSet()
{
return $this->filterSet;
}
/**
* Adds a filter
*
* @param object $filter IDS_Filter instance
*
* @return object $this
*/
public final function addFilter(IDS_Filter $filter)
{
$this->filterSet[] = $filter;
return $this;
}
/**
* Checks if any filters are cached
*
* @return mixed $filters cached filters or false
*/
private function _isCached()
{
$filters = false;
if ($this->cacheSettings) {
if ($this->cache) {
$filters = $this->cache->getCache();
}
}
return $filters;
}
/**
* Loads filters from XML using SimpleXML
*
* This function parses the provided source file and stores the result.
* If caching mode is enabled the result will be cached to increase
* the performance.
*
* @throws Exception if problems with fetching the XML data occur
* @return object $this
*/
public function getFilterFromXML()
{
if (extension_loaded('SimpleXML')) {
/*
* See if filters are already available in the cache
*/
$filters = $this->_isCached();
/*
* If they aren't, parse the source file
*/
if (!$filters) {
if (file_exists($this->source)) {
if (LIBXML_VERSION >= 20621) {
$filters = simplexml_load_file($this->source,
null,
LIBXML_COMPACT);
} else {
$filters = simplexml_load_file($this->source);
}
}
}
/*
* In case we still don't have any filters loaded and exception
* will be thrown
*/
if (empty($filters)) {
throw new Exception(
'XML data could not be loaded.' .
' Make sure you specified the correct path.'
);
}
/*
* Now the storage will be filled with IDS_Filter objects
*/
$data = array();
$nocache = $filters instanceof SimpleXMLElement;
$filters = $nocache ? $filters->filter : $filters;
include_once 'IDS/Filter.php';
foreach ($filters as $filter) {
$id = $nocache ? (string) $filter->id :
$filter['id'];
$rule = $nocache ? (string) $filter->rule :
$filter['rule'];
$impact = $nocache ? (string) $filter->impact :
$filter['impact'];
$tags = $nocache ? array_values((array) $filter->tags) :
$filter['tags'];
$description = $nocache ? (string) $filter->description :
$filter['description'];
$this->addFilter(new IDS_Filter($id,
$rule,
$description,
(array) $tags[0],
(int) $impact));
$data[] = array(
'id' => $id,
'rule' => $rule,
'impact' => $impact,
'tags' => $tags,
'description' => $description
);
}
/*
* If caching is enabled, the fetched data will be cached
*/
if ($this->cacheSettings) {
$this->cache->setCache($data);
}
} else {
throw new Exception(
'SimpleXML not loaded.'
);
}
return $this;
}
/**
* Loads filters from Json file using ext/Json
*
* This function parses the provided source file and stores the result.
* If caching mode is enabled the result will be cached to increase
* the performance.
*
* @throws Exception if problems with fetching the JSON data occur
* @return object $this
*/
public function getFilterFromJson()
{
if (extension_loaded('Json')) {
/*
* See if filters are already available in the cache
*/
$filters = $this->_isCached();
/*
* If they aren't, parse the source file
*/
if (!$filters) {
if (file_exists($this->source)) {
$filters = json_decode(file_get_contents($this->source));
} else {
throw new Exception(
'JSON data could not be loaded.' .
' Make sure you specified the correct path.'
);
}
}
if (!$filters) {
throw new Exception(
'JSON data could not be loaded.' .
' Make sure you specified the correct path.'
);
}
/*
* Now the storage will be filled with IDS_Filter objects
*/
$data = array();
$nocache = !is_array($filters);
$filters = $nocache ? $filters->filters->filter : $filters;
include_once 'IDS/Filter.php';
foreach ($filters as $filter) {
$id = $nocache ? (string) $filter->id :
$filter['id'];
$rule = $nocache ? (string) $filter->rule :
$filter['rule'];
$impact = $nocache ? (string) $filter->impact :
$filter['impact'];
$tags = $nocache ? array_values((array) $filter->tags) :
$filter['tags'];
$description = $nocache ? (string) $filter->description :
$filter['description'];
$this->addFilter(new IDS_Filter($id,
$rule,
$description,
(array) $tags[0],
(int) $impact));
$data[] = array(
'id' => $id,
'rule' => $rule,
'impact' => $impact,
'tags' => $tags,
'description' => $description
);
}
/*
* If caching is enabled, the fetched data will be cached
*/
if ($this->cacheSettings) {
$this->cache->setCache($data);
}
} else {
throw new Exception(
'ext/json not loaded.'
);
}
return $this;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

240
libraries/plugins/IDS/Init.php
View File

@ -1,240 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* Framework initiation
*
* This class is used for the purpose to initiate the framework and inhabits
* functionality to parse the needed configuration file.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Groupup
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Init.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
* @since Version 0.4
*/
class IDS_Init
{
/**
* Holds config settings
*
* @var array
*/
public $config = array();
/**
* Instance of this class depending on the supplied config file
*
* @var array
* @static
*/
private static $instances = array();
/**
* Path to the config file
*
* @var string
*/
private $configPath = null;
/**
* Constructor
*
* Includes needed classes and parses the configuration file
*
* @param string $configPath the path to the config file
*
* @return object $this
*/
private function __construct($configPath = null)
{
include_once 'IDS/Monitor.php';
include_once 'IDS/Filter/Storage.php';
if ($configPath) {
$this->setConfigPath($configPath);
if (function_exists('parse_ini_file')) {
$this->config = parse_ini_file($this->configPath, true);
} else {
$configContent = file_get_contents($this->configPath);
$this->config = parse_ini_string($configContent, true);
}
}
}
/**
* Permitting to clone this object
*
* For the sake of correctness of a singleton pattern, this is necessary
*
* @return void
*/
public final function __clone()
{
}
/**
* Returns an instance of this class. Also a PHP version check
* is being performed to avoid compatibility problems with PHP < 5.1.6
*
* @param string $configPath the path to the config file
*
* @return object
*/
public static function init($configPath = null)
{
if (!isset(self::$instances[$configPath])) {
self::$instances[$configPath] = new IDS_Init($configPath);
}
return self::$instances[$configPath];
}
/**
* Sets the path to the configuration file
*
* @param string $path the path to the config
*
* @throws Exception if file not found
* @return void
*/
public function setConfigPath($path)
{
if (file_exists($path)) {
$this->configPath = $path;
} else {
throw new Exception(
'Configuration file could not be found at ' .
htmlspecialchars($path, ENT_QUOTES, 'UTF-8')
);
}
}
/**
* Returns path to configuration file
*
* @return string the config path
*/
public function getConfigPath()
{
return $this->configPath;
}
/**
* This method checks if a base path is given and usage is set to true.
* If all that tests succeed the base path will be returned as a string -
* else null will be returned.
*
* @return string the base path or null
*/
public function getBasePath()
{
return ((isset($this->config['General']['base_path'])
&& $this->config['General']['base_path']
&& isset($this->config['General']['use_base_path'])
&& $this->config['General']['use_base_path'])
? $this->config['General']['base_path'] : null);
}
/**
* Merges new settings into the exsiting ones or overwrites them
*
* @param array $config the config array
* @param boolean $overwrite config overwrite flag
*
* @return void
*/
public function setConfig(array $config, $overwrite = false)
{
if ($overwrite) {
$this->config = $this->_mergeConfig($this->config, $config);
} else {
$this->config = $this->_mergeConfig($config, $this->config);
}
}
/**
* Merge config hashes recursivly
*
* The algorithm merges configuration arrays recursively. If an element is
* an array in both, the values will be appended. If it is a scalar in both,
* the value will be replaced.
*
* @param array $current The legacy hash
* @param array $successor The hash which values count more when in doubt
* @return array Merged hash
*/
protected function _mergeConfig($current, $successor)
{
if (is_array($current) and is_array($successor)) {
foreach ($successor as $key => $value) {
if (isset($current[$key])
and is_array($value)
and is_array($current[$key])) {
$current[$key] = $this->_mergeConfig($current[$key], $value);
} else {
$current[$key] = $successor[$key];
}
}
}
return $current;
}
/**
* Returns the config array
*
* @return array the config array
*/
public function getConfig()
{
return $this->config;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

224
libraries/plugins/IDS/Ips.php
View File

@ -1,224 +0,0 @@
<?php
/**
* IDS_Ips
*
* Will log and allow you to block ip addresses
*
* @category Security
* @author Bernie Berg <bernie@dakotanetwork.com>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Ips.php 517 2011-07-29 15:04:13Z bernieberg $
*/
class IDS_Ips
{
/**
* Holds the data from the log file
*
* @var array
*/
private $data = array();
/**
* how long an ip will be blocked from their last hit
*
* @var int
*/
private $blocked_duration = 7200;
/**
* How many negative hits until they are blocked
*
* @var int
*/
private $blocked_count = 5;
/**
* location of the ip log file
*
* @var string
*/
private $ip_file = null;
/**
* Constructor
*
* Sets up the object with the passed arguments
*
* @param string $ip_file location of the ip log file
* @param int $duration how long, in seconds, to keep an ip blocked
* @param int $count how many hits until be block this ip
*
* @return void
*/
public function __construct($ip_file, $duration = 7200, $count = 5)
{
$this->blocked_duration = $duration;
$this->blocked_count = $count;
$this->ip_file = $ip_file;
if (!file_exists($ip_file)) {
$this->data = array();
return;
}
// 0 = ip address
// 1 = count
// 2 = last date
// 3 = ban count
$handle = fopen($ip_file, "r");
$good_data = array();
while (($data = fgetcsv($handle, 0, ",")) !== FALSE) {
$good_data[$data[0]] = $data;
}
fclose($handle);
$this->data = $good_data;
}
public function tempBlock($ip_address)
{
if (!array_key_exists($ip_address, $this->data)) {
$this->data[$ip_address] = array($ip_address, $this->blocked_count + 1, time(), 0, false);
} else {
$this->data[$ip_address][1] += $this->blocked_count;
$this->data[$ip_address][2] = time();
}
$this->writeLog();
return true;
}
/**
* isBlocked
*
* Is the passed ip address blocked?
*
* @param string $ip_address ip we are checking
*
* @return boolean
*/
public function isBlocked($ip_address)
{
if (!array_key_exists($ip_address, $this->data)) {
return array(false, 0);
}
$blocked_time = time()-$this->blocked_duration;
$ip_data = $this->data[$ip_address];
//print_r($ip_data);
if ($ip_data[1]>=$this->blocked_count && $ip_data[2]>=$blocked_time) {
$this->incCount($ip_address);
$this->writeLog();
return array(true, $ip_data[3]);
}
elseif($ip_data[2] <= $blocked_time && $ip_data[4] == 1)
{
//$this->unBlock($ip_address);
$this->resetCount($ip_address);
$this->writeLog();
}
return array(false, 0);
}
/**
* blockCount
*
* increase ban count, you should run writeLog after this
*
* @param string $ip_address ip we are checking
*
* @return void
*/
public function resetCount($ip_address)
{
if (array_key_exists($ip_address, $this->data)) {
//unset($this->data[$ip_address]);
$this->data[$ip_address][1] = 0;
$this->data[$ip_address][4] = false;
}
}
/**
* blockCount
*
* increase ban count, you should run writeLog after this
*
* @param string $ip_address ip we are checking
*
* @return void
*/
public function incCount($ip_address)
{
if (array_key_exists($ip_address, $this->data) && $this->data[$ip_address][4] == false) {
$this->data[$ip_address][3]++;
$this->data[$ip_address][4] = true;
}
}
/**
* unBlock
*
* remove the passed ip address, you should run writeLog after this
*
* @param string $ip_address ip we are checking
*
* @return void
*/
public function unBlock($ip_address)
{
echo "UNBLOCKED !";
if (array_key_exists($ip_address, $this->data)) {
unset($this->data[$ip_address]);
}
}
/**
* logHit
*
* log and increment a negative hit for this ip address
*
* @param string $ip_address ip we are checking
*
* @return void
*/
public function logHit($ip_address)
{
if (!array_key_exists($ip_address, $this->data)) {
$this->data[$ip_address] = array($ip_address, 1, time(), 0, false);
} else {
$this->data[$ip_address][1]++;
$this->data[$ip_address][2] = time();
}
}
/**
* writeLog
*
* write the ip log file
*
* @return void
*/
public function writeLog()
{
$fp = fopen($this->ip_file, 'w');
foreach ($this->data as $fields) {
fputcsv($fp, $fields);
}
fclose($fp);
return true;
}
}
?>

165
libraries/plugins/IDS/LICENSE.txt
View File

@ -1,165 +0,0 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
This version of the GNU Lesser General Public License incorporates
the terms and conditions of version 3 of the GNU General Public
License, supplemented by the additional permissions listed below.
0. Additional Definitions.
As used herein, "this License" refers to version 3 of the GNU Lesser
General Public License, and the "GNU GPL" refers to version 3 of the GNU
General Public License.
"The Library" refers to a covered work governed by this License,
other than an Application or a Combined Work as defined below.
An "Application" is any work that makes use of an interface provided
by the Library, but which is not otherwise based on the Library.
Defining a subclass of a class defined by the Library is deemed a mode
of using an interface provided by the Library.
A "Combined Work" is a work produced by combining or linking an
Application with the Library. The particular version of the Library
with which the Combined Work was made is also called the "Linked
Version".
The "Minimal Corresponding Source" for a Combined Work means the
Corresponding Source for the Combined Work, excluding any source code
for portions of the Combined Work that, considered in isolation, are
based on the Application, and not on the Linked Version.
The "Corresponding Application Code" for a Combined Work means the
object code and/or source code for the Application, including any data
and utility programs needed for reproducing the Combined Work from the
Application, but excluding the System Libraries of the Combined Work.
1. Exception to Section 3 of the GNU GPL.
You may convey a covered work under sections 3 and 4 of this License
without being bound by section 3 of the GNU GPL.
2. Conveying Modified Versions.
If you modify a copy of the Library, and, in your modifications, a
facility refers to a function or data to be supplied by an Application
that uses the facility (other than as an argument passed when the
facility is invoked), then you may convey a copy of the modified
version:
a) under this License, provided that you make a good faith effort to
ensure that, in the event an Application does not supply the
function or data, the facility still operates, and performs
whatever part of its purpose remains meaningful, or
b) under the GNU GPL, with none of the additional permissions of
this License applicable to that copy.
3. Object Code Incorporating Material from Library Header Files.
The object code form of an Application may incorporate material from
a header file that is part of the Library. You may convey such object
code under terms of your choice, provided that, if the incorporated
material is not limited to numerical parameters, data structure
layouts and accessors, or small macros, inline functions and templates
(ten or fewer lines in length), you do both of the following:
a) Give prominent notice with each copy of the object code that the
Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the object code with a copy of the GNU GPL and this license
document.
4. Combined Works.
You may convey a Combined Work under terms of your choice that,
taken together, effectively do not restrict modification of the
portions of the Library contained in the Combined Work and reverse
engineering for debugging such modifications, if you also do each of
the following:
a) Give prominent notice with each copy of the Combined Work that
the Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the Combined Work with a copy of the GNU GPL and this license
document.
c) For a Combined Work that displays copyright notices during
execution, include the copyright notice for the Library among
these notices, as well as a reference directing the user to the
copies of the GNU GPL and this license document.
d) Do one of the following:
0) Convey the Minimal Corresponding Source under the terms of this
License, and the Corresponding Application Code in a form
suitable for, and under terms that permit, the user to
recombine or relink the Application with a modified version of
the Linked Version to produce a modified Combined Work, in the
manner specified by section 6 of the GNU GPL for conveying
Corresponding Source.
1) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (a) uses at run time
a copy of the Library already present on the user's computer
system, and (b) will operate properly with a modified version
of the Library that is interface-compatible with the Linked
Version.
e) Provide Installation Information, but only if you would otherwise
be required to provide such information under section 6 of the
GNU GPL, and only to the extent that such information is
necessary to install and execute a modified version of the
Combined Work produced by recombining or relinking the
Application with a modified version of the Linked Version. (If
you use option 4d0, the Installation Information must accompany
the Minimal Corresponding Source and Corresponding Application
Code. If you use option 4d1, you must provide the Installation
Information in the manner specified by section 6 of the GNU GPL
for conveying Corresponding Source.)
5. Combined Libraries.
You may place library facilities that are a work based on the
Library side by side in a single library together with other library
facilities that are not Applications and are not covered by this
License, and convey such a combined library under terms of your
choice, if you do both of the following:
a) Accompany the combined library with a copy of the same work based
on the Library, uncombined with any other library facilities,
conveyed under the terms of this License.
b) Give prominent notice with the combined library that part of it
is a work based on the Library, and explaining where to find the
accompanying uncombined form of the same work.
6. Revised Versions of the GNU Lesser General Public License.
The Free Software Foundation may publish revised and/or new versions
of the GNU Lesser General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may
differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the
Library as you received it specifies that a certain numbered version
of the GNU Lesser General Public License "or any later version"
applies to it, you have the option of following the terms and
conditions either of that published version or of any later version
published by the Free Software Foundation. If the Library as you
received it does not specify a version number of the GNU Lesser
General Public License, you may choose any version of the GNU Lesser
General Public License ever published by the Free Software Foundation.
If the Library as you received it specifies that a proxy can decide
whether future versions of the GNU Lesser General Public License shall
apply, that proxy's public statement of acceptance of any version is
permanent authorization for you to choose that version for the
Library.

229
libraries/plugins/IDS/Log/Api.php
View File

@ -1,229 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Log/Interface.php';
/**
* File logging wrapper
*
* The file wrapper is designed to store data into a flatfile. It implements the
* singleton pattern.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:File.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Log_Api implements IDS_Log_Interface
{
/**
* Path to the log file
*
* @var string
*/
private $logfile = null;
/**
* Instance container
*
* Due to the singleton pattern this class allows to initiate only one
* instance for each file.
*
* @var array
*/
private static $instances = array();
/**
* Holds current remote address
*
* @var string
*/
private $ip = 'local/unknown';
/**
* Constructor
*
* @param string $logfile path to the log file
*
* @return void
*/
protected function __construct($logfile)
{
// determine correct IP address and concat them if necessary
$this->ip = $_SERVER['REMOTE_ADDR'] .
(isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
$this->logfile = $logfile;
}
/**
* Returns an instance of this class
*
* This method allows the passed argument to be either an instance of
* IDS_Init or a path to a log file. Due to the singleton pattern only one
* instance for each file can be initiated.
*
* @param mixed $config IDS_Init or path to a file
* @param string $classname the class name to use
*
* @return object $this
*/
public static function getInstance($config, $classname = 'IDS_Log_Api')
{
if ($config instanceof IDS_Init) {
$logfile = $config->getBasePath() . $config->config['Logging']['path'];
} elseif (is_string($config)) {
$logfile = $config;
}
if (!isset(self::$instances[$logfile])) {
self::$instances[$logfile] = new $classname($logfile);
}
return self::$instances[$logfile];
}
/**
* Permitting to clone this object
*
* For the sake of correctness of a singleton pattern, this is necessary
*
* @return void
*/
private function __clone()
{
}
/**
* Prepares data
*
* Converts given data into a format that can be stored into a file.
* You might edit this method to your requirements.
*
* @param mixed $data incoming report data
*
* @return string
*/
protected function prepareData($data)
{
$format = '"%s",%s,%d,"%s","%s","%s","%s"';
$attackedParameters = '';
foreach ($data as $event) {
$attackedParameters .= $event->getName() . '=' .
rawurlencode($event->getValue()) . ' ';
}
$dataString = sprintf($format,
urlencode($this->ip),
date('c'),
$data->getImpact(),
join(' ', $data->getTags()),
urlencode(trim($attackedParameters)),
urlencode($_SERVER['REQUEST_URI']),
$_SERVER['SERVER_ADDR']
);
return $dataString;
}
/**
* Stores given data into a file
*
* @param object $data IDS_Report
*
* @throws Exception if the logfile isn't writeable
* @return boolean
*/
public function execute(IDS_Report $data)
{
/*
* In case the data has been modified before it might be necessary
* to convert it to string since we can't store array or object
* into a file
*/
$data = $this->prepareData($data);
if (is_string($data)) {
if (file_exists($this->logfile)) {
$data = trim($data);
if (!empty($data)) {
if (is_writable($this->logfile)) {
$handle = fopen($this->logfile, 'a');
fwrite($handle, trim($data) . "\n");
fclose($handle);
} else {
throw new Exception(
'Please make sure that ' . $this->logfile .
' is writeable.'
);
}
}
} else {
throw new Exception(
'Given file does not exist. Please make sure the
logfile is present in the given directory.'
);
}
} else {
throw new Exception(
'Please make sure that data returned by
IDS_Log_File::prepareData() is a string.'
);
}
return true;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

136
libraries/plugins/IDS/Log/Composite.php
View File

@ -1,136 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Log/Interface.php';
/**
* Log Composite
*
* This class implements the composite pattern to allow to work with multiple
* logging wrappers at once.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Composite.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Log_Composite
{
/**
* Holds registered logging wrapper
*
* @var array
*/
public $loggers = array();
/**
* Iterates through registered loggers and executes them
*
* @param object $data IDS_Report object
*
* @return void
*/
public function execute(IDS_Report $data)
{
// make sure request uri is set right on IIS
if (!isset($_SERVER['REQUEST_URI'])) {
$_SERVER['REQUEST_URI'] = substr($_SERVER['PHP_SELF'], 1);
if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) {
$_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
}
}
// make sure server address is set right on IIS
if (isset($_SERVER['LOCAL_ADDR'])) {
$_SERVER['SERVER_ADDR'] = $_SERVER['LOCAL_ADDR'];
}
foreach ($this->loggers as $logger) {
$logger->execute($data);
}
}
/**
* Registers a new logging wrapper
*
* Only valid IDS_Log_Interface instances passed to this function will be
* registered
*
* @return void
*/
public function addLogger()
{
$args = func_get_args();
foreach ($args as $class) {
if (!in_array($class, $this->loggers) &&
($class instanceof IDS_Log_Interface)) {
$this->loggers[] = $class;
}
}
}
/**
* Removes a logger
*
* @param object $logger IDS_Log_Interface object
*
* @return boolean
*/
public function removeLogger(IDS_Log_Interface $logger)
{
$key = array_search($logger, $this->loggers);
if (isset($this->loggers[$key])) {
unset($this->loggers[$key]);
return true;
}
return false;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

300
libraries/plugins/IDS/Log/Database.php
View File

@ -1,300 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Log/Interface.php';
/*
* Needed SQL:
*
CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER
SET utf8 COLLATE utf8_general_ci;
DROP TABLE IF EXISTS `intrusions`;
CREATE TABLE IF NOT EXISTS `intrusions` (
`id` int(11) unsigned NOT null auto_increment,
`name` varchar(128) NOT null,
`value` text NOT null,
`page` varchar(255) NOT null,
`tags` varchar(128) NOT null,
`ip` varchar(15) NOT null,
`ip2` varchar(15) NOT null,
`impact` int(11) unsigned NOT null,
`origin` varchar(15) NOT null,
`created` datetime NOT null,
PRIMARY KEY (`id`)
) ENGINE=MyISAM ;
*
*
*
*/
/**
* Database logging wrapper
*
* The database wrapper is designed to store reports into an sql database. It
* implements the singleton pattern and is based in PDO, supporting
* different database types.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Database.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Log_Database implements IDS_Log_Interface
{
/**
* Database wrapper
*
* @var string
*/
private $wrapper = null;
/**
* Database user
*
* @var string
*/
private $user = null;
/**
* Database password
*
* @var string
*/
private $password = null;
/**
* Database table
*
* @var string
*/
private $table = null;
/**
* Database handle
*
* @var object PDO instance
*/
private $handle = null;
/**
* Prepared SQL statement
*
* @var string
*/
private $statement = null;
/**
* Holds current remote address
*
* @var string
*/
private $ip = 'local/unknown';
/**
* Instance container
*
* Due to the singleton pattern this class allows to initiate only one instance
* for each database wrapper.
*
* @var array
*/
private static $instances = array();
/**
* Constructor
*
* Prepares the SQL statement
*
* @param mixed $config IDS_Init instance | array
*
* @return void
* @throws PDOException if a db error occurred
*/
protected function __construct($config)
{
if ($config instanceof IDS_Init) {
$this->wrapper = $config->config['Logging']['wrapper'];
$this->user = $config->config['Logging']['user'];
$this->password = $config->config['Logging']['password'];
$this->table = $config->config['Logging']['table'];
} elseif (is_array($config)) {
$this->wrapper = $config['wrapper'];
$this->user = $config['user'];
$this->password = $config['password'];
$this->table = $config['table'];
}
// determine correct IP address and concat them if necessary
$this->ip = $_SERVER['REMOTE_ADDR'];
$this->ip2 = isset($_SERVER['HTTP_X_FORWARDED_FOR'])
? $_SERVER['HTTP_X_FORWARDED_FOR']
: '';
try {
$this->handle = new PDO(
$this->wrapper,
$this->user,
$this->password
);
$this->statement = $this->handle->prepare('
INSERT INTO ' . $this->table . ' (
name,
value,
page,
tags,
ip,
ip2,
impact,
origin,
created
)
VALUES (
:name,
:value,
:page,
:tags,
:ip,
:ip2,
:impact,
:origin,
now()
)
');
} catch (PDOException $e) {
throw new PDOException('PDOException: ' . $e->getMessage());
}
}
/**
* Returns an instance of this class
*
* This method allows the passed argument to be either an instance of IDS_Init or
* an array.
*
* @param mixed $config IDS_Init | array
* @param string $classname the class name to use
*
* @return object $this
*/
public static function getInstance($config, $classname = 'IDS_Log_Database')
{
if ($config instanceof IDS_Init) {
$wrapper = $config->config['Logging']['wrapper'];
} elseif (is_array($config)) {
$wrapper = $config['wrapper'];
}
if (!isset(self::$instances[$wrapper])) {
self::$instances[$wrapper] = new $classname($config);
}
return self::$instances[$wrapper];
}
/**
* Permitting to clone this object
*
* For the sake of correctness of a singleton pattern, this is necessary
*
* @return void
*/
private function __clone()
{
}
/**
* Stores given data into the database
*
* @param object $data IDS_Report instance
*
* @throws Exception if db error occurred
* @return boolean
*/
public function execute(IDS_Report $data)
{
if (!isset($_SERVER['REQUEST_URI'])) {
$_SERVER['REQUEST_URI'] = substr($_SERVER['PHP_SELF'], 1);
if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) {
$_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
}
}
foreach ($data as $event) {
$page = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
$ip = $this->ip;
$ip2 = $this->ip2;
$name = $event->getName();
$value = $event->getValue();
$impact = $event->getImpact();
$tags = implode(', ', $event->getTags());
$this->statement->bindParam('name', $name);
$this->statement->bindParam('value', $value);
$this->statement->bindParam('page', $page);
$this->statement->bindParam('tags', $tags);
$this->statement->bindParam('ip', $ip);
$this->statement->bindParam('ip2', $ip2);
$this->statement->bindParam('impact', $impact);
$this->statement->bindParam('origin', $_SERVER['SERVER_ADDR']);
if (!$this->statement->execute()) {
$info = $this->statement->errorInfo();
throw new Exception(
$this->statement->errorCode() . ', ' . $info[1] . ', ' . $info[2]
);
}
}
return true;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

400
libraries/plugins/IDS/Log/Email.php
View File

@ -1,400 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Log/Interface.php';
/**
* Email logging wrapper
*
* The Email wrapper is designed to send reports via email. It implements the
* singleton pattern.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Email.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Log_Email implements IDS_Log_Interface
{
/**
* Recipient container
*
* @var array
*/
protected $recipients = array();
/**
* Mail subject
*
* @var string
*/
protected $subject = null;
/**
* Additional mail headers
*
* @var string
*/
protected $headers = null;
/**
* Safemode switch
*
* Using this switch it is possible to enable safemode, which is a spam
* protection based on the alert frequency.
*
* @var boolean
*/
protected $safemode = true;
/**
* Urlencode for result strings
*
* This switch is true by default. Setting it to false removes
* the 'better safe than sorry' urlencoding for the result string in
* the report mails. Enhances readability but maybe XSSes email clients.
*
* @var boolean
*/
protected $urlencode = true;
/**
* Send rate
*
* If safemode is enabled, this property defines how often reports will be
* sent out. Default value is 15, which means that a mail will be sent on
* condition that the last email has not been sent earlier than 15 seconds ago.
*
* @var integer
*/
protected $allowed_rate = 15;
/**
* PHPIDS temp directory
*
* When safemod is enabled, a path to a temp directory is needed to
* store some information. Default is IDS/tmp/
*
* @var string
*/
protected $tmp_path = 'IDS/tmp/';
/**
* File prefix for tmp files
*
* @var string
*/
protected $file_prefix = 'PHPIDS_Log_Email_';
/**
* Holds current remote address
*
* @var string
*/
protected $ip = 'local/unknown';
/**
* Instance container
*
* @var array
*/
protected static $instance = array();
/**
* Constructor
*
* @param mixed $config IDS_Init instance | array
*
* @return void
*/
protected function __construct($config)
{
if ($config instanceof IDS_Init) {
$this->recipients = $config->config['Logging']['recipients'];
$this->subject = $config->config['Logging']['subject'];
$this->headers = $config->config['Logging']['header'];
$this->envelope = $config->config['Logging']['envelope'];
$this->safemode = $config->config['Logging']['safemode'];
$this->urlencode = $config->config['Logging']['urlencode'];
$this->allowed_rate = $config->config['Logging']['allowed_rate'];
$this->tmp_path = $config->getBasePath()
. $config->config['General']['tmp_path'];
} elseif (is_array($config)) {
$this->recipients[] = $config['recipients'];
$this->subject = $config['subject'];
$this->additionalHeaders = $config['header'];
}
// determine correct IP address and concat them if necessary
$this->ip = $_SERVER['REMOTE_ADDR'] .
(isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
}
/**
* Returns an instance of this class
*
* This method allows the passed argument to be either an instance of
* IDS_Init or an array.
*
* @param mixed $config IDS_Init | array
* @param string $classname the class name to use
*
* @return object $this
*/
public static function getInstance($config, $classname = 'IDS_Log_Email')
{
if (!self::$instance) {
self::$instance = new $classname($config);
}
return self::$instance;
}
/**
* Permitting to clone this object
*
* For the sake of correctness of a singleton pattern, this is necessary
*
* @return void
*/
private function __clone()
{
}
/**
* Detects spam attempts
*
* To avoid mail spam through this logging class this function is used
* to detect such attempts based on the alert frequency.
*
* @return boolean
*/
protected function isSpamAttempt()
{
/*
* loop through all files in the tmp directory and
* delete garbage files
*/
$dir = $this->tmp_path;
$numPrefixChars = strlen($this->file_prefix);
$files = scandir($dir);
foreach ($files as $file) {
if (is_file($dir . DIRECTORY_SEPARATOR . $file)) {
if (substr($file, 0, $numPrefixChars) == $this->file_prefix) {
$lastModified = filemtime($dir . DIRECTORY_SEPARATOR . $file);
if ((time() - $lastModified) > 3600) {
unlink($dir . DIRECTORY_SEPARATOR . $file);
}
}
}
}
/*
* end deleting garbage files
*/
$remoteAddr = $this->ip;
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$filename = $this->file_prefix . md5($remoteAddr.$userAgent) . '.tmp';
$file = $dir . DIRECTORY_SEPARATOR . $filename;
if (!file_exists($file)) {
$handle = fopen($file, 'w');
fwrite($handle, time());
fclose($handle);
return false;
}
$lastAttack = file_get_contents($file);
$difference = time() - $lastAttack;
if ($difference > $this->allowed_rate) {
unlink($file);
} else {
return true;
}
return false;
}
/**
* Prepares data
*
* Converts given data into a format that can be read in an email.
* You might edit this method to your requirements.
*
* @param mixed $data the report data
*
* @return string
*/
protected function prepareData($data)
{
$format = "The following attack has been detected by PHPIDS\n\n";
$format .= "IP: %s \n";
$format .= "Date: %s \n";
$format .= "Impact: %d \n";
$format .= "Affected tags: %s \n";
$attackedParameters = '';
foreach ($data as $event) {
$attackedParameters .= $event->getName() . '=' .
((!isset($this->urlencode) ||$this->urlencode)
? urlencode($event->getValue())
: $event->getValue()) . ", ";
}
$format .= "Affected parameters: %s \n";
$format .= "Request URI: %s \n";
$format .= "Origin: %s \n";
return sprintf($format,
$this->ip,
date('c'),
$data->getImpact(),
join(' ', $data->getTags()),
trim($attackedParameters),
htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES, 'UTF-8'),
$_SERVER['SERVER_ADDR']);
}
/**
* Sends the report to registered recipients
*
* @param object $data IDS_Report instance
*
* @throws Exception if data is no string
* @return boolean
*/
public function execute(IDS_Report $data)
{
if ($this->safemode) {
if ($this->isSpamAttempt()) {
return false;
}
}
/*
* In case the data has been modified before it might
* be necessary to convert it to string since it's pretty
* senseless to send array or object via e-mail
*/
$data = $this->prepareData($data);
if (is_string($data)) {
$data = trim($data);
// if headers are passed as array, we need to make a string of it
if (is_array($this->headers)) {
$headers = "";
foreach ($this->headers as $header) {
$headers .= $header . "\r\n";
}
} else {
$headers = $this->headers;
}
if (!empty($this->recipients)) {
if (is_array($this->recipients)) {
foreach ($this->recipients as $address) {
$this->send(
$address,
$data,
$headers,
$this->envelope
);
}
} else {
$this->send(
$this->recipients,
$data,
$headers,
$this->envelope
);
}
}
} else {
throw new Exception(
'Please make sure that data returned by
IDS_Log_Email::prepareData() is a string.'
);
}
return true;
}
/**
* Sends an email
*
* @param string $address email address
* @param string $data the report data
* @param string $headers the mail headers
* @param string $envelope the optional envelope string
*
* @return boolean
*/
protected function send($address, $data, $headers, $envelope = null)
{
if (!$envelope || strpos(ini_get('sendmail_path'),' -f') !== false) {
return mail($address,
$this->subject,
$data,
$headers);
} else {
return mail($address,
$this->subject,
$data,
$headers,
'-f' . $envelope);
}
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

229
libraries/plugins/IDS/Log/File.php
View File

@ -1,229 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
require_once 'IDS/Log/Interface.php';
/**
* File logging wrapper
*
* The file wrapper is designed to store data into a flatfile. It implements the
* singleton pattern.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:File.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Log_File implements IDS_Log_Interface
{
/**
* Path to the log file
*
* @var string
*/
private $logfile = null;
/**
* Instance container
*
* Due to the singleton pattern this class allows to initiate only one
* instance for each file.
*
* @var array
*/
private static $instances = array();
/**
* Holds current remote address
*
* @var string
*/
private $ip = 'local/unknown';
/**
* Constructor
*
* @param string $logfile path to the log file
*
* @return void
*/
protected function __construct($logfile)
{
// determine correct IP address and concat them if necessary
$this->ip = $_SERVER['REMOTE_ADDR'] .
(isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
$this->logfile = $logfile;
}
/**
* Returns an instance of this class
*
* This method allows the passed argument to be either an instance of
* IDS_Init or a path to a log file. Due to the singleton pattern only one
* instance for each file can be initiated.
*
* @param mixed $config IDS_Init or path to a file
* @param string $classname the class name to use
*
* @return object $this
*/
public static function getInstance($config, $classname = 'IDS_Log_File')
{
if ($config instanceof IDS_Init) {
$logfile = $config->getBasePath() . $config->config['Logging']['path'];
} elseif (is_string($config)) {
$logfile = $config;
}
if (!isset(self::$instances[$logfile])) {
self::$instances[$logfile] = new $classname($logfile);
}
return self::$instances[$logfile];
}
/**
* Permitting to clone this object
*
* For the sake of correctness of a singleton pattern, this is necessary
*
* @return void
*/
private function __clone()
{
}
/**
* Prepares data
*
* Converts given data into a format that can be stored into a file.
* You might edit this method to your requirements.
*
* @param mixed $data incoming report data
*
* @return string
*/
protected function prepareData($data)
{
$format = '"%s",%s,%d,"%s","%s","%s","%s"';
$attackedParameters = '';
foreach ($data as $event) {
$attackedParameters .= $event->getName() . '=' .
rawurlencode($event->getValue()) . ' ';
}
$dataString = sprintf($format,
urlencode($this->ip),
date('c'),
$data->getImpact(),
join(' ', $data->getTags()),
urlencode(trim($attackedParameters)),
urlencode($_SERVER['REQUEST_URI']),
$_SERVER['SERVER_ADDR']
);
return $dataString;
}
/**
* Stores given data into a file
*
* @param object $data IDS_Report
*
* @throws Exception if the logfile isn't writeable
* @return boolean
*/
public function execute(IDS_Report $data)
{
/*
* In case the data has been modified before it might be necessary
* to convert it to string since we can't store array or object
* into a file
*/
$data = $this->prepareData($data);
if (is_string($data)) {
if (file_exists($this->logfile)) {
$data = trim($data);
if (!empty($data)) {
if (is_writable($this->logfile)) {
$handle = fopen($this->logfile, 'a');
fwrite($handle, trim($data) . "\n");
fclose($handle);
} else {
throw new Exception(
'Please make sure that ' . $this->logfile .
' is writeable.'
);
}
}
} else {
throw new Exception(
'Given file does not exist. Please make sure the
logfile is present in the given directory.'
);
}
} else {
throw new Exception(
'Please make sure that data returned by
IDS_Log_File::prepareData() is a string.'
);
}
return true;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

65
libraries/plugins/IDS/Log/Interface.php
View File

@ -1,65 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* Interface for logging wrappers
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @version Release: $Id:Interface.php 517 2007-09-15 15:04:13Z mario $
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
interface IDS_Log_Interface
{
/**
* Interface method
*
* @param IDS_Report $data the report data
*
* @return void
*/
public function execute(IDS_Report $data);
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

778
libraries/plugins/IDS/Monitor.php
View File

@ -1,778 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* Monitoring engine
*
* This class represents the core of the frameworks attack detection mechanism
* and provides functions to scan incoming data for malicious appearing script
* fragments.
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Monitor.php 949 2008-06-28 01:26:03Z christ1an $
* @link http://php-ids.org/
*/
class IDS_Monitor
{
/**
* Tags to define what to search for
*
* Accepted values are xss, csrf, sqli, dt, id, lfi, rfe, spam, dos
*
* @var array
*/
private $tags = null;
/**
* Request array
*
* Array containing raw data to search in
*
* @var array
*/
private $request = null;
/**
* Container for filter rules
*
* Holds an instance of IDS_Filter_Storage
*
* @var object
*/
private $storage = null;
/**
* Results
*
* Holds an instance of IDS_Report which itself provides an API to
* access the detected results
*
* @var object
*/
private $report = null;
/**
* Scan keys switch
*
* Enabling this property will cause the monitor to scan both the key and
* the value of variables
*
* @var boolean
*/
public $scanKeys = false;
/**
* Exception container
*
* Using this array it is possible to define variables that must not be
* scanned. Per default, utmz google analytics parameters are permitted.
*
* @var array
*/
private $exceptions = array();
/**
* Html container
*
* Using this array it is possible to define variables that legally
* contain html and have to be prepared before hitting the rules to
* avoid too many false alerts
*
* @var array
*/
private $html = array();
/**
* JSON container
*
* Using this array it is possible to define variables that contain
* JSON data - and should be treated as such
*
* @var array
*/
private $json = array();
/**
* Holds HTMLPurifier object
*
* @var object
*/
private $htmlpurifier = NULL;
/**
* Path to HTMLPurifier source
*
* This path might be changed in case one wishes to make use of a
* different HTMLPurifier source file e.g. if already used in the
* application PHPIDS is protecting
*
* @var string
*/
private $pathToHTMLPurifier = '';
/**
* HTMLPurifier cache directory
*
* @var string
*/
private $HTMLPurifierCache = '';
/**
* This property holds the tmp JSON string from the
* _jsonDecodeValues() callback
*
* @var string
*/
private $tmpJsonString = '';
/**
* Constructor
*
* @param array $request array to scan
* @param object $init instance of IDS_Init
* @param array $tags list of tags to which filters should be applied
*
* @return void
*/
public function __construct(array $request, IDS_Init $init, array $tags = null)
{
$version = isset($init->config['General']['min_php_version'])
? $init->config['General']['min_php_version'] : '5.1.6';
if (version_compare(PHP_VERSION, $version, '<')) {
throw new Exception(
'PHP version has to be equal or higher than ' . $version . ' or
PHP version couldn\'t be determined'
);
}
if (!empty($request)) {
$this->storage = new IDS_Filter_Storage($init);
$this->request = $request;
$this->tags = $tags;
$this->scanKeys = $init->config['General']['scan_keys'];
$this->exceptions = isset($init->config['General']['exceptions'])
? $init->config['General']['exceptions'] : false;
$this->html = isset($init->config['General']['html'])
? $init->config['General']['html'] : false;
$this->json = isset($init->config['General']['json'])
? $init->config['General']['json'] : false;
if(isset($init->config['General']['HTML_Purifier_Path'])
&& isset($init->config['General']['HTML_Purifier_Cache'])) {
$this->pathToHTMLPurifier =
$init->config['General']['HTML_Purifier_Path'];
$this->HTMLPurifierCache = $init->getBasePath()
. $init->config['General']['HTML_Purifier_Cache'];
}
}
if (!is_writeable($init->getBasePath()
. $init->config['General']['tmp_path'])) {
throw new Exception(
'Please make sure the ' .
htmlspecialchars($init->getBasePath() .
$init->config['General']['tmp_path'], ENT_QUOTES, 'UTF-8') .
' folder is writable'
);
}
include_once 'IDS/Report.php';
$this->report = new IDS_Report;
}
/**
* Starts the scan mechanism
*
* @return object IDS_Report
*/
public function run()
{
if (!empty($this->request)) {
foreach ($this->request as $key => $value) {
$this->_iterate($key, $value);
}
}
return $this->getReport();
}
/**
* Iterates through given data and delegates it to IDS_Monitor::_detect() in
* order to check for malicious appearing fragments
*
* @param mixed $key the former array key
* @param mixed $value the former array value
*
* @return void
*/
private function _iterate($key, $value)
{
if (!is_array($value)) {
if (is_string($value)) {
if ($filter = $this->_detect($key, $value)) {
include_once 'IDS/Event.php';
$this->report->addEvent(
new IDS_Event(
$key,
$value,
$filter
)
);
}
}
} else {
foreach ($value as $subKey => $subValue) {
$this->_iterate($key . '.' . $subKey, $subValue);
}
}
}
/**
* Checks whether given value matches any of the supplied filter patterns
*
* @param mixed $key the key of the value to scan
* @param mixed $value the value to scan
*
* @return bool|array false or array of filter(s) that matched the value
*/
private function _detect($key, $value)
{
// define the pre-filter
$prefilter = '/[^\w\s\/@!?\.]+|(?:\.\/)|(?:@@\w+)'
. '|(?:\+ADw)|(?:union\s+select)/i';
// to increase performance, only start detection if value
// isn't alphanumeric
if (!$this->scanKeys
&& (!$value || !preg_match($prefilter, $value))) {
return false;
} elseif($this->scanKeys) {
if((!$key || !preg_match($prefilter, $key))
&& (!$value || !preg_match($prefilter, $value))) {
return false;
}
}
// check if this field is part of the exceptions
if (is_array($this->exceptions)) {
foreach($this->exceptions as $exception) {
$matches = array();
if(preg_match('/(\/.*\/[^eE]*)$/', $exception, $matches)) {
if(isset($matches[1]) && preg_match($matches[1], $key)) {
return false;
}
} else {
if($exception === $key) {
return false;
}
}
}
}
// check for magic quotes and remove them if necessary
if (function_exists('get_magic_quotes_gpc')
&& get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
if(function_exists('get_magic_quotes_gpc')
&& !get_magic_quotes_gpc()
&& version_compare(PHP_VERSION, '5.3.0', '>=')) {
$value = preg_replace('/\\\(["\'\/])/im', '$1', $value);
}
// if html monitoring is enabled for this field - then do it!
if (is_array($this->html) && in_array($key, $this->html, true)) {
list($key, $value) = $this->_purifyValues($key, $value);
}
// check if json monitoring is enabled for this field
if (is_array($this->json) && in_array($key, $this->json, true)) {
list($key, $value) = $this->_jsonDecodeValues($key, $value);
}
// use the converter
include_once 'IDS/Converter.php';
$value = IDS_Converter::runAll($value);
$value = IDS_Converter::runCentrifuge($value, $this);
// scan keys if activated via config
$key = $this->scanKeys ? IDS_Converter::runAll($key)
: $key;
$key = $this->scanKeys ? IDS_Converter::runCentrifuge($key, $this)
: $key;
$filters = array();
$filterSet = $this->storage->getFilterSet();
foreach ($filterSet as $filter) {
/*
* in case we have a tag array specified the IDS will only
* use those filters that are meant to detect any of the
* defined tags
*/
if (is_array($this->tags)) {
if (array_intersect($this->tags, $filter->getTags())) {
if ($this->_match($key, $value, $filter)) {
$filters[] = $filter;
}
}
} else {
if ($this->_match($key, $value, $filter)) {
$filters[] = $filter;
}
}
}
return empty($filters) ? false : $filters;
}
/**
* Purifies given key and value variables using HTMLPurifier
*
* This function is needed whenever there is variables for which HTML
* might be allowed like e.g. WYSIWYG post bodies. It will dectect malicious
* code fragments and leaves harmless parts untouched.
*
* @param mixed $key
* @param mixed $value
* @since 0.5
* @throws Exception
*
* @return array
*/
private function _purifyValues($key, $value)
{
/*
* Perform a pre-check if string is valid for purification
*/
if(!$this->_purifierPreCheck($key, $value)) {
return array($key, $value);
}
include_once $this->pathToHTMLPurifier;
if (!is_writeable($this->HTMLPurifierCache)) {
throw new Exception(
$this->HTMLPurifierCache . ' must be writeable');
}
if (class_exists('HTMLPurifier')) {
$config = HTMLPurifier_Config::createDefault();
$config->set('Attr.EnableID', true);
$config->set('Cache.SerializerPath', $this->HTMLPurifierCache);
$config->set('Output.Newline', "\n");
$this->htmlpurifier = new HTMLPurifier($config);
} else {
throw new Exception(
'HTMLPurifier class could not be found - ' .
'make sure the purifier files are valid and' .
' the path is correct'
);
}
$value = preg_replace('/[\x0b-\x0c]/', ' ', $value);
$key = preg_replace('/[\x0b-\x0c]/', ' ', $key);
$purified_value = $this->htmlpurifier->purify($value);
$purified_key = $this->htmlpurifier->purify($key);
$redux_value = strip_tags($value);
$redux_key = strip_tags($key);
if ($value != $purified_value || $redux_value) {
$value = $this->_diff($value, $purified_value, $redux_value);
} else {
$value = NULL;
}
if ($key != $purified_key) {
$key = $this->_diff($key, $purified_key, $redux_key);
} else {
$key = NULL;
}
return array($key, $value);
}
/**
* This method makes sure no dangerous markup can be smuggled in
* attributes when HTML mode is switched on.
*
* If the precheck considers the string too dangerous for
* purification false is being returned.
*
* @param mixed $key
* @param mixed $value
* @since 0.6
*
* @return boolean
*/
private function _purifierPreCheck($key = '', $value = '')
{
/*
* Remove control chars before pre-check
*/
$tmp_value = preg_replace('/\p{C}/', null, $value);
$tmp_key = preg_replace('/\p{C}/', null, $key);
$precheck = '/<(script|iframe|applet|object)\W/i';
if(preg_match($precheck, $tmp_key)
|| preg_match($precheck, $tmp_value)) {
return false;
}
return true;
}
/**
* This method calculates the difference between the original
* and the purified markup strings.
*
* @param string $original the original markup
* @param string $purified the purified markup
* @param string $redux the string without html
* @since 0.5
*
* @return string the difference between the strings
*/
private function _diff($original, $purified, $redux)
{
/*
* deal with over-sensitive alt-attribute addition of the purifier
* and other common html formatting problems
*/
$purified = preg_replace('/\s+alt="[^"]*"/m', null, $purified);
$purified = preg_replace('/=?\s*"\s*"/m', null, $purified);
$original = preg_replace('/\s+alt="[^"]*"/m', null, $original);
$original = preg_replace('/=?\s*"\s*"/m', null, $original);
$original = preg_replace('/style\s*=\s*([^"])/m', 'style = "$1', $original);
# deal with oversensitive CSS normalization
$original = preg_replace('/(?:([\w\-]+:)+\s*([^;]+;\s*))/m', '$1$2', $original);
# strip whitespace between tags
$original = trim(preg_replace('/>\s*</m', '><', $original));
$purified = trim(preg_replace('/>\s*</m', '><', $purified));
$original = preg_replace(
'/(=\s*(["\'`])[^>"\'`]*>[^>"\'`]*["\'`])/m', 'alt$1', $original
);
// no purified html is left
if (!$purified) {
return $original;
}
// calculate the diff length
$length = mb_strlen($original) - mb_strlen($purified);
/*
* Calculate the difference between the original html input
* and the purified string.
*/
$array_1 = preg_split('/(?<!^)(?!$)/u', html_entity_decode(urldecode($original)));
$array_2 = preg_split('/(?<!^)(?!$)/u', $purified);
// create an array containing the single character differences
$differences = array();
foreach ($array_1 as $key => $value) {
if (!isset($array_2[$key]) || $value !== $array_2[$key]) {
$differences[] = $value;
}
}
// return the diff - ready to hit the converter and the rules
if(intval($length) <= 10) {
$diff = trim(join('', $differences));
} else {
$diff = mb_substr(trim(join('', $differences)), 0, strlen($original));
}
// clean up spaces between tag delimiters
$diff = preg_replace('/>\s*</m', '><', $diff);
// correct over-sensitively stripped bad html elements
$diff = preg_replace('/[^<](iframe|script|embed|object' .
'|applet|base|img|style)/m', '<$1', $diff);
if (mb_strlen($diff) < 4) {
return null;
}
return $diff . $redux;
}
/**
* This method prepares incoming JSON data for the PHPIDS detection
* process. It utilizes _jsonConcatContents() as callback and returns a
* string version of the JSON data structures.
*
* @param mixed $key
* @param mixed $value
* @since 0.5.3
*
* @return array
*/
private function _jsonDecodeValues($key, $value) {
$tmp_key = json_decode($key);
$tmp_value = json_decode($value);
if($tmp_value && is_array($tmp_value) || is_object($tmp_value)) {
array_walk_recursive($tmp_value, array($this, '_jsonConcatContents'));
$value = $this->tmpJsonString;
} else {
$this->tmpJsonString .= " " . $tmp_value . "\n";
}
if($tmp_key && is_array($tmp_key) || is_object($tmp_key)) {
array_walk_recursive($tmp_key, array($this, '_jsonConcatContents'));
$key = $this->tmpJsonString;
} else {
$this->tmpJsonString .= " " . $tmp_key . "\n";
}
return array($key, $value);
}
/**
* This is the callback used in _jsonDecodeValues(). The method
* concatenates key and value and stores them in $this->tmpJsonString.
*
* @param mixed $key
* @param mixed $value
* @since 0.5.3
*
* @return void
*/
private function _jsonConcatContents($key, $value) {
if(is_string($key) && is_string($value)) {
$this->tmpJsonString .= $key . " " . $value . "\n";
} else {
$this->_jsonDecodeValues(
json_encode($key), json_encode($value)
);
}
}
/**
* Matches given value and/or key against given filter
*
* @param mixed $key the key to optionally scan
* @param mixed $value the value to scan
* @param object $filter the filter object
*
* @return boolean
*/
private function _match($key, $value, $filter)
{
if ($this->scanKeys) {
if ($filter->match($key)) {
return true;
}
}
if ($filter->match($value)) {
return true;
}
return false;
}
/**
* Sets exception array
*
* @param mixed $exceptions the thrown exceptions
*
* @return void
*/
public function setExceptions($exceptions)
{
if (!is_array($exceptions)) {
$exceptions = array($exceptions);
}
$this->exceptions = $exceptions;
}
/**
* Returns exception array
*
* @return array
*/
public function getExceptions()
{
return $this->exceptions;
}
/**
* Sets html array
*
* @param mixed $html the fields containing html
* @since 0.5
*
* @return void
*/
public function setHtml($html)
{
if (!is_array($html)) {
$html = array($html);
}
$this->html = $html;
}
/**
* Adds a value to the html array
*
* @since 0.5
*
* @return void
*/
public function addHtml($value)
{
$this->html[] = $value;
}
/**
* Returns html array
*
* @since 0.5
*
* @return array the fields that contain allowed html
*/
public function getHtml()
{
return $this->html;
}
/**
* Sets json array
*
* @param mixed $json the fields containing json
* @since 0.5.3
*
* @return void
*/
public function setJson($json)
{
if (!is_array($json)) {
$json = array($json);
}
$this->json = $json;
}
/**
* Adds a value to the json array
*
* @param string the value containing JSON data
* @since 0.5.3
*
* @return void
*/
public function addJson($value)
{
$this->json[] = $value;
}
/**
* Returns json array
*
* @since 0.5.3
*
* @return array the fields that contain json
*/
public function getJson()
{
return $this->json;
}
/**
* Returns storage container
*
* @return array
*/
public function getStorage()
{
return $this->storage;
}
/**
* Returns report object providing various functions to work with
* detected results. Also the centrifuge data is being set as property
* of the report object.
*
* @return object IDS_Report
*/
public function getReport()
{
if (isset($this->centrifuge) && $this->centrifuge) {
$this->report->setCentrifuge($this->centrifuge);
}
return $this->report;
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

341
libraries/plugins/IDS/Report.php
View File

@ -1,341 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* PHPIDS report object
*
* The report objects collects a number of events and thereby presents the
* detected results. It provides a convenient API to work with the results.
*
* Note that this class implements Countable, IteratorAggregate and
* a __toString() method
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Report.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
class IDS_Report implements Countable, IteratorAggregate
{
/**
* Event container
*
* @var array
*/
protected $events = array();
/**
* List of affected tags
*
* This list of tags is collected from the collected event objects on
* demand when IDS_Report->getTags() is called
*
* @var array
*/
protected $tags = array();
/**
* Impact level
*
* The impact level is calculated on demand by adding the results of the
* event objects on IDS_Report->getImpact()
*
* @var integer
*/
protected $impact = 0;
/**
* Centrifuge data
*
* This variable - initiated as an empty array - carries all information
* about the centrifuge data if available
*
* @var array
*/
protected $centrifuge = array();
/**
* Constructor
*
* @param array $events the events the report should include
*
* @return void
*/
public function __construct(array $events = null)
{
if ($events) {
foreach ($events as $event) {
$this->addEvent($event);
}
}
}
/**
* Adds an IDS_Event object to the report
*
* @param object $event IDS_Event
*
* @return object $this
*/
public function addEvent(IDS_Event $event)
{
$this->clear();
$this->events[$event->getName()] = $event;
return $this;
}
/**
* Get event by name
*
* In most cases an event is identified by the key of the variable that
* contained maliciously appearing content
*
* @param scalar $name the event name
*
* @throws InvalidArgumentException if argument is invalid
* @return mixed IDS_Event object or false if the event does not exist
*/
public function getEvent($name)
{
if (!is_scalar($name)) {
throw new InvalidArgumentException(
'Invalid argument type given'
);
}
if ($this->hasEvent($name)) {
return $this->events[$name];
}
return false;
}
/**
* Returns list of affected tags
*
* @return array
*/
public function getTags()
{
if (!$this->tags) {
$this->tags = array();
foreach ($this->events as $event) {
$this->tags = array_merge($this->tags,
$event->getTags());
}
$this->tags = array_values(array_unique($this->tags));
}
return $this->tags;
}
/**
* Returns total impact
*
* Each stored IDS_Event object and its IDS_Filter sub-object are called
* to calculate the overall impact level of this request
*
* @return integer
*/
public function getImpact()
{
if (!$this->impact) {
$this->impact = 0;
foreach ($this->events as $event) {
$this->impact += $event->getImpact();
}
}
return $this->impact;
}
/**
* Checks if a specific event with given name exists
*
* @param scalar $name the event name
*
* @throws InvalidArgumentException if argument is illegal
*
* @return boolean
*/
public function hasEvent($name)
{
if (!is_scalar($name)) {
throw new InvalidArgumentException('Invalid argument given');
}
return isset($this->events[$name]);
}
/**
* Returns total amount of events
*
* @return integer
*/
public function count()
{
return count($this->events);
}
/**
* Return iterator object
*
* In order to provide the possibility to directly iterate over the
* IDS_Event object the IteratorAggregate is implemented. One can easily
* use foreach() to iterate through all stored IDS_Event objects.
*
* @return ArrayObject the event collection
*/
public function getIterator()
{
return new ArrayObject($this->events);
}
/**
* Checks if any events are registered
*
* @return boolean
*/
public function isEmpty()
{
return empty($this->events);
}
/**
* Clears calculated/collected values
*
* @return void
*/
protected function clear()
{
$this->impact = 0;
$this->tags = array();
}
/**
* This method returns the centrifuge property or null if not
* filled with data
*
* @return array/null
*/
public function getCentrifuge()
{
return ($this->centrifuge && count($this->centrifuge) > 0)
? $this->centrifuge : null;
}
/**
* This method sets the centrifuge property
*
* @param array $centrifuge the centrifuge data
*
* @throws InvalidArgumentException if argument is illegal
*
* @return boolean true is arguments were valid
*/
public function setCentrifuge($centrifuge = array())
{
if (is_array($centrifuge) && $centrifuge) {
$this->centrifuge = $centrifuge;
return true;
}
throw new InvalidArgumentException('Invalid argument given');
}
/**
* Directly outputs all available information
*
* @return string
*/
public function __toString()
{
if (!$this->isEmpty()) {
$output = '';
$output .= 'Total impact: ' . $this->getImpact() . "<br/>\n";
$output .= 'Affected tags: ' . join(', ', $this->getTags()) .
"<br/>\n";
foreach ($this->events as $event) {
$output .= "<br/>\nVariable: " .
htmlspecialchars($event->getName()) . ' | Value: ' .
htmlspecialchars($event->getValue()) . "<br/>\n";
$output .= 'Impact: ' . $event->getImpact() . ' | Tags: ' .
join(', ', $event->getTags()) . "<br/>\n";
foreach ($event as $filter) {
$output .= 'Description: ' . $filter->getDescription() .
' | ';
$output .= 'Tags: ' . join(', ', $filter->getTags()) .
' | ';
$output .= 'ID: ' . $filter->getId() .
"<br/>\n";
}
}
$output .= '<br/>';
if ($centrifuge = $this->getCentrifuge()) {
$output .= 'Centrifuge detection data';
$output .= '<br/> Threshold: ' .
((isset($centrifuge['threshold'])&&$centrifuge['threshold']) ?
$centrifuge['threshold'] : '---');
$output .= '<br/> Ratio: ' .
((isset($centrifuge['ratio'])&&$centrifuge['ratio']) ?
$centrifuge['ratio'] : '---');
if(isset($centrifuge['converted'])) {
$output .= '<br/> Converted: ' . $centrifuge['converted'];
}
$output .= "<br/><br/>\n";
}
}
return isset($output) ? $output : '';
}
}
/**
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: sw=4 ts=4 expandtab
*/

49
libraries/plugins/IDS/Version.php
View File

@ -1,49 +0,0 @@
<?php
/**
* PHPIDS
*
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2008 PHPIDS group (https://phpids.org)
*
* PHPIDS is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, version 3 of the License, or
* (at your option) any later version.
*
* PHPIDS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
*
* PHP version 5.1.6+
*
* @category Security
* @package PHPIDS
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Christian Matthies <ch0012@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @link http://php-ids.org/
*/
/**
* PHPIDS version class
*
* @category Security
* @package PHPIDS
* @author Christian Matthies <ch0012@gmail.com>
* @author Mario Heiderich <mario.heiderich@gmail.com>
* @author Lars Strojny <lars@strojny.net>
* @copyright 2007-2009 The PHPIDS Group
* @license http://www.gnu.org/licenses/lgpl.html LGPL
* @version Release: $Id:Converter.php 517 2007-09-15 15:04:13Z mario $
* @link http://php-ids.org/
*/
abstract class IDS_Version
{
const VERSION = '@@phpIdsVersion@@';
}

1
libraries/plugins/IDS/default_filter.json
View File

File diff suppressed because one or more lines are too long

930
libraries/plugins/IDS/default_filter.xml
View File

@ -1,930 +0,0 @@
<filters>
<filter>
<id>1</id>
<rule><![CDATA[(?:"[^"]*[^-]?>)|(?:[^\w\s]\s*\/>)|(?:>")]]></rule>
<description>Finds Html Breaking Injections Including Whitespace Attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>2</id>
<rule><![CDATA[(?:"+.*[<=]\s*"[^"]+")|(?:"\s*\w+\s*=)|(?:>\w=\/)|(?:#.+\)["\s]*>)|(?:"\s*(?:src|style|on\w+)\s*=\s*")|(?:[^"]?"[,;\s]+\w*[\[\(])]]></rule>
<description>Finds Attribute Breaking Injections Including Whitespace Attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>3</id>
<rule><![CDATA[(?:^>[\w\s]*<\/?\w{2,}>)]]></rule>
<description>Finds Unquoted Attribute Breaking Injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>4</id>
<rule><![CDATA[(?:[+\/]\s*name[\W\d]*[)+])|(?:;\W*url\s*=)|(?:[^\w\s\/?:>]\s*(?:location|referrer|name)\s*[^\/\w\s-])]]></rule>
<description>Detects Url-, Name-, JSON, And Referrer-contained Payload Attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>5</id>
<rule><![CDATA[(?:\W\s*hash\s*[^\w\s-])|(?:\w+=\W*[^,]*,[^\s(]\s*\()|(?:\?"[^\s"]":)|(?:(?<!\/)__[a-z]+__)|(?:(?:^|[\s)\]\}])(?:s|g)etter\s*=)]]></rule>
<description>Detects Hash-contained Xss Payload Attacks, Setter Usage And Property Overloading</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>6</id>
<rule><![CDATA[(?:with\s*\(\s*.+\s*\)\s*\w+\s*\()|(?:(?:do|while|for)\s*\([^)]*\)\s*\{)|(?:\/[\w\s]*\[\W*\w)]]></rule>
<description>Detects Self Contained Xss Via With(), Common Loops And Regex To String Conversion</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>7</id>
<rule><![CDATA[(?:[=(].+\?.+:)|(?:with\([^)]*\)\))|(?:\.\s*source\W)]]></rule>
<description>Detects JavaScript With(), Ternary Operators And XML Predicate Attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>8</id>
<rule><![CDATA[(?:\/\w*\s*\)\s*\()|(?:\([\w\s]+\([\w\s]+\)[\w\s]+\))|(?:(?<!(?:mozilla\/\d\.\d\s))\([^)[]+\[[^\]]+\][^)]*\))|(?:[^\s!][{([][^({[]+[{([][^}\])]+[}\])][\s+",\d]*[}\])])|(?:"\)?\]\W*\[)|(?:=\s*[^\s:;]+\s*[{([][^}\])]+[}\])];)]]></rule>
<description>Detects Self-executing JavaScript Functions</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>9</id>
<rule><![CDATA[(?:\\u00[a-f0-9]{2})|(?:\\x0*[a-f0-9]{2})|(?:\\\d{2,3})]]></rule>
<description>Detects The IE Octal, Hex And Unicode Entities</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>10</id>
<rule><![CDATA[(?:(?:\/|\\)?\.+(\/|\\)(?:\.+)?)|(?:\w+\.exe\??\s)|(?:;\s*\w+\s*\/[\w*-]+\/)|(?:\d\.\dx\|)|(?:%(?:c0\.|af\.|5c\.))|(?:\/(?:%2e){2})]]></rule>
<description>Detects Basic Directory Traversal</description>
<tags>
<tag>dt</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>11</id>
<rule><![CDATA[(?:%c0%ae\/)|(?:(?:\/|\\)(home|conf|usr|etc|proc|opt|s?bin|local|dev|tmp|kern|[br]oot|sys|system|windows|winnt|program|%[a-z_-]{3,}%)(?:\/|\\))|(?:(?:\/|\\)inetpub|localstart\.asp|boot\.ini)]]></rule>
<description>Detects Specific Directory And Path Traversal</description>
<tags>
<tag>dt</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>12</id>
<rule><![CDATA[(?:etc\/\W*passwd)]]></rule>
<description>Detects Etc/passwd Inclusion Attempts</description>
<tags>
<tag>dt</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>13</id>
<rule><![CDATA[(?:%u(?:ff|00|e\d)\w\w)|(?:(?:%(?:e\w|c[^3\W]|))(?:%\w\w)(?:%\w\w)?)]]></rule>
<description>Detects Halfwidth/fullwidth Encoded Unicode HTML Breaking Attempts</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>14</id>
<rule><![CDATA[(?:#@~\^\w+)|(?:\w+script:|@import[^\w]|;base64|base64,)|(?:\w+\s*\([\w\s]+,[\w\s]+,[\w\s]+,[\w\s]+,[\w\s]+,[\w\s]+\))]]></rule>
<description>Detects Possible Includes, VBSCript/JScript Encodeed And Packed Functions</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>15</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@\-\|])(\s*return\s*)?(?:create(?:element|attribute|textnode)|[a-z]+events?|setattribute|getelement\w+|appendchild|createrange|createcontextualfragment|removenode|parentnode|decodeuricomponent|\wettimeout|(?:ms)?setimmediate|option|useragent)(?(1)[^\w%"]|(?:\s*[^@\s\w%",.+\-]))]]></rule>
<description>Detects JavaScript DOM/miscellaneous Properties And Methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>16</id>
<rule><![CDATA[([^*\s\w,.\/?+-]\s*)?(?<![a-mo-z]\s)(?<![a-z\/_@])(\s*return\s*)?(?:alert|inputbox|showmod(?:al|eless)dialog|showhelp|infinity|isnan|isnull|iterator|msgbox|executeglobal|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate|jquery|getscript|extend|prototype)(?(1)[^\w%"]|(?:\s*[^@\s\w%",.:\/+\-]))]]></rule>
<description>Detects Possible Includes And Typical Script Methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>17</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@])(\s*return\s*)?(?:hash|name|href|navigateandfind|source|pathname|close|constructor|port|protocol|assign|replace|back|forward|document|ownerdocument|window|top|this|self|parent|frames|_?content|date|cookie|innerhtml|innertext|csstext+?|outerhtml|print|moveby|resizeto|createstylesheet|stylesheets)(?(1)[^\w%"]|(?:\s*[^@\/\s\w%.+\-]))]]></rule>
<description>Detects JavaScript Object Properties And Methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>18</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@\-\|])(\s*return\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\w%"]|(?:\s*[^@\s\w%,.+\-]))]]></rule>
<description>Detects JavaScript Array Properties And Methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>19</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@\-\|])(\s*return\s*)?(?:set|atob|btoa|charat|charcodeat|charset|concat|crypto|frames|fromcharcode|indexof|lastindexof|match|navigator|toolbar|menubar|replace|regexp|slice|split|substr|substring|escape|\w+codeuri\w*)(?(1)[^\w%"]|(?:\s*[^@\s\w%,.+\-]))]]></rule>
<description>Detects JavaScript String Properties And Methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>20</id>
<rule><![CDATA[(?:\)\s*\[)|([^*":\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z_@\|])(\s*return\s*)?(?:globalstorage|sessionstorage|postmessage|callee|constructor|content|domain|prototype|try|catch|top|call|apply|url|function|object|array|string|math|if|for\s*(?:each)?|elseif|case|switch|regex|boolean|location|(?:ms)?setimmediate|settimeout|setinterval|void|setexpression|namespace|while)(?(1)[^\w%"]|(?:\s*[^@\s\w%".+\-\/]))]]></rule>
<description>Detects JavaScript Language Constructs</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>21</id>
<rule><![CDATA[(?:,\s*(?:alert|showmodaldialog|eval)\s*,)|(?::\s*eval\s*[^\s])|([^:\s\w,.\/?+-]\s*)?(?<![a-z\/_@])(\s*return\s*)?(?:(?:document\s*\.)?(?:.+\/)?(?:alert|eval|msgbox|showmod(?:al|eless)dialog|showhelp|prompt|write(?:ln)?|confirm|dialog|open))\s*(?:[^.a-z\s\-]|(?:\s*[^\s\w,.@\/+-]))|(?:java[\s\/]*\.[\s\/]*lang)|(?:\w\s*=\s*new\s+\w+)|(?:&\s*\w+\s*\)[^,])|(?:\+[\W\d]*new\s+\w+[\W\d]*\+)|(?:document\.\w)]]></rule>
<description>Detects Very Basic XSS Probings</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>22</id>
<rule><![CDATA[(?:=\s*(?:top|this|window|content|self|frames|_content))|(?:\/\s*[gimx]*\s*[)}])|(?:[^\s]\s*=\s*script)|(?:\.\s*constructor)|(?:default\s+xml\s+namespace\s*=)|(?:\/\s*\+[^+]+\s*\+\s*\/)]]></rule>
<description>Detects Advanced XSS Probings Via Script(), RexExp, Constructors And XML Namespaces</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>23</id>
<rule><![CDATA[(?:\.\s*\w+\W*=)|(?:\W\s*(?:location|document)\s*\W[^({[;]+[({[;])|(?:\(\w+\?[:\w]+\))|(?:\w{2,}\s*=\s*\d+[^&\w]\w+)|(?:\]\s*\(\s*\w+)]]></rule>
<description>Detects JavaScript Location/document Property Access And Window Access Obfuscation</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>24</id>
<rule><![CDATA[(?:[".]script\s*\()|(?:\$\$?\s*\(\s*[\w"])|(?:\/[\w\s]+\/\.)|(?:=\s*\/\w+\/\s*\.)|(?:(?:this|window|top|parent|frames|self|content)\[\s*[(,"]*\s*[\w\$])|(?:,\s*new\s+\w+\s*[,;)])]]></rule>
<description>Detects Basic Obfuscated JavaScript Script Injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>25</id>
<rule><![CDATA[(?:=\s*[$\w]\s*[\(\[])|(?:\(\s*(?:this|top|window|self|parent|_?content)\s*\))|(?:src\s*=s*(?:\w+:|\/\/))|(?:\w+\[("\w+"|\w+\|\|))|(?:[\d\W]\|\|[\d\W]|\W=\w+,)|(?:\/\s*\+\s*[a-z"])|(?:=\s*\$[^([]*\()|(?:=\s*\(\s*")]]></rule>
<description>Detects Obfuscated JavaScript Script Injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>26</id>
<rule><![CDATA[(?:[^:\s\w]+\s*[^\w\/](href|protocol|host|hostname|pathname|hash|port|cookie)[^\w])]]></rule>
<description>Detects JavaScript Cookie Stealing And Redirection Attempts</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>27</id>
<rule><![CDATA[(?:(?:vbs|vbscript|data):.*[,+])|(?:\w+\s*=\W*(?!https?)\w+:)|(jar:\w+:)|(=\s*"?\s*vbs(?:ript)?:)|(language\s*=\s?"?\s*vbs(?:ript)?)|on\w+\s*=\*\w+\-"?]]></rule>
<description>Detects Data: URL Injections, VBS Injections And Common URI Schemes</description>
<tags>
<tag>xss</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>28</id>
<rule><![CDATA[(?:firefoxurl:\w+\|)|(?:(?:file|res|telnet|nntp|news|mailto|chrome)\s*:\s*[%&#xu\/]+)|(wyciwyg|firefoxurl\s*:\s*\/\s*\/)]]></rule>
<description>Detects IE Firefoxurl Injections, Cache Poisoning Attempts And Local File Inclusion/execution</description>
<tags>
<tag>xss</tag>
<tag>rfe</tag>
<tag>lfi</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>29</id>
<rule><![CDATA[(?:binding\s?=|moz-binding|behavior\s?=)|(?:[\s\/]style\s*=\s*[-\\])]]></rule>
<description>Detects Bindings And Behavior Injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>30</id>
<rule><![CDATA[(?:=\s*\w+\s*\+\s*")|(?:\+=\s*\(\s")|(?:!+\s*[\d.,]+\w?\d*\s*\?)|(?:=\s*\[s*\])|(?:"\s*\+\s*")|(?:[^\s]\[\s*\d+\s*\]\s*[;+])|(?:"\s*[&|]+\s*")|(?:\/\s*\?\s*")|(?:\/\s*\)\s*\[)|(?:\d\?.+:\d)|(?:]\s*\[\W*\w)|(?:[^\s]\s*=\s*\/)]]></rule>
<description>Detects Common XSS Concatenation Patterns 1/2</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>31</id>
<rule><![CDATA[(?:=\s*\d*\.\d*\?\d*\.\d*)|(?:[|&]{2,}\s*")|(?:!\d+\.\d*\?")|(?:\/:[\w.]+,)|(?:=[\d\W\s]*\[[^]]+\])|(?:\?\w+:\w+)]]></rule>
<description>Detects Common XSS Concatenation Patterns 2/2</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>32</id>
<rule><![CDATA[(?:[^\w\s=]on(?!g\&gt;)\w+[^=_+-]*=[^$]+(?:\W|\&gt;)?)]]></rule>
<description>Detects Possible Event Handlers</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>33</id>
<rule><![CDATA[(?:\<\w*:?\s(?:[^\>]*)t(?!rong))|(?:\<scri)|(<\w+:\w+)]]></rule>
<description>Detects Obfuscated Script Tags And XML Wrapped HTML</description>
<tags>
<tag>xss</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>34</id>
<rule><![CDATA[(?:\<\/\w+\s\w+)|(?:@(?:cc_on|set)[\s@,"=])]]></rule>
<description>Detects Attributes In Closing Tags And Conditional Compilation Tokens</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>35</id>
<rule><![CDATA[(?:--[^\n]*$)|(?:\<!-|-->)|(?:[^*]\/\*|\*\/[^*])|(?:(?:[\W\d]#|--|{)$)|(?:\/{3,}.*$)|(?:<!\[\W)|(?:\]!>)]]></rule>
<description>Detects Common Comment Types</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>36</id>
<rule><![CDATA[(?:\<base\s+)|(?:<!(?:element|entity|\[CDATA))]]></rule>
<description>Detects Base Href Injections And XML Entity Injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>37</id>
<rule><![CDATA[(?:\<[\/]?(?:[i]?frame|applet|isindex|marquee|keygen|script|audio|video|input|button|textarea|style|base|body|meta|link|object|embed|param|plaintext|xm\w+|image|im(?:g|port)))]]></rule>
<description>Detects Possibly Malicious Html Elements Including Some Attributes</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>39</id>
<rule><![CDATA[(?:\)\s*when\s*\d+\s*then)|(?:"\s*(?:#|--|{))|(?:\/\*!\s?\d+)|(?:ch(?:a)?r\s*\(\s*\d)|(?:(?:(n?and|x?or|not)\s+|\|\||\&\&)\s*\w+\()]]></rule>
<description>Detects MySQL Comments, Conditions And Ch(a)r Injections</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>40</id>
<rule><![CDATA[(?:[\s()]case\s*\()|(?:\)\s*like\s*\()|(?:having\s*[^\s]+\s*[^\w\s])|(?:if\s?\([\d\w]\s*[=<>~])]]></rule>
<description>Detects Conditional SQL Injection Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>41</id>
<rule><![CDATA[(?:"\s*or\s*"?\d)|(?:\\x(?:23|27|3d))|(?:^.?"$)|(?:(?:^["\\]*(?:[\d"]+|[^"]+"))+\s*(?:n?and|x?or|not|\|\||\&\&)\s*[\w"[+&!@(),.-])|(?:[^\w\s]\w+\s*[|-]\s*"\s*\w)|(?:@\w+\s+(and|or)\s*["\d]+)|(?:@[\w-]+\s(and|or)\s*[^\w\s])|(?:[^\w\s:]\s*\d\W+[^\w\s]\s*".)|(?:\Winformation_schema|table_name\W)]]></rule>
<description>Detects Conditional SQL Injection Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>0</impact>
</filter>
<filter>
<id>42</id>
<rule><![CDATA[(?:"\s*\*.+(?:or|id)\W*"\d)|(?:\^")|(?:^[\w\s"-]+(?<=and\s)(?<=or\s)(?<=xor\s)(?<=nand\s)(?<=not\s)(?<=\|\|)(?<=\&\&)\w+\()|(?:"[\s\d]*[^\w\s]+\W*\d\W*.*["\d])|(?:"\s*[^\w\s?]+\s*[^\w\s]+\s*")|(?:"\s*[^\w\s]+\s*[\W\d].*(?:#|--))|(?:".*\*\s*\d)|(?:"\s*or\s[^\d]+[\w-]+.*\d)|(?:[()*<>%+-][\w-]+[^\w\s]+"[^,])]]></rule>
<description>Detects Classic SQL Injection Probings 2/2</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>43</id>
<rule><![CDATA[(?:\d"\s+"\s+\d)|(?:^admin\s*"|(\/\*)+"+\s?(?:--|#|\/\*|{)?)|(?:"\s*or[\w\s-]+\s*[+<>=(),-]\s*[\d"])|(?:"\s*[^\w\s]?=\s*")|(?:"\W*[+=]+\W*")|(?:"\s*[!=|][\d\s!=+-]+.*["(].*$)|(?:"\s*[!=|][\d\s!=]+.*\d+$)|(?:"\s*like\W+[\w"(])|(?:\sis\s*0\W)|(?:where\s[\s\w\.,-]+\s=)|(?:"[<>~]+")]]></rule>
<description>Detects Basic SQL Authentication Bypass Attempts 1/3</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>44</id>
<rule><![CDATA[(?:union\s*(?:all|distinct|[(!@]*)?\s*[([]*\s*select)|(?:\w+\s+like\s+\")|(?:like\s*"\%)|(?:"\s*like\W*["\d])|(?:"\s*(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w]+=\s*\w+\s*having)|(?:"\s*\*\s*\w+\W+")|(?:"\s*[^?\w\s=.,;)(]+\s*[(@"]*\s*\w+\W+\w)|(?:select\s*[\[\]()\s\w\.,"-]+from)|(?:find_in_set\s*\()]]></rule>
<description>Detects Basic SQL Authentication Bypass Attempts 2/3</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>45</id>
<rule><![CDATA[(?:in\s*\(+\s*select)|(?:(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w+]+(?:regexp\s*\(|sounds\s+like\s*"|[=\d]+x))|("\s*\d\s*(?:--|#))|(?:"[%&<>^=]+\d\s*(=|or))|(?:"\W+[\w+-]+\s*=\s*\d\W+")|(?:"\s*is\s*\d.+"?\w)|(?:"\|?[\w-]{3,}[^\w\s.,]+")|(?:"\s*is\s*[\d.]+\s*\W.*")]]></rule>
<description>Detects Basic SQL Authentication Bypass Attempts 3/3</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>46</id>
<rule><![CDATA[(?:[\d\W]\s+as\s*["\w]+\s*from)|(?:^[\W\d]+\s*(?:union|select|create|rename|truncate|load|alter|delete|update|insert|desc))|(?:(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s+(?:(?:group_)concat|char|load_file)\s?\(?)|(?:end\s*\);)|("\s+regexp\W)|(?:[\s(]load_file\s*\()]]></rule>
<description>Detects Concatenated Basic SQL Injection And SQLLFI Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>47</id>
<rule><![CDATA[(?:@.+=\s*\(\s*select)|(?:\d+\s*or\s*\d+\s*[\-+])|(?:\/\w+;?\s+(?:having|and|or|select)\W)|(?:\d\s+group\s+by.+\()|(?:(?:;|#|--)\s*(?:drop|alter))|(?:(?:;|#|--)\s*(?:update|insert)\s*\w{2,})|(?:[^\w]SET\s*@\w+)|(?:(?:n?and|x?or|not |\|\||\&\&)[\s(]+\w+[\s)]*[!=+]+[\s\d]*["=()])]]></rule>
<description>Detects Chained SQL Injection Attempts 1/2</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>48</id>
<rule><![CDATA[(?:"\s+and\s*=\W)|(?:\(\s*select\s*\w+\s*\()|(?:\*\/from)|(?:\+\s*\d+\s*\+\s*@)|(?:\w"\s*(?:[-+=|@]+\s*)+[\d(])|(?:coalesce\s*\(|@@\w+\s*[^\w\s])|(?:\W!+"\w)|(?:";\s*(?:if|while|begin))|(?:"[\s\d]+=\s*\d)|(?:order\s+by\s+if\w*\s*\()|(?:[\s(]+case\d*\W.+[tw]hen[\s(])]]></rule>
<description>Detects Chained SQL Injection Attempts 2/2</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>49</id>
<rule><![CDATA[(?:(select|;)\s+(?:benchmark|if|sleep)\s*?\(\s*\(?\s*\w+)]]></rule>
<description>Detects SQL Benchmark And Sleep Injection Attempts Including Conditional Queries</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>50</id>
<rule><![CDATA[(?:create\s+function\s+\w+\s+returns)|(?:;\s*(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s*[\[(]?\w{2,})]]></rule>
<description>Detects MySQL UDF Injection And Other Data/structure Manipulation Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>51</id>
<rule><![CDATA[(?:alter\s*\w+.*character\s+set\s+\w+)|(";\s*waitfor\s+time\s+")|(?:";.*:\s*goto)]]></rule>
<description>Detects MySQL Charset Switch And MSSQL DoS Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>52</id>
<rule><![CDATA[(?:procedure\s+analyse\s*\()|(?:;\s*(declare|open)\s+[\w-]+)|(?:create\s+(procedure|function)\s*\w+\s*\(\s*\)\s*-)|(?:declare[^\w]+[@#]\s*\w+)|(exec\s*\(\s*@)]]></rule>
<description>Detects MySQL And PostgreSQL Stored Procedure/function Injections</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>53</id>
<rule><![CDATA[(?:select\s*pg_sleep)|(?:waitfor\s*delay\s?"+\s?\d)|(?:;\s*shutdown\s*(?:;|--|#|\/\*|{))]]></rule>
<description>Detects Postgres Pg_sleep Injection, Waitfor Delay Attacks And Database Shutdown Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>54</id>
<rule><![CDATA[(?:\sexec\s+xp_cmdshell)|(?:"\s*!\s*["\w])|(?:from\W+information_schema\W)|(?:(?:(?:current_)?user|database|schema|connection_id)\s*\([^\)]*)|(?:";?\s*(?:select|union|having)\s*[^\s])|(?:\wiif\s*\()|(?:exec\s+master\.)|(?:union select @)|(?:union[\w(\s]*select)|(?:select.*\w?user\()|(?:into[\s+]+(?:dump|out)file\s*")]]></rule>
<description>Detects MSSQL Code Execution And Information Gathering Attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>55</id>
<rule><![CDATA[(?:merge.*using\s*\()|(execute\s*immediate\s*")|(?:\W+\d*\s*having\s*[^\s\-])|(?:match\s*[\w(),+-]+\s*against\s*\()]]></rule>
<description>Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE And HAVING Injections</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>56</id>
<rule><![CDATA[(?:,.*[)\da-f"]"(?:".*"|\Z|[^"]+))|(?:\Wselect.+\W*from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s*\(\s*space\s*\()]]></rule>
<description>Detects MySQL Comment-/space-obfuscated Injections And Backtick Termination</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>57</id>
<rule><![CDATA[(?:@[\w-]+\s*\()|(?:]\s*\(\s*["!]\s*\w)|(?:<[?%](?:php)?.*(?:[?%]>)?)|(?:;[\s\w|]*\$\w+\s*=)|(?:\$\w+\s*=(?:(?:\s*\$?\w+\s*[(;])|\s*".*"))|(?:;\s*\{\W*\w+\s*\()]]></rule>
<description>Detects Code Injection Attempts 1/3</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>58</id>
<rule><![CDATA[(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\w+|execute)\s*["(@])]]></rule>
<description>Detects Code Injection Attempts 2/3</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>59</id>
<rule><![CDATA[(?:(?:[;]+|(<[?%](?:php)?)).*[^\w](?:echo|print|print_r|var_dump|[fp]open))|(?:;\s*rm\s+-\w+\s+)|(?:;.*{.*\$\w+\s*=)|(?:\$\w+\s*\[\]\s*=\s*)]]></rule>
<description>Detects Code Injection Attempts 3/3</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>60</id>
<rule><![CDATA[(?:\w+]?(?<!href)(?<!src)(?<!longdesc)(?<!returnurl)=(?:https?|ftp):)|(?:\{\s*\$\s*\{)]]></rule>
<description>Detects Url Injections And RFE Attempts</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>61</id>
<rule><![CDATA[(?:function[^(]*\([^)]*\))|(?:(?:delete|void|throw|instanceof|new|typeof)[^\w.]+\w+\s*[([])|([)\]]\s*\.\s*\w+\s*=)|(?:\(\s*new\s+\w+\s*\)\.)]]></rule>
<description>Detects Common Function Declarations And Special JS Operators</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>62</id>
<rule><![CDATA[(?:[\w.-]+@[\w.-]+%(?:[01][\db-ce-f])+\w+:)]]></rule>
<description>Detects Common Mail Header Injections</description>
<tags>
<tag>id</tag>
<tag>spam</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>63</id>
<rule><![CDATA[(?:\.pl\?\w+=\w?\|\w+;)|(?:\|\(\w+=\*)|(?:\*\s*\)+\s*;)]]></rule>
<description>Detects Perl Echo Shellcode Injection And LDAP Vectors</description>
<tags>
<tag>lfi</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>64</id>
<rule><![CDATA[(?:(^|\W)const\s+[\w\-]+\s*=)|(?:(?:do|for|while)\s*\([^;]+;+\))|(?:(?:^|\W)on\w+\s*=[\w\W]*(?:on\w+|alert|eval|print|confirm|prompt))|(?:groups=\d+\(\w+\))|(?:(.)\1{128,})]]></rule>
<description>Detects Basic XSS DoS Attempts</description>
<tags>
<tag>rfe</tag>
<tag>dos</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>65</id>
<rule><![CDATA[(?:\({2,}\+{2,}:{2,})|(?:\({2,}\+{2,}:+)|(?:\({3,}\++:{2,})|(?:\$\[!!!\])]]></rule>
<description>Detects Unknown Attack Vectors Based On PHPIDS Centrifuge Detection</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>66</id>
<rule><![CDATA[(?:[\s\/"]+[-\w\/\\\*]+\s*=.+(?:\/\s*>))]]></rule>
<description>Finds Attribute Breaking Injections Including Obfuscated Attributes</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>67</id>
<rule><![CDATA[(?:(?:msgbox|eval)\s*\+|(?:language\s*=\*vbscript))]]></rule>
<description>Finds Basic VBScript Injection Attempts</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>68</id>
<rule><![CDATA[(?:\[\$(?:ne|eq|lte?|gte?|n?in|mod|all|size|exists|type|slice|or)\])]]></rule>
<description>Finds Basic MongoDB SQL Injection Attempts</description>
<tags>
<tag>sqli</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>69</id>
<rule><![CDATA[(?:[\s\d\/"]+(?:on\w+|style|poster|background)=[$"\w])|(?:-type\s*:\s*multipart)]]></rule>
<description>Finds Malicious Attribute Injection Attempts And MHTML Attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>70</id>
<rule><![CDATA[(?:(sleep\((\s*)(\d*)(\s*)\)|benchmark\((.*)\,(.*)\)))]]></rule>
<description>Detects Blind Sqli Tests Using Sleep() Or Benchmark().</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>71</id>
<rule><![CDATA[(?i:(\%SYSTEMROOT\%))]]></rule>
<description>An Attacker Is Trying To Locate A File To Read Or Write.</description>
<tags>
<tag>files</tag>
<tag>id</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>73</id>
<rule><![CDATA[(?:(((.*)\%[c|d|i|e|f|g|o|s|u|x|p|n]){8}))]]></rule>
<description>Looking For A Format String Attack</description>
<tags>
<tag>format string</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>74</id>
<rule><![CDATA[(?:(union(.*)select(.*)from))]]></rule>
<description>Looking For Basic Sql Injection. Common Attack String For Mysql, Oracle And Others.</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>75</id>
<rule><![CDATA[(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)]]></rule>
<description>Looking For Integer Overflow Attacks, These Are Taken From Skipfish, Except 2.2250738585072007e-308 Is The "magic Number" Crash</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>76</id>
<rule><![CDATA[(?:^((?=a)b))]]></rule>
<description>Rate Limit Of Requests Exceeded</description>
<tags>
<tag>DoS</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>77</id>
<rule><![CDATA[
(?i:acunetix|analyzer|AhrefsBot|backdoor|bandit|blackwidow|BOT for JCE|collect|core-project|dts agent|emailmagnet|ex(ploit|tract)|flood|grabber|harvest|httrack|havij|hunter|indy library|inspect|LoadTimeBot|Microsoft URL Control|Miami Style|mj12bot|morfeus|nessus|pmafind|scanner|siphon|spbot|sqlmap|survey|teleport|updown_tester)
]]></rule>
<description>Suspicious Bots Scanners</description>
<tags>
<tag>DoS</tag>
</tags>
<impact>1</impact>
</filter>
<filter>
<id>78</id>
<rule><![CDATA[
^\\s*\\(\\s*\\)\\s*\\{
]]></rule>
<description>Shellshock Vulnerability (CVE-2014-6271)</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>79</id>
<rule><![CDATA[
<!--#(?:config|echo|exec|flastmod|fsize|include)\\b.+?-->
]]></rule>
<description>SSI Command Injection</description>
<tags>
<tag>none</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>80</id>
<rule><![CDATA[
\\$
]]></rule>
<description>TimThumb WebShot Remote Code Execution (0-day)</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>81</id>
<rule><![CDATA[
JDatabaseDriverMysqli
]]></rule>
<description>Joomla 1.5-3.4.5 Object Injection Remote Command Execution</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>82</id>
<rule><![CDATA[
[#'\\\=(),<>\/\\\\*\\x60]
]]></rule>
<description>SQL Injection (username)</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>83</id>
<rule><![CDATA[
\\b(?i:waitfor\\b\\W*?\\bdelay)\\b
]]></rule>
<description>SQL Injection (time-based)</description>
<tags>
<tag>none</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>84</id>
<rule><![CDATA[
[^-a-zA-Z0-9._:\\[\\]]
]]></rule>
<description>Malformed Host Header</description>
<tags>
<tag>none</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>85</id>
<rule><![CDATA[
phpinfo\\.php
]]></rule>
<description>Attempt To Access Phpinfo.php</description>
<tags>
<tag>none</tag>
</tags>
<impact>1</impact>
</filter>
<filter>
<id>86</id>
<rule><![CDATA[
>\\s*\/dev\/(?:tc|ud)p\/[^\/]{5,255}\/\\d{1,5}\\b
]]></rule>
<description>Dev TCP UDP Device File Access (possible Reverse Shell)</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>87</id>
<rule><![CDATA[
(?i:bypass|c99(?:madShell|ud)?|c100|cookie_(?:usage|setup)|diagnostics|dump|endix|gifimg|goog[l1]e.+[\\da-f]{10}|imageth|imlog|r5[47]|safe0ver|sniper|(?:jpe?g|gif|png))\\.ph(?:p[345]?|t|tml)
]]></rule>
<description>Shell Backdoor</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>88</id>
<rule><![CDATA[
\\bact=img&img=\\w
]]></rule>
<description>Shell Backdoor (img)</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>89</id>
<rule><![CDATA[
^(?:chmod|cmd|edit|eval|delete|headers|md5|mysql|phpinfo|rename)$
]]></rule>
<description>Shell Backdoor (p)</description>
<tags>
<tag>none</tag>
</tags>
<impact>3</impact>
</filter>
</filters>

798
libraries/plugins/IDS/default_filter_orig.xml
View File

@ -1,798 +0,0 @@
<filters>
<filter>
<id>1</id>
<rule><![CDATA[(?:"[^"]*[^-]?>)|(?:[^\w\s]\s*\/>)|(?:>")]]></rule>
<description>finds html breaking injections including whitespace attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>2</id>
<rule><![CDATA[(?:"+.*[<=]\s*"[^"]+")|(?:"\s*\w+\s*=)|(?:>\w=\/)|(?:#.+\)["\s]*>)|(?:"\s*(?:src|style|on\w+)\s*=\s*")|(?:[^"]?"[,;\s]+\w*[\[\(])]]></rule>
<description>finds attribute breaking injections including whitespace attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>3</id>
<rule><![CDATA[(?:^>[\w\s]*<\/?\w{2,}>)]]></rule>
<description>finds unquoted attribute breaking injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>4</id>
<rule><![CDATA[(?:[+\/]\s*name[\W\d]*[)+])|(?:;\W*url\s*=)|(?:[^\w\s\/?:>]\s*(?:location|referrer|name)\s*[^\/\w\s-])]]></rule>
<description>Detects url-, name-, JSON, and referrer-contained payload attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>5</id>
<rule><![CDATA[(?:\W\s*hash\s*[^\w\s-])|(?:\w+=\W*[^,]*,[^\s(]\s*\()|(?:\?"[^\s"]":)|(?:(?<!\/)__[a-z]+__)|(?:(?:^|[\s)\]\}])(?:s|g)etter\s*=)]]></rule>
<description>Detects hash-contained xss payload attacks, setter usage and property overloading</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>6</id>
<rule><![CDATA[(?:with\s*\(\s*.+\s*\)\s*\w+\s*\()|(?:(?:do|while|for)\s*\([^)]*\)\s*\{)|(?:\/[\w\s]*\[\W*\w)]]></rule>
<description>Detects self contained xss via with(), common loops and regex to string conversion</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>7</id>
<rule><![CDATA[(?:[=(].+\?.+:)|(?:with\([^)]*\)\))|(?:\.\s*source\W)]]></rule>
<description>Detects JavaScript with(), ternary operators and XML predicate attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>8</id>
<rule><![CDATA[(?:\/\w*\s*\)\s*\()|(?:\([\w\s]+\([\w\s]+\)[\w\s]+\))|(?:(?<!(?:mozilla\/\d\.\d\s))\([^)[]+\[[^\]]+\][^)]*\))|(?:[^\s!][{([][^({[]+[{([][^}\])]+[}\])][\s+",\d]*[}\])])|(?:"\)?\]\W*\[)|(?:=\s*[^\s:;]+\s*[{([][^}\])]+[}\])];)]]></rule>
<description>Detects self-executing JavaScript functions</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>9</id>
<rule><![CDATA[(?:\\u00[a-f0-9]{2})|(?:\\x0*[a-f0-9]{2})|(?:\\\d{2,3})]]></rule>
<description>Detects the IE octal, hex and unicode entities</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>2</impact>
</filter>
<filter>
<id>10</id>
<rule><![CDATA[(?:(?:\/|\\)?\.+(\/|\\)(?:\.+)?)|(?:\w+\.exe\??\s)|(?:;\s*\w+\s*\/[\w*-]+\/)|(?:\d\.\dx\|)|(?:%(?:c0\.|af\.|5c\.))|(?:\/(?:%2e){2})]]></rule>
<description>Detects basic directory traversal</description>
<tags>
<tag>dt</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>11</id>
<rule><![CDATA[(?:%c0%ae\/)|(?:(?:\/|\\)(home|conf|usr|etc|proc|opt|s?bin|local|dev|tmp|kern|[br]oot|sys|system|windows|winnt|program|%[a-z_-]{3,}%)(?:\/|\\))|(?:(?:\/|\\)inetpub|localstart\.asp|boot\.ini)]]></rule>
<description>Detects specific directory and path traversal</description>
<tags>
<tag>dt</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>12</id>
<rule><![CDATA[(?:etc\/\W*passwd)]]></rule>
<description>Detects etc/passwd inclusion attempts</description>
<tags>
<tag>dt</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>13</id>
<rule><![CDATA[(?:%u(?:ff|00|e\d)\w\w)|(?:(?:%(?:e\w|c[^3\W]|))(?:%\w\w)(?:%\w\w)?)]]></rule>
<description>Detects halfwidth/fullwidth encoded unicode HTML breaking attempts</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>14</id>
<rule><![CDATA[(?:#@~\^\w+)|(?:\w+script:|@import[^\w]|;base64|base64,)|(?:\w+\s*\([\w\s]+,[\w\s]+,[\w\s]+,[\w\s]+,[\w\s]+,[\w\s]+\))]]></rule>
<description>Detects possible includes, VBSCript/JScript encodeed and packed functions</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>15</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@\-\|])(\s*return\s*)?(?:create(?:element|attribute|textnode)|[a-z]+events?|setattribute|getelement\w+|appendchild|createrange|createcontextualfragment|removenode|parentnode|decodeuricomponent|\wettimeout|(?:ms)?setimmediate|option|useragent)(?(1)[^\w%"]|(?:\s*[^@\s\w%",.+\-]))]]></rule>
<description>Detects JavaScript DOM/miscellaneous properties and methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>16</id>
<rule><![CDATA[([^*\s\w,.\/?+-]\s*)?(?<![a-mo-z]\s)(?<![a-z\/_@])(\s*return\s*)?(?:alert|inputbox|showmod(?:al|eless)dialog|showhelp|infinity|isnan|isnull|iterator|msgbox|executeglobal|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate|jquery|getscript|extend|prototype)(?(1)[^\w%"]|(?:\s*[^@\s\w%",.:\/+\-]))]]></rule>
<description>Detects possible includes and typical script methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>17</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@])(\s*return\s*)?(?:hash|name|href|navigateandfind|source|pathname|close|constructor|port|protocol|assign|replace|back|forward|document|ownerdocument|window|top|this|self|parent|frames|_?content|date|cookie|innerhtml|innertext|csstext+?|outerhtml|print|moveby|resizeto|createstylesheet|stylesheets)(?(1)[^\w%"]|(?:\s*[^@\/\s\w%.+\-]))]]></rule>
<description>Detects JavaScript object properties and methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>18</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@\-\|])(\s*return\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\w%"]|(?:\s*[^@\s\w%,.+\-]))]]></rule>
<description>Detects JavaScript array properties and methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>19</id>
<rule><![CDATA[([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@\-\|])(\s*return\s*)?(?:set|atob|btoa|charat|charcodeat|charset|concat|crypto|frames|fromcharcode|indexof|lastindexof|match|navigator|toolbar|menubar|replace|regexp|slice|split|substr|substring|escape|\w+codeuri\w*)(?(1)[^\w%"]|(?:\s*[^@\s\w%,.+\-]))]]></rule>
<description>Detects JavaScript string properties and methods</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>20</id>
<rule><![CDATA[(?:\)\s*\[)|([^*":\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z_@\|])(\s*return\s*)?(?:globalstorage|sessionstorage|postmessage|callee|constructor|content|domain|prototype|try|catch|top|call|apply|url|function|object|array|string|math|if|for\s*(?:each)?|elseif|case|switch|regex|boolean|location|(?:ms)?setimmediate|settimeout|setinterval|void|setexpression|namespace|while)(?(1)[^\w%"]|(?:\s*[^@\s\w%".+\-\/]))]]></rule>
<description>Detects JavaScript language constructs</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>21</id>
<rule><![CDATA[(?:,\s*(?:alert|showmodaldialog|eval)\s*,)|(?::\s*eval\s*[^\s])|([^:\s\w,.\/?+-]\s*)?(?<![a-z\/_@])(\s*return\s*)?(?:(?:document\s*\.)?(?:.+\/)?(?:alert|eval|msgbox|showmod(?:al|eless)dialog|showhelp|prompt|write(?:ln)?|confirm|dialog|open))\s*(?:[^.a-z\s\-]|(?:\s*[^\s\w,.@\/+-]))|(?:java[\s\/]*\.[\s\/]*lang)|(?:\w\s*=\s*new\s+\w+)|(?:&\s*\w+\s*\)[^,])|(?:\+[\W\d]*new\s+\w+[\W\d]*\+)|(?:document\.\w)]]></rule>
<description>Detects very basic XSS probings</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>22</id>
<rule><![CDATA[(?:=\s*(?:top|this|window|content|self|frames|_content))|(?:\/\s*[gimx]*\s*[)}])|(?:[^\s]\s*=\s*script)|(?:\.\s*constructor)|(?:default\s+xml\s+namespace\s*=)|(?:\/\s*\+[^+]+\s*\+\s*\/)]]></rule>
<description>Detects advanced XSS probings via Script(), RexExp, constructors and XML namespaces</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>23</id>
<rule><![CDATA[(?:\.\s*\w+\W*=)|(?:\W\s*(?:location|document)\s*\W[^({[;]+[({[;])|(?:\(\w+\?[:\w]+\))|(?:\w{2,}\s*=\s*\d+[^&\w]\w+)|(?:\]\s*\(\s*\w+)]]></rule>
<description>Detects JavaScript location/document property access and window access obfuscation</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>24</id>
<rule><![CDATA[(?:[".]script\s*\()|(?:\$\$?\s*\(\s*[\w"])|(?:\/[\w\s]+\/\.)|(?:=\s*\/\w+\/\s*\.)|(?:(?:this|window|top|parent|frames|self|content)\[\s*[(,"]*\s*[\w\$])|(?:,\s*new\s+\w+\s*[,;)])]]></rule>
<description>Detects basic obfuscated JavaScript script injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>25</id>
<rule><![CDATA[(?:=\s*[$\w]\s*[\(\[])|(?:\(\s*(?:this|top|window|self|parent|_?content)\s*\))|(?:src\s*=s*(?:\w+:|\/\/))|(?:\w+\[("\w+"|\w+\|\|))|(?:[\d\W]\|\|[\d\W]|\W=\w+,)|(?:\/\s*\+\s*[a-z"])|(?:=\s*\$[^([]*\()|(?:=\s*\(\s*")]]></rule>
<description>Detects obfuscated JavaScript script injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>26</id>
<rule><![CDATA[(?:[^:\s\w]+\s*[^\w\/](href|protocol|host|hostname|pathname|hash|port|cookie)[^\w])]]></rule>
<description>Detects JavaScript cookie stealing and redirection attempts</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>27</id>
<rule><![CDATA[(?:(?:vbs|vbscript|data):.*[,+])|(?:\w+\s*=\W*(?!https?)\w+:)|(jar:\w+:)|(=\s*"?\s*vbs(?:ript)?:)|(language\s*=\s?"?\s*vbs(?:ript)?)|on\w+\s*=\*\w+\-"?]]></rule>
<description>Detects data: URL injections, VBS injections and common URI schemes</description>
<tags>
<tag>xss</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>28</id>
<rule><![CDATA[(?:firefoxurl:\w+\|)|(?:(?:file|res|telnet|nntp|news|mailto|chrome)\s*:\s*[%&#xu\/]+)|(wyciwyg|firefoxurl\s*:\s*\/\s*\/)]]></rule>
<description>Detects IE firefoxurl injections, cache poisoning attempts and local file inclusion/execution</description>
<tags>
<tag>xss</tag>
<tag>rfe</tag>
<tag>lfi</tag>
<tag>csrf</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>29</id>
<rule><![CDATA[(?:binding\s?=|moz-binding|behavior\s?=)|(?:[\s\/]style\s*=\s*[-\\])]]></rule>
<description>Detects bindings and behavior injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>30</id>
<rule><![CDATA[(?:=\s*\w+\s*\+\s*")|(?:\+=\s*\(\s")|(?:!+\s*[\d.,]+\w?\d*\s*\?)|(?:=\s*\[s*\])|(?:"\s*\+\s*")|(?:[^\s]\[\s*\d+\s*\]\s*[;+])|(?:"\s*[&|]+\s*")|(?:\/\s*\?\s*")|(?:\/\s*\)\s*\[)|(?:\d\?.+:\d)|(?:]\s*\[\W*\w)|(?:[^\s]\s*=\s*\/)]]></rule>
<description>Detects common XSS concatenation patterns 1/2</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>31</id>
<rule><![CDATA[(?:=\s*\d*\.\d*\?\d*\.\d*)|(?:[|&]{2,}\s*")|(?:!\d+\.\d*\?")|(?:\/:[\w.]+,)|(?:=[\d\W\s]*\[[^]]+\])|(?:\?\w+:\w+)]]></rule>
<description>Detects common XSS concatenation patterns 2/2</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>32</id>
<rule><![CDATA[(?:[^\w\s=]on(?!g\&gt;)\w+[^=_+-]*=[^$]+(?:\W|\&gt;)?)]]></rule>
<description>Detects possible event handlers</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>33</id>
<rule><![CDATA[(?:\<\w*:?\s(?:[^\>]*)t(?!rong))|(?:\<scri)|(<\w+:\w+)]]></rule>
<description>Detects obfuscated script tags and XML wrapped HTML</description>
<tags>
<tag>xss</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>34</id>
<rule><![CDATA[(?:\<\/\w+\s\w+)|(?:@(?:cc_on|set)[\s@,"=])]]></rule>
<description>Detects attributes in closing tags and conditional compilation tokens</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>35</id>
<rule><![CDATA[(?:--[^\n]*$)|(?:\<!-|-->)|(?:[^*]\/\*|\*\/[^*])|(?:(?:[\W\d]#|--|{)$)|(?:\/{3,}.*$)|(?:<!\[\W)|(?:\]!>)]]></rule>
<description>Detects common comment types</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>37</id>
<rule><![CDATA[(?:\<base\s+)|(?:<!(?:element|entity|\[CDATA))]]></rule>
<description>Detects base href injections and XML entity injections</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>38</id>
<rule><![CDATA[(?:\<[\/]?(?:[i]?frame|applet|isindex|marquee|keygen|script|audio|video|input|button|textarea|style|base|body|meta|link|object|embed|param|plaintext|xm\w+|image|im(?:g|port)))]]></rule>
<description>Detects possibly malicious html elements including some attributes</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>39</id>
<rule><![CDATA[(?:\\x[01fe][\db-ce-f])|(?:%[01fe][\db-ce-f])|(?:&#[01fe][\db-ce-f])|(?:\\[01fe][\db-ce-f])|(?:&#x[01fe][\db-ce-f])]]></rule>
<description>Detects nullbytes and other dangerous characters</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>xss</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>40</id>
<rule><![CDATA[(?:\)\s*when\s*\d+\s*then)|(?:"\s*(?:#|--|{))|(?:\/\*!\s?\d+)|(?:ch(?:a)?r\s*\(\s*\d)|(?:(?:(n?and|x?or|not)\s+|\|\||\&\&)\s*\w+\()]]></rule>
<description>Detects MySQL comments, conditions and ch(a)r injections</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>41</id>
<rule><![CDATA[(?:[\s()]case\s*\()|(?:\)\s*like\s*\()|(?:having\s*[^\s]+\s*[^\w\s])|(?:if\s?\([\d\w]\s*[=<>~])]]></rule>
<description>Detects conditional SQL injection attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>42</id>
<rule><![CDATA[(?:"\s*or\s*"?\d)|(?:\\x(?:23|27|3d))|(?:^.?"$)|(?:(?:^["\\]*(?:[\d"]+|[^"]+"))+\s*(?:n?and|x?or|not|\|\||\&\&)\s*[\w"[+&!@(),.-])|(?:[^\w\s]\w+\s*[|-]\s*"\s*\w)|(?:@\w+\s+(and|or)\s*["\d]+)|(?:@[\w-]+\s(and|or)\s*[^\w\s])|(?:[^\w\s:]\s*\d\W+[^\w\s]\s*".)|(?:\Winformation_schema|table_name\W)]]></rule>
<description>Detects conditional SQL injection attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
</filter>
<filter>
<id>43</id>
<rule><![CDATA[(?:"\s*\*.+(?:or|id)\W*"\d)|(?:\^")|(?:^[\w\s"-]+(?<=and\s)(?<=or\s)(?<=xor\s)(?<=nand\s)(?<=not\s)(?<=\|\|)(?<=\&\&)\w+\()|(?:"[\s\d]*[^\w\s]+\W*\d\W*.*["\d])|(?:"\s*[^\w\s?]+\s*[^\w\s]+\s*")|(?:"\s*[^\w\s]+\s*[\W\d].*(?:#|--))|(?:".*\*\s*\d)|(?:"\s*or\s[^\d]+[\w-]+.*\d)|(?:[()*<>%+-][\w-]+[^\w\s]+"[^,])]]></rule>
<description>Detects classic SQL injection probings 2/2</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>44</id>
<rule><![CDATA[(?:\d"\s+"\s+\d)|(?:^admin\s*"|(\/\*)+"+\s?(?:--|#|\/\*|{)?)|(?:"\s*or[\w\s-]+\s*[+<>=(),-]\s*[\d"])|(?:"\s*[^\w\s]?=\s*")|(?:"\W*[+=]+\W*")|(?:"\s*[!=|][\d\s!=+-]+.*["(].*$)|(?:"\s*[!=|][\d\s!=]+.*\d+$)|(?:"\s*like\W+[\w"(])|(?:\sis\s*0\W)|(?:where\s[\s\w\.,-]+\s=)|(?:"[<>~]+")]]></rule>
<description>Detects basic SQL authentication bypass attempts 1/3</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>45</id>
<rule><![CDATA[(?:union\s*(?:all|distinct|[(!@]*)?\s*[([]*\s*select)|(?:\w+\s+like\s+\")|(?:like\s*"\%)|(?:"\s*like\W*["\d])|(?:"\s*(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w]+=\s*\w+\s*having)|(?:"\s*\*\s*\w+\W+")|(?:"\s*[^?\w\s=.,;)(]+\s*[(@"]*\s*\w+\W+\w)|(?:select\s*[\[\]()\s\w\.,"-]+from)|(?:find_in_set\s*\()]]></rule>
<description>Detects basic SQL authentication bypass attempts 2/3</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>46</id>
<rule><![CDATA[(?:in\s*\(+\s*select)|(?:(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w+]+(?:regexp\s*\(|sounds\s+like\s*"|[=\d]+x))|("\s*\d\s*(?:--|#))|(?:"[%&<>^=]+\d\s*(=|or))|(?:"\W+[\w+-]+\s*=\s*\d\W+")|(?:"\s*is\s*\d.+"?\w)|(?:"\|?[\w-]{3,}[^\w\s.,]+")|(?:"\s*is\s*[\d.]+\s*\W.*")]]></rule>
<description>Detects basic SQL authentication bypass attempts 3/3</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>47</id>
<rule><![CDATA[(?:[\d\W]\s+as\s*["\w]+\s*from)|(?:^[\W\d]+\s*(?:union|select|create|rename|truncate|load|alter|delete|update|insert|desc))|(?:(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s+(?:(?:group_)concat|char|load_file)\s?\(?)|(?:end\s*\);)|("\s+regexp\W)|(?:[\s(]load_file\s*\()]]></rule>
<description>Detects concatenated basic SQL injection and SQLLFI attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>48</id>
<rule><![CDATA[(?:@.+=\s*\(\s*select)|(?:\d+\s*or\s*\d+\s*[\-+])|(?:\/\w+;?\s+(?:having|and|or|select)\W)|(?:\d\s+group\s+by.+\()|(?:(?:;|#|--)\s*(?:drop|alter))|(?:(?:;|#|--)\s*(?:update|insert)\s*\w{2,})|(?:[^\w]SET\s*@\w+)|(?:(?:n?and|x?or|not |\|\||\&\&)[\s(]+\w+[\s)]*[!=+]+[\s\d]*["=()])]]></rule>
<description>Detects chained SQL injection attempts 1/2</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>49</id>
<rule><![CDATA[(?:"\s+and\s*=\W)|(?:\(\s*select\s*\w+\s*\()|(?:\*\/from)|(?:\+\s*\d+\s*\+\s*@)|(?:\w"\s*(?:[-+=|@]+\s*)+[\d(])|(?:coalesce\s*\(|@@\w+\s*[^\w\s])|(?:\W!+"\w)|(?:";\s*(?:if|while|begin))|(?:"[\s\d]+=\s*\d)|(?:order\s+by\s+if\w*\s*\()|(?:[\s(]+case\d*\W.+[tw]hen[\s(])]]></rule>
<description>Detects chained SQL injection attempts 2/2</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>50</id>
<rule><![CDATA[(?:(select|;)\s+(?:benchmark|if|sleep)\s*?\(\s*\(?\s*\w+)]]></rule>
<description>Detects SQL benchmark and sleep injection attempts including conditional queries</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>51</id>
<rule><![CDATA[(?:create\s+function\s+\w+\s+returns)|(?:;\s*(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s*[\[(]?\w{2,})]]></rule>
<description>Detects MySQL UDF injection and other data/structure manipulation attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>52</id>
<rule><![CDATA[(?:alter\s*\w+.*character\s+set\s+\w+)|(";\s*waitfor\s+time\s+")|(?:";.*:\s*goto)]]></rule>
<description>Detects MySQL charset switch and MSSQL DoS attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>53</id>
<rule><![CDATA[(?:procedure\s+analyse\s*\()|(?:;\s*(declare|open)\s+[\w-]+)|(?:create\s+(procedure|function)\s*\w+\s*\(\s*\)\s*-)|(?:declare[^\w]+[@#]\s*\w+)|(exec\s*\(\s*@)]]></rule>
<description>Detects MySQL and PostgreSQL stored procedure/function injections</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>54</id>
<rule><![CDATA[(?:select\s*pg_sleep)|(?:waitfor\s*delay\s?"+\s?\d)|(?:;\s*shutdown\s*(?:;|--|#|\/\*|{))]]></rule>
<description>Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>55</id>
<rule><![CDATA[(?:\sexec\s+xp_cmdshell)|(?:"\s*!\s*["\w])|(?:from\W+information_schema\W)|(?:(?:(?:current_)?user|database|schema|connection_id)\s*\([^\)]*)|(?:";?\s*(?:select|union|having)\s*[^\s])|(?:\wiif\s*\()|(?:exec\s+master\.)|(?:union select @)|(?:union[\w(\s]*select)|(?:select.*\w?user\()|(?:into[\s+]+(?:dump|out)file\s*")]]></rule>
<description>Detects MSSQL code execution and information gathering attempts</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>56</id>
<rule><![CDATA[(?:merge.*using\s*\()|(execute\s*immediate\s*")|(?:\W+\d*\s*having\s*[^\s\-])|(?:match\s*[\w(),+-]+\s*against\s*\()]]></rule>
<description>Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>57</id>
<rule><![CDATA[(?:,.*[)\da-f"]"(?:".*"|\Z|[^"]+))|(?:\Wselect.+\W*from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s*\(\s*space\s*\()]]></rule>
<description>Detects MySQL comment-/space-obfuscated injections and backtick termination</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>58</id>
<rule><![CDATA[(?:@[\w-]+\s*\()|(?:]\s*\(\s*["!]\s*\w)|(?:<[?%](?:php)?.*(?:[?%]>)?)|(?:;[\s\w|]*\$\w+\s*=)|(?:\$\w+\s*=(?:(?:\s*\$?\w+\s*[(;])|\s*".*"))|(?:;\s*\{\W*\w+\s*\()]]></rule>
<description>Detects code injection attempts 1/3</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>59</id>
<rule><![CDATA[(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\w+|execute)\s*["(@])]]></rule>
<description>Detects code injection attempts 2/3</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>60</id>
<rule><![CDATA[(?:(?:[;]+|(<[?%](?:php)?)).*[^\w](?:echo|print|print_r|var_dump|[fp]open))|(?:;\s*rm\s+-\w+\s+)|(?:;.*{.*\$\w+\s*=)|(?:\$\w+\s*\[\]\s*=\s*)]]></rule>
<description>Detects code injection attempts 3/3</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>61</id>
<rule><![CDATA[(?:\w+]?(?<!href)(?<!src)(?<!longdesc)(?<!returnurl)=(?:https?|ftp):)|(?:\{\s*\$\s*\{)]]></rule>
<description>Detects url injections and RFE attempts</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>62</id>
<rule><![CDATA[(?:function[^(]*\([^)]*\))|(?:(?:delete|void|throw|instanceof|new|typeof)[^\w.]+\w+\s*[([])|([)\]]\s*\.\s*\w+\s*=)|(?:\(\s*new\s+\w+\s*\)\.)]]></rule>
<description>Detects common function declarations and special JS operators</description>
<tags>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>63</id>
<rule><![CDATA[(?:[\w.-]+@[\w.-]+%(?:[01][\db-ce-f])+\w+:)]]></rule>
<description>Detects common mail header injections</description>
<tags>
<tag>id</tag>
<tag>spam</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>64</id>
<rule><![CDATA[(?:\.pl\?\w+=\w?\|\w+;)|(?:\|\(\w+=\*)|(?:\*\s*\)+\s*;)]]></rule>
<description>Detects perl echo shellcode injection and LDAP vectors</description>
<tags>
<tag>lfi</tag>
<tag>rfe</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>65</id>
<rule><![CDATA[(?:(^|\W)const\s+[\w\-]+\s*=)|(?:(?:do|for|while)\s*\([^;]+;+\))|(?:(?:^|\W)on\w+\s*=[\w\W]*(?:on\w+|alert|eval|print|confirm|prompt))|(?:groups=\d+\(\w+\))|(?:(.)\1{128,})]]></rule>
<description>Detects basic XSS DoS attempts</description>
<tags>
<tag>rfe</tag>
<tag>dos</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>67</id>
<rule><![CDATA[(?:\({2,}\+{2,}:{2,})|(?:\({2,}\+{2,}:+)|(?:\({3,}\++:{2,})|(?:\$\[!!!\])]]></rule>
<description>Detects unknown attack vectors based on PHPIDS Centrifuge detection</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
<tag>id</tag>
<tag>rfe</tag>
<tag>lfi</tag>
</tags>
<impact>7</impact>
</filter>
<filter>
<id>68</id>
<rule><![CDATA[(?:[\s\/"]+[-\w\/\\\*]+\s*=.+(?:\/\s*>))]]></rule>
<description>Finds attribute breaking injections including obfuscated attributes</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>69</id>
<rule><![CDATA[(?:(?:msgbox|eval)\s*\+|(?:language\s*=\*vbscript))]]></rule>
<description>Finds basic VBScript injection attempts</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>70</id>
<rule><![CDATA[(?:\[\$(?:ne|eq|lte?|gte?|n?in|mod|all|size|exists|type|slice|or)\])]]></rule>
<description>Finds basic MongoDB SQL injection attempts</description>
<tags>
<tag>sqli</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>71</id>
<rule><![CDATA[(?:[\s\d\/"]+(?:on\w+|style|poster|background)=[$"\w])|(?:-type\s*:\s*multipart)]]></rule>
<description>finds malicious attribute injection attempts and MHTML attacks</description>
<tags>
<tag>xss</tag>
<tag>csrf</tag>
</tags>
<impact>6</impact>
</filter>
<filter>
<id>72</id>
<rule><![CDATA[(?:(sleep\((\s*)(\d*)(\s*)\)|benchmark\((.*)\,(.*)\)))]]></rule>
<description>Detects blind sqli tests using sleep() or benchmark().</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>73</id>
<rule><![CDATA[(?i:(\%SYSTEMROOT\%))]]></rule>
<description>An attacker is trying to locate a file to read or write.</description>
<tags>
<tag>files</tag>
<tag>id</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>74</id>
<rule><![CDATA[(?i:(ping(.*)[\-(.*)\w|\w(.*)\-]))]]></rule>
<description>Detects remote code exectuion tests. Will match "ping -n 3 localhost" and "ping localhost -n 3" </description>
<tags>
<tag>Command Execution</tag>
<tag>id</tag>
</tags>
<impact>5</impact>
</filter>
<filter>
<id>75</id>
<rule><![CDATA[(?:(((.*)\%[c|d|i|e|f|g|o|s|u|x|p|n]){8}))]]></rule>
<description>Looking for a format string attack</description>
<tags>
<tag>format string</tag>
</tags>
<impact>4</impact>
</filter>
<filter>
<id>76</id>
<rule><![CDATA[(?:(union(.*)select(.*)from))]]></rule>
<description>Looking for basic sql injection. Common attack string for mysql, oracle and others.</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>3</impact>
</filter>
<filter>
<id>77</id>
<rule><![CDATA[(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)]]></rule>
<description>Looking for integer overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the "magic number" crash</description>
<tags>
<tag>sqli</tag>
<tag>id</tag>
</tags>
<impact>3</impact>
</filter>
</filters>

1
libraries/plugins/IDS/tmp/bad_bots.txt
View File

@ -1 +0,0 @@
@nonymouse|ADSARobot|Advanced\ Email\ Extractor|ah-ha|aktuelles|almaden|amzn_assoc|Anarchie|Art-Online|AspiWeb|ASPSeek|ASSORT|ATHENS|Atomz|attach|attache|autoemailspider|BackWeb|Bandit|BatchFTP|bdfetch|big\.brother|BlackWidow|bmclient|Boston\ Project|Bot\ mailto:craftbot@yahoo\.com|BravoBrian\ SpiderEngine\ MarcoPolo|Buddy|Bullseye|bumblebee|capture|CherryPicker|ChinaClaw|CICC|clipping|Crescent\ Internet\ ToolPack|cURL|Custo|cyberalert|Deweb|diagem|Digger|Digimarc|DIIbot|DirectUpdate|DISCo|Drip|DSurf15a|DTS\.Agent|EasyDL|eCatch|echo\ extense|ecollector|efp@gmx\.net|EirGrabber|Email\ Extractor|EmailCollector|EmailSiphon|EmailWolf|Express\ WebPictures|ExtractorPro|EyeNetIE|fastlwspider|FavOrg|Favorites\ Sweeper|Fetch\ API\ Request|FEZhead|FileHound|FlashGet|FlickBot|fluffy|frontpage|GalaxyBot|Generic|Getleft|GetSmart|GetWeb!|GetWebPage|gigabaz|Girafabot|Go!Zilla|Go-Ahead-Got-It|GornKer|Grabber|GrabNet|Grafula|Green\ Research|Harvest|hhjhj@yahoo|hloader|HMView|HomePageSearch|http\ generic|HTTPConnect|httpdown|HTTrack|IBM_Planetwide|Image\ Stripper|Image\ Sucker|imagefetch|IncyWincy|Indy\ Library|informant|Ingelin|InterGET|Internet\ Ninja|InternetLinkAgent|InternetSeer\.com|iOpus|IPiumBot\ laurion(dot)com|Iria|Irvine|Jakarta|JBH*Agent|JetCar|JustView|Kapere|KWebGet|Lachesis|larbin|LeechFTP|LexiBot|lftp|libwww|likse|Link*Sleuth|LINKS\ ARoMATIZED|LinkWalker|lwp-trivial|Mac\ Finder|Mag-Net|Magnet|Mass\ Downloader|MCspider|MemoWeb|Microsoft\ URL\ Control|MIDown\ tool|minibot\(NaverRobot\)|Missigua\ Locator|Mister\ PiX|MMMtoCrawl\/UrlDispatcherLLL|MSProxy|multithreaddb|nationaldirectory|Navroad|NearSite|Net\ Vampire|NetAnts|NetCarta|netcraft|netfactual|NetMechanic|netprospector|NetResearchServer|NetSpider|NetZIP|NEWT|nicerspro|NPBot|Octopus|Offline\ Explorer|Offline\ Navigator|OpaL|Openfind|OpenTextSiteCrawler|OutWit|PackRat|PageGrabber|Papa\ Foto|pavuk|pcBrowser|PersonaPilot|PingALink|Pockey|Program\ Shareware|psbot|PSurf|puf|Pump|PushSite|QRVA|QuepasaCreep|RealDownload|Reaper|Recorder|ReGet|replacer|RepoMonkey|Robozilla|Rover|RPT-HTTPClient|Rsync|SearchExpress|searchhippo|searchterms\.it|Second\ Street\ Research|Shai|sitecheck|SiteMapper|SiteSnagger|SlySearch|SmartDownload|snagger|SpaceBison|Spegla|SpiderBot|SqWorm|Star\ Downloader|Stripper|Sucker|SuperBot|SuperHTTP|Surfbot|SurfWalker|Szukacz|tAkeOut|tarspider|Teleport\ Pro|Telesoft|Templeton|traffixer|TrueRobot|TuringOS|TurnitinBot|TV33_Mercator|UIowaCrawler|URL_Spider_Pro|UtilMind|Vacuum|vagabondo|vayala|visibilitygap|vobsub|VoidEYE|vspider|w3mir|Web\ Data\ Extractor|Web\ Downloader|Web\ Image\ Collector|Web\ Sucker|web\.by\.mail|WebAuto|webbandit|Webclipping|webcollage|webcollector|WebCopier|webcraft@bea|WebDAV|webdevil|webdownloader|Webdup|WebEmailExtractor|WebFetch|WebGo\ IS|WebHook|Webinator|WebLeacher|WebMiner|WebMirror|webmole|WebReaper|WebSauger|WEBsaver|Website\ eXtractor|Website\ Quester|WebSnake|Webster|WebStripper|websucker|webvac|webwalk|webweasel|WebWhacker|WebZIP|Wget|whizbang|WhosTalking|Widow|WISEbot|WUMPUS|Wweb|WWWOFFLE|Wysigot|x-Tractor|Xaldon\ WebSpider|XGET

2
libraries/plugins/IDS/tmp/cookie_ips.txt
View File

@ -1,2 +0,0 @@
172.19.20.122,2,1429360837,14,
::1,0,1430174122,16,

1
libraries/plugins/IDS/tmp/custom_rules.txt
View File

@ -1 +0,0 @@
a:5:{s:7:"trusted";a:0:{}s:7:"blocked";a:0:{}s:9:"exception";a:1:{i:0;s:10:"COOKIE.lol";}s:4:"html";a:0:{}s:4:"json";a:0:{}}

2
libraries/plugins/IDS/tmp/ips.txt
View File

@ -1,2 +0,0 @@
172.19.13.36,0,1426076415,3,
::1,0,1428069894,5,

804
libraries/plugins/IDS/tmp/phpids_log.txt
View File

@ -1,804 +0,0 @@
"local/unknown",2008-08-18T18:00:29+02:00,36,"xss csrf id rfe lfi sqli","test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E"
"local/unknown",2008-08-18T18:00:32+02:00,36,"xss csrf id rfe lfi sqli","test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E"
"local/unknown",2008-08-18T18:00:46+02:00,36,"xss csrf id rfe lfi sqli","test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E"
"local/unknown",2008-08-18T18:27:34+02:00,36,"xss csrf id rfe lfi sqli","test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E"
"local/unknown",2009-06-24T12:58:37+02:00,36,"xss csrf id rfe lfi sqli","REQUEST.test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E GET.test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","127.0.0.1"
"local/unknown",2009-06-24T12:59:27+02:00,36,"xss csrf id rfe lfi sqli","REQUEST.test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E GET.test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","127.0.0.1"
"local/unknown",2009-06-24T12:59:29+02:00,36,"xss csrf id rfe lfi sqli","REQUEST.test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E GET.test=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","127.0.0.1"
"local/unknown",2009-06-24T12:59:42+02:00,36,"xss csrf id rfe lfi sqli","REQUEST.__wysiwyg=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E GET.__wysiwyg=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","127.0.0.1"
"local/unknown",2009-06-24T13:00:01+02:00,36,"xss csrf id rfe lfi sqli","REQUEST.__wysiwyg=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E GET.__wysiwyg=%5C%22%3E%3Cscript%3Eeval%28window.name%29%3C%2Fscript%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","127.0.0.1"
"local/unknown",2009-06-24T13:00:21+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:00:27+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwygx=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwygx=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwygx%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:00:31+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:01:48+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:01:49+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:01:51+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:04:46+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"local/unknown",2009-06-24T13:05:48+02:00,15,"xss csrf sqli id lfi","REQUEST.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E GET.__wysiwyg=%3Ca%20href%3D%5C%22http%3A%2F%2Fwww.foo.de%2F%3Fbar%5C%22%3Efoobar%3C%2Fa%3E","%2Fphp-ids.org%2Ftrunk%2Fdocs%2Fexamples%2Fexample.php%3F__wysiwyg%3D%253Ca%2520href%3D%2522http%3A%2F%2Fwww.foo.de%2F%3Fbar%2522%253Efoobar%253C%2Fa%253E","127.0.0.1"
"%3A%3A1",2014-11-14T21:41:41+01:00,72,"xss csrf id rfe lfi sqli","REQUEST.test%3D%2522%253E%253Cscript%253Eeval%2528window.name%2529%253C%252Fscript%253E+GET.test%3D%2522%253E%253Cscript%253Eeval%2528window.name%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fphpids%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","::1"
"%3A%3A1",2014-11-14T21:41:58+01:00,12,"sqli id lfi","REQUEST.test%3D1%2527+GET.test%3D1%2527","%2Fczar%2Fplayground%2Fphpids%2Fdocs%2Fexamples%2Fexample.php%3Ftest%3D1%2527","::1"
"%3A%3A1",2014-11-14T21:51:04+01:00,72,"xss csrf id rfe lfi sqli","REQUEST.test%3D%2522%253E%253Cscript%253Eeval%2528window.name%2529%253C%252Fscript%253E+GET.test%3D%2522%253E%253Cscript%253Eeval%2528window.name%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2F%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","::1"
"%3A%3A1",2014-11-14T21:51:13+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:51:39+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:51:56+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:52:06+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:53:03+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:53:11+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:54:16+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:54:17+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:55:13+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-14T21:55:25+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-15T13:42:51+01:00,16,"xss csrf id rfe","REQUEST.id%3Dalert%2528%2529+GET.id%3Dalert%2528%2529","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3Dalert%2528%2529%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-15T13:45:45+01:00,10,"Command Execution id","REQUEST.id%3Dping%2520-n%25203%2520localhost+GET.id%3Dping%2520-n%25203%2520localhost","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3Dping%2B-n%2B3%2Blocalhost%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-15T13:46:48+01:00,10,"Command Execution id","REQUEST.chootid%3Dping%2520-n%25203%2520localhost+GET.chootid%3Dping%2520-n%25203%2520localhost","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3Dhi%26Submit%3DSubmit%26chootid%3Dping%2B-n%2B3%2Blocalhost","::1"
"%3A%3A1",2014-11-15T13:47:38+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-15T13:48:05+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-15T13:55:09+01:00,86,"xss csrf id rfe sqli lfi","REQUEST.name%3D%2527%2527%253B%2521--%2522%253CXSS%253E%253D%2526%257B%2528%2529%257D+GET.name%3D%2527%2527%253B%2521--%2522%253CXSS%253E%253D%2526%257B%2528%2529%257D","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D%2527%2527%253B%2521--%2522%253CXSS%253E%253D%2526%257B%2528%2529%257D","::1"
"%3A%3A1",2014-11-15T13:55:38+01:00,70,"xss csrf id rfe lfi","REQUEST.name%3D%253CIMG%2520SRC%253Djavascript%253Aalert%2528%2527XSS%2527%2529%253E+GET.name%3D%253CIMG%2520SRC%253Djavascript%253Aalert%2528%2527XSS%2527%2529%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D%253CIMG%2BSRC%253Djavascript%253Aalert%2528%2527XSS%2527%2529%253E","::1"
"%3A%3A1",2014-11-15T13:55:45+01:00,70,"xss csrf id rfe lfi","REQUEST.name%3D%253CIMG%2520SRC%253Djavascript%253Aalert%2528%2522XSS%2522%2529%253E+GET.name%3D%253CIMG%2520SRC%253Djavascript%253Aalert%2528%2522XSS%2522%2529%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D%253CIMG%2BSRC%253Djavascript%253Aalert%2528%2522XSS%2522%2529%253E","::1"
"%3A%3A1",2014-11-15T13:56:01+01:00,88,"xss csrf id rfe lfi","REQUEST.name%3D%253CIMG%2520SRC%253Djavascript%253Aalert%2528String.fromCharCode%252888%252C83%252C83%2529%2529%253E+GET.name%3D%253CIMG%2520SRC%253Djavascript%253Aalert%2528String.fromCharCode%252888%252C83%252C83%2529%2529%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D%253CIMG%2BSRC%253Djavascript%253Aalert%2528String.fromCharCode%252888%252C83%252C83%2529%2529%253E","::1"
"%3A%3A1",2014-11-15T13:56:12+01:00,18,"xss csrf id rfe lfi","REQUEST.name%3D%253CIMG%2520SRC%253D%2526%25230000106%2526%25230000097%2526%25230000118%2526%25230000097%2526%25230000115%2526%25230000099%2526%25230000114%2526%25230000105%2526%25230000112%2526%25230000116%2526%25230000058%2526%25230000097%2526%2520%25230000108%2526%25230000101%2526%25230000114%2526%25230000116%2526%25230000040%2526%25230000039%2526%25230000088%2526%25230000083%2526%25230000083%2526%25230000039%2526%25230000041%253E+GET.name%3D%253CIMG%2520SRC%253D%2526%25230000106%2526%25230000097%2526%25230000118%2526%25230000097%2526%25230000115%2526%25230000099%2526%25230000114%2526%25230000105%2526%25230000112%2526%25230000116%2526%25230000058%2526%25230000097%2526%2520%25230000108%2526%25230000101%2526%25230000114%2526%25230000116%2526%25230000040%2526%25230000039%2526%25230000088%2526%25230000083%2526%25230000083%2526%25230000039%2526%25230000041%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D%253CIMG%2BSRC%253D%2526%25230000106%2526%25230000097%2526%25230000118%2526%25230000097%2526%25230000115%2526%25230000099%2526%25230000114%2526%25230000105%2526%25230000112%2526%25230000116%2526%25230000058%2526%25230000097%2526%2B%25230000108%2526%25230000101%2526%25230000114%2526%25230000116%2526%25230000040%2526%25230000039%2526%25230000088%2526%25230000083%2526%25230000083%2526%25230000039%2526%25230000041%253E","::1"
"%3A%3A1",2014-11-16T18:11:58+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:13:49+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:16:01+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:16:03+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:16:10+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:23:22+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:23:23+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:23:24+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:38:09+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:38:56+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:38:57+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-16T18:39:04+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-22T10:43:21+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:44:54+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:53:26+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:53:36+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:53:45+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:53:51+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:54:07+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:54:10+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:54:12+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:57:49+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:57:51+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T11:59:49+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:00:01+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:00:17+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:02:06+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:02:07+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:57:45+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:57:47+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:57:59+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:58:18+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:58:22+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:17+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:20+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:21+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:22+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:51+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:54+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T12:59:59+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:00:28+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:00:30+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:00:45+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:01:36+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:01+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:09+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:19+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:27+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:44+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:45+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:45+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:46+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:48+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:02:50+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:03:44+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:03:50+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:04:12+01:00,6,"sqli id lfi","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:04:16+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:04:44+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:05:46+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:07:22+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:07:24+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:07:26+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:10:27+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:11:01+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:11:02+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:11:39+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:13:12+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:14:22+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:14:55+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:15:29+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:15:51+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:18:21+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:18:23+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:18:24+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:18:25+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:18:26+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:18:27+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:19:15+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:19:27+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:19:33+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:19:46+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:20:02+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:20:57+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:21:04+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:21:22+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:21:48+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:23:08+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:24:21+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:24:56+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:25:01+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:25:03+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:30:36+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:47:22+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T13:47:45+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T14:36:25+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T14:37:19+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T14:37:26+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T14:38:26+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T14:42:13+01:00,24,"sqli id lfi","REQUEST.username%3D1%2527+REQUEST.password%3D1%2527+GET.username%3D1%2527+GET.password%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fbrute%2F%3Fusername%3D1%2527%26password%3D1%2527%26Login%3DLogin","::1"
"%3A%3A1",2014-11-23T14:42:39+01:00,24,"sqli id lfi","REQUEST.username%3D1%2527+REQUEST.password%3D1%2527+GET.username%3D1%2527+GET.password%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fbrute%2F%3Fusername%3D1%2527%26password%3D1%2527%26Login%3DLogin","::1"
"%3A%3A1",2014-11-23T14:47:23+01:00,24,"sqli id lfi","REQUEST.username%3D1%2527+REQUEST.password%3D1%2527+GET.username%3D1%2527+GET.password%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fbrute%2F%3Fusername%3D1%2527%26password%3D1%2527%26Login%3DLogin","::1"
"%3A%3A1",2014-11-23T14:51:48+01:00,24,"sqli id lfi","REQUEST.username%3D1%2527+REQUEST.password%3D1%2527+GET.username%3D1%2527+GET.password%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fbrute%2F%3Fusername%3D1%2527%26password%3D1%2527%26Login%3DLogin","::1"
"%3A%3A1",2014-11-23T14:56:02+01:00,24,"sqli id lfi","REQUEST.username%3D1%2527+REQUEST.password%3D1%2527+GET.username%3D1%2527+GET.password%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fbrute%2F%3Fusername%3D1%2527%26password%3D1%2527%26Login%3DLogin","::1"
"%3A%3A1",2014-11-23T15:44:39+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T15:55:55+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:07:00+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:11:41+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:13:40+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:14:38+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:15:06+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:19:52+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-23T16:24:22+01:00,6,"xss csrf id","REQUEST.id%3D%25201%253D1--+GET.id%3D%25201%253D1--","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%2B1%253D1--%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T05:30:10+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T05:30:14+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T05:30:14+01:00,12,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T12:43:21+01:00,12,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-24T20:00:16+01:00,30,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-24T20:00:50+01:00,30,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-24T20:02:59+01:00,30,"sqli id lfi","REQUEST.name%3D1%2527+GET.name%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-11-24T20:26:01+01:00,30,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T20:27:29+01:00,30,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T20:27:41+01:00,30,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-11-24T20:27:46+01:00,18,"sqli id lfi","REQUEST.id%3D1%2527+GET.id%3D1%2527+COOKIE.ci_session%3Da%253A5%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%25226676b3b07a4d838d925143494b678f00%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.65%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1416854864%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253B%257D8ca15a722b54589b619b94c750442da596d29f1f","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-12-02T11:19:57+01:00,18,"sqli id lfi","COOKIE.ci_session%3Da%253A10%253A%257Bs%253A10%253A%2522session_id%2522%253Bs%253A32%253A%2522a34d080e23eb0a1bf4e6f9a52d36a125%2522%253Bs%253A10%253A%2522ip_address%2522%253Bs%253A3%253A%2522%253A%253A1%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A113%253A%2522Mozilla%252F5.0%2520%2528Windows%2520NT%25206.1%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F39.0.2171.71%2520Safari%252F537.36%2522%253Bs%253A13%253A%2522last_activity%2522%253Bi%253A1417514309%253Bs%253A9%253A%2522user_data%2522%253Bs%253A0%253A%2522%2522%253Bs%253A8%253A%2522identity%2522%253Bs%253A15%253A%2522admin%2540admin.com%2522%253Bs%253A8%253A%2522username%2522%253Bs%253A13%253A%2522administrator%2522%253Bs%253A5%253A%2522email%2522%253Bs%253A15%253A%2522admin%2540admin.com%2522%253Bs%253A7%253A%2522user_id%2522%253Bs%253A1%253A%25221%2522%253Bs%253A14%253A%2522old_last_login%2522%253Bs%253A10%253A%25221417329311%2522%253B%257D5b27f6a690947255067006681e74cad507ad69a3","%2Fczar%2Fplayground%2Fdvwa%2Flogin.php","::1"
"%3A%3A1",2014-12-02T11:20:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-12-02T11:21:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-12-02T11:21:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2014-12-09T10:22:27+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-09T10:34:03+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-09T19:03:29+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-09T19:14:48+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-09T19:50:58+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-09T21:22:30+01:00,40,"sqli id lfi","REQUEST.name%3DSELECT%2520column_name%2528s%2529%2520FROM%2520table1%2520UNION%2520ALL%2520SELECT%2520column_name%2528s%2529%2520FROM%2520table2%253B+GET.name%3DSELECT%2520column_name%2528s%2529%2520FROM%2520table1%2520UNION%2520ALL%2520SELECT%2520column_name%2528s%2529%2520FROM%2520table2%253B","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3DSELECT%2Bcolumn_name%2528s%2529%2BFROM%2Btable1%2BUNION%2BALL%2BSELECT%2Bcolumn_name%2528s%2529%2BFROM%2Btable2%253B","::1"
"%3A%3A1",2014-12-09T22:31:15+01:00,40,"sqli id lfi","REQUEST.name%3DSELECT%2520column_name%2528s%2529%2520FROM%2520table1%2520UNION%2520ALL%2520SELECT%2520column_name%2528s%2529%2520FROM%2520table2%253B+GET.name%3DSELECT%2520column_name%2528s%2529%2520FROM%2520table1%2520UNION%2520ALL%2520SELECT%2520column_name%2528s%2529%2520FROM%2520table2%253B","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3DSELECT%2Bcolumn_name%2528s%2529%2BFROM%2Btable1%2BUNION%2BALL%2BSELECT%2Bcolumn_name%2528s%2529%2BFROM%2Btable2%253B","::1"
"%3A%3A1",2014-12-12T18:14:53+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-13T12:00:33+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2014-12-13T16:46:16+01:00,40,"sqli id lfi","REQUEST.name%3DSELECT%2520City%2520FROM%2520Customers%2520UNION%2520ALL%2520SELECT%2520City%2520FROM%2520Suppliers%2520ORDER%2520BY%2520City%253B+GET.name%3DSELECT%2520City%2520FROM%2520Customers%2520UNION%2520ALL%2520SELECT%2520City%2520FROM%2520Suppliers%2520ORDER%2520BY%2520City%253B","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3DSELECT%2BCity%2BFROM%2BCustomers%2BUNION%2BALL%2BSELECT%2BCity%2BFROM%2BSuppliers%2BORDER%2BBY%2BCity%253B","::1"
"%3A%3A1",2014-12-15T10:43:24+01:00,0,"","REQUEST.name%3D1%2527+GET.name%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fxss_r%2F%3Fname%3D1%2527","::1"
"%3A%3A1",2015-01-18T11:20:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-01-18T11:26:31+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-01-18T11:34:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-01-18T11:48:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:30:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:33+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:33+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:53:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:13+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:55:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:56:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:57:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:57:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:57:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:57:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:58:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:58:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:58:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T05:59:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:00:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:00:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:00:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:00:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:00:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:00:39+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:01:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:01:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:02:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:02:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:02:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:04:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:04:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:04:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:04:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:04:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:07:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:07:13+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:07:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:07:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:07:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:40:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:40:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:40:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:40:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:40:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:55:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:55:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:56:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:56:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:56:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:56:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:57:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:57:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T06:58:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T07:53:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T07:54:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T07:55:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T07:55:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T07:55:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T07:55:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:08:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:13:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:18:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:18:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:20:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:21:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:21:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:21:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:22:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:23:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:24:13+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:24:13+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:24:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:24:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:24:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:25:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:25:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:25:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:25:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:25:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:26:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:29:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:36:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:36:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:36:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:36:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:36:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:45:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:45:55+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:46:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:46:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T08:46:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:38:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:39:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:42:42+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:42:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:42:52+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:42:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:43:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:46:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:46:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:46:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:46:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:46:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T10:46:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T11:58:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:10:52+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:14:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:17:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:18+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:18+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:18:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:42+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:49+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:50+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:19:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:31+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:31+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:20:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:23:55+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:55+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:55+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:24:55+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:28:42+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:34:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:34:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:34:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:34:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:34:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:38:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:38:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:38:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:38:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:38:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:39:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:40:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:40:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:40:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:40:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:40:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:43:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:02+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:44:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:45:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:23+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:24+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:33+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:33+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:46:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:50:52+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:50:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:50:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:50:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:50:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:42+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:52+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:51:53+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:19+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:19+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:43+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:52:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:53:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:55:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:55:33+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:55:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:55:34+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:55:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:55:39+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:18+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:19+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:19+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:31+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:31+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:31+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:56:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:42+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:44+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T12:57:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:00:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:02:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:02:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:02:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:02:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:02:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:02:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:04:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:04:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:04:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:04:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:04:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:05:50+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:05:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:05:51+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:05:52+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:05:52+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:02+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:04+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:05+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:15+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:06:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:07:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:07:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:07:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:07:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:07:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:20+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:08:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:09:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:09:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:09:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:09:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:32+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:33+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:36+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:49+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:11:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:18+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:18+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:19+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:19+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:39+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:12:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:41+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:49+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:49+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:50+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:50+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:13:50+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:11+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:12+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:30+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:14:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:46+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:15:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:10+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:21+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:39+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:39+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:40+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:16:59+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:55+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:56+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:17:57+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:06+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:07+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:16+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:17+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:18:38+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:00+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:27+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:28+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:47+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:19:48+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:01+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:02+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:02+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:02+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T13:20:14+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T18:42:13+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T18:43:25+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T18:44:29+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T18:45:26+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T18:45:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T18:52:37+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T19:00:03+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T19:00:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T19:00:52+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T19:48:24+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T19:48:47+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T21:46:29+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-11T21:58:05+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T05:20:46+01:00,42,"xss csrf id rfe lfi","REQUEST.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E+GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T05:43:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T05:43:58+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T06:40:28+01:00,20,"dt id lfi","REQUEST.id%3D..%252F..%252F..%252F..%252F..%252Fetc%252Fpassword+GET.id%3D..%252F..%252F..%252F..%252F..%252Fetc%252Fpassword","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D..%252F..%252F..%252F..%252F..%252Fetc%252Fpassword%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T17:20:08+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T17:20:35+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T17:26:45+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T17:26:54+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-12T17:27:39+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T09:41:22+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T09:42:09+01:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T14:23:25+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T14:23:49+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T14:24:23+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T18:28:38+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T18:47:53+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T20:04:35+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-13T20:20:49+01:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252Fmaagi%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252Fmaagi%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T12:22:05+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T12:23:17+01:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T12:24:02+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T14:28:36+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T14:29:51+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T16:04:46+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-14T19:49:05+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-24T09:58:24+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-24T09:58:59+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-24T10:31:10+01:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli_blind%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-25T08:49:45+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-25T08:49:57+01:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252Fmaagi%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252Fmaagi%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-28T12:24:15+01:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-03-31T12:51:22+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T11:51:21+02:00,33,"xss csrf id rfe lfi sqli","GET.id%3D%2527%2522%2528%2529%252526%2525251%253CScRiPt%2520%253Eprompt%2528910003%2529%253C%25252fScRiPt%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%2527%2522%2528%2529%252526%2525251%253CScRiPt%2B%253Eprompt%2528910003%2529%253C%25252fScRiPt%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:48+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:50+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:50+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:50+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:50+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:51+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:51+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:51+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:52+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:55:52+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:56:02+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:56:15+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:57:53+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:58:37+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:58:41+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:58:43+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:58:46+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:58:48+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T15:58:51+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T16:01:22+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T16:01:25+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T16:01:28+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T16:01:29+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T16:01:31+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T19:37:32+02:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252Fmaagi%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252Fmaagi%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-03T22:36:53+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-04T06:17:25+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-04T06:17:48+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-04T06:18:17+02:00,0,"","GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-04T06:19:04+02:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-04T06:20:37+02:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-04T06:21:13+02:00,21,"xss csrf id rfe lfi","GET.id%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-07T10:43:08+02:00,36,"xss csrf id rfe lfi sqli","GET.test%3D%2522%253E%253Cscript%253Eeval%2528window.name%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdvwa%2Fsecurity.php%3Ftest%3D%2522%253E%253Cscript%253Eeval%28window.name%29%253C%2Fscript%253E","::1"
"%3A%3A1",2015-04-09T15:58:24+00:00,21,"xss csrf id rfe lfi","GET.hi%3D%253Cscript%253Ealert%2528%252F0%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdemo%2Fwordpress%2F%3Fhi%3D%253Cscript%253Ealert%28%2F0%2F%29%253C%2Fscript%253E","::1"
"%3A%3A1",2015-04-09T16:41:38+00:00,24,"xss csrf id rfe lfi","GET.i%3D%253Cscript%253Ealert%2528%252F0%252F%252F%2529%253C%252Fscript%253E","%2Fczar%2Fplayground%2Fdemo%2Fwordpress%2F%3Fi%3D%253Cscript%253Ealert%28%2F0%2F%2F%29%253C%2Fscript%253E","::1"
"%3A%3A1",2015-04-10T19:19:30+02:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"
"%3A%3A1",2015-04-10T19:19:52+02:00,0,"","REQUEST.id%3D1%2527+GET.id%3D1%2527","%2Fczar%2Fplayground%2Fdvwa%2Fvulnerabilities%2Fsqli%2F%3Fid%3D1%2527%26Submit%3DSubmit","::1"

11
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php vendored
View File

@ -1,11 +0,0 @@
<?php
/**
* This is a stub include that automatically configures the include path.
*/
set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
require_once 'HTMLPurifier/Bootstrap.php';
require_once 'HTMLPurifier.autoload.php';
// vim: et sw=4 sts=4

26
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.autoload.php vendored
View File

@ -1,26 +0,0 @@
<?php
/**
* @file
* Convenience file that registers autoload handler for HTML Purifier.
* It also does some sanity checks.
*/
if (function_exists('spl_autoload_register') && function_exists('spl_autoload_unregister')) {
// We need unregister for our pre-registering functionality
HTMLPurifier_Bootstrap::registerAutoload();
if (function_exists('__autoload')) {
// Be polite and ensure that userland autoload gets retained
spl_autoload_register('__autoload');
}
} elseif (!function_exists('__autoload')) {
function __autoload($class) {
return HTMLPurifier_Bootstrap::autoload($class);
}
}
if (ini_get('zend.ze1_compatibility_mode')) {
trigger_error("HTML Purifier is not compatible with zend.ze1_compatibility_mode; please turn it off", E_USER_ERROR);
}
// vim: et sw=4 sts=4

23
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.func.php vendored
View File

@ -1,23 +0,0 @@
<?php
/**
* @file
* Defines a function wrapper for HTML Purifier for quick use.
* @note ''HTMLPurifier()'' is NOT the same as ''new HTMLPurifier()''
*/
/**
* Purify HTML.
* @param $html String HTML to purify
* @param $config Configuration to use, can be any value accepted by
* HTMLPurifier_Config::create()
*/
function HTMLPurifier($html, $config = null) {
static $purifier = false;
if (!$purifier) {
$purifier = new HTMLPurifier();
}
return $purifier->purify($html, $config);
}
// vim: et sw=4 sts=4

214
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php vendored
View File

@ -1,214 +0,0 @@
<?php
/**
* @file
* This file was auto-generated by generate-includes.php and includes all of
* the core files required by HTML Purifier. Use this if performance is a
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
* FILE, changes will be overwritten the next time the script is run.
*
* @version 4.3.0
*
* @warning
* You must *not* include any other HTML Purifier files before this file,
* because 'require' not 'require_once' is used.
*
* @warning
* This file requires that the include path contains the HTML Purifier
* library directory; this is not auto-set.
*/
require 'HTMLPurifier.php';
require 'HTMLPurifier/AttrCollections.php';
require 'HTMLPurifier/AttrDef.php';
require 'HTMLPurifier/AttrTransform.php';
require 'HTMLPurifier/AttrTypes.php';
require 'HTMLPurifier/AttrValidator.php';
require 'HTMLPurifier/Bootstrap.php';
require 'HTMLPurifier/Definition.php';
require 'HTMLPurifier/CSSDefinition.php';
require 'HTMLPurifier/ChildDef.php';
require 'HTMLPurifier/Config.php';
require 'HTMLPurifier/ConfigSchema.php';
require 'HTMLPurifier/ContentSets.php';
require 'HTMLPurifier/Context.php';
require 'HTMLPurifier/DefinitionCache.php';
require 'HTMLPurifier/DefinitionCacheFactory.php';
require 'HTMLPurifier/Doctype.php';
require 'HTMLPurifier/DoctypeRegistry.php';
require 'HTMLPurifier/ElementDef.php';
require 'HTMLPurifier/Encoder.php';
require 'HTMLPurifier/EntityLookup.php';
require 'HTMLPurifier/EntityParser.php';
require 'HTMLPurifier/ErrorCollector.php';
require 'HTMLPurifier/ErrorStruct.php';
require 'HTMLPurifier/Exception.php';
require 'HTMLPurifier/Filter.php';
require 'HTMLPurifier/Generator.php';
require 'HTMLPurifier/HTMLDefinition.php';
require 'HTMLPurifier/HTMLModule.php';
require 'HTMLPurifier/HTMLModuleManager.php';
require 'HTMLPurifier/IDAccumulator.php';
require 'HTMLPurifier/Injector.php';
require 'HTMLPurifier/Language.php';
require 'HTMLPurifier/LanguageFactory.php';
require 'HTMLPurifier/Length.php';
require 'HTMLPurifier/Lexer.php';
require 'HTMLPurifier/PercentEncoder.php';
require 'HTMLPurifier/PropertyList.php';
require 'HTMLPurifier/PropertyListIterator.php';
require 'HTMLPurifier/Strategy.php';
require 'HTMLPurifier/StringHash.php';
require 'HTMLPurifier/StringHashParser.php';
require 'HTMLPurifier/TagTransform.php';
require 'HTMLPurifier/Token.php';
require 'HTMLPurifier/TokenFactory.php';
require 'HTMLPurifier/URI.php';
require 'HTMLPurifier/URIDefinition.php';
require 'HTMLPurifier/URIFilter.php';
require 'HTMLPurifier/URIParser.php';
require 'HTMLPurifier/URIScheme.php';
require 'HTMLPurifier/URISchemeRegistry.php';
require 'HTMLPurifier/UnitConverter.php';
require 'HTMLPurifier/VarParser.php';
require 'HTMLPurifier/VarParserException.php';
require 'HTMLPurifier/AttrDef/CSS.php';
require 'HTMLPurifier/AttrDef/Enum.php';
require 'HTMLPurifier/AttrDef/Integer.php';
require 'HTMLPurifier/AttrDef/Lang.php';
require 'HTMLPurifier/AttrDef/Switch.php';
require 'HTMLPurifier/AttrDef/Text.php';
require 'HTMLPurifier/AttrDef/URI.php';
require 'HTMLPurifier/AttrDef/CSS/Number.php';
require 'HTMLPurifier/AttrDef/CSS/AlphaValue.php';
require 'HTMLPurifier/AttrDef/CSS/Background.php';
require 'HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
require 'HTMLPurifier/AttrDef/CSS/Border.php';
require 'HTMLPurifier/AttrDef/CSS/Color.php';
require 'HTMLPurifier/AttrDef/CSS/Composite.php';
require 'HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
require 'HTMLPurifier/AttrDef/CSS/Filter.php';
require 'HTMLPurifier/AttrDef/CSS/Font.php';
require 'HTMLPurifier/AttrDef/CSS/FontFamily.php';
require 'HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
require 'HTMLPurifier/AttrDef/CSS/Length.php';
require 'HTMLPurifier/AttrDef/CSS/ListStyle.php';
require 'HTMLPurifier/AttrDef/CSS/Multiple.php';
require 'HTMLPurifier/AttrDef/CSS/Percentage.php';
require 'HTMLPurifier/AttrDef/CSS/TextDecoration.php';
require 'HTMLPurifier/AttrDef/CSS/URI.php';
require 'HTMLPurifier/AttrDef/HTML/Bool.php';
require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
require 'HTMLPurifier/AttrDef/HTML/Class.php';
require 'HTMLPurifier/AttrDef/HTML/Color.php';
require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
require 'HTMLPurifier/AttrDef/HTML/ID.php';
require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
require 'HTMLPurifier/AttrDef/HTML/Length.php';
require 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
require 'HTMLPurifier/AttrDef/HTML/MultiLength.php';
require 'HTMLPurifier/AttrDef/URI/Email.php';
require 'HTMLPurifier/AttrDef/URI/Host.php';
require 'HTMLPurifier/AttrDef/URI/IPv4.php';
require 'HTMLPurifier/AttrDef/URI/IPv6.php';
require 'HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
require 'HTMLPurifier/AttrTransform/Background.php';
require 'HTMLPurifier/AttrTransform/BdoDir.php';
require 'HTMLPurifier/AttrTransform/BgColor.php';
require 'HTMLPurifier/AttrTransform/BoolToCSS.php';
require 'HTMLPurifier/AttrTransform/Border.php';
require 'HTMLPurifier/AttrTransform/EnumToCSS.php';
require 'HTMLPurifier/AttrTransform/ImgRequired.php';
require 'HTMLPurifier/AttrTransform/ImgSpace.php';
require 'HTMLPurifier/AttrTransform/Input.php';
require 'HTMLPurifier/AttrTransform/Lang.php';
require 'HTMLPurifier/AttrTransform/Length.php';
require 'HTMLPurifier/AttrTransform/Name.php';
require 'HTMLPurifier/AttrTransform/NameSync.php';
require 'HTMLPurifier/AttrTransform/Nofollow.php';
require 'HTMLPurifier/AttrTransform/SafeEmbed.php';
require 'HTMLPurifier/AttrTransform/SafeObject.php';
require 'HTMLPurifier/AttrTransform/SafeParam.php';
require 'HTMLPurifier/AttrTransform/ScriptRequired.php';
require 'HTMLPurifier/AttrTransform/Textarea.php';
require 'HTMLPurifier/ChildDef/Chameleon.php';
require 'HTMLPurifier/ChildDef/Custom.php';
require 'HTMLPurifier/ChildDef/Empty.php';
require 'HTMLPurifier/ChildDef/Required.php';
require 'HTMLPurifier/ChildDef/Optional.php';
require 'HTMLPurifier/ChildDef/StrictBlockquote.php';
require 'HTMLPurifier/ChildDef/Table.php';
require 'HTMLPurifier/DefinitionCache/Decorator.php';
require 'HTMLPurifier/DefinitionCache/Null.php';
require 'HTMLPurifier/DefinitionCache/Serializer.php';
require 'HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
require 'HTMLPurifier/DefinitionCache/Decorator/Memory.php';
require 'HTMLPurifier/HTMLModule/Bdo.php';
require 'HTMLPurifier/HTMLModule/CommonAttributes.php';
require 'HTMLPurifier/HTMLModule/Edit.php';
require 'HTMLPurifier/HTMLModule/Forms.php';
require 'HTMLPurifier/HTMLModule/Hypertext.php';
require 'HTMLPurifier/HTMLModule/Image.php';
require 'HTMLPurifier/HTMLModule/Legacy.php';
require 'HTMLPurifier/HTMLModule/List.php';
require 'HTMLPurifier/HTMLModule/Name.php';
require 'HTMLPurifier/HTMLModule/Nofollow.php';
require 'HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
require 'HTMLPurifier/HTMLModule/Object.php';
require 'HTMLPurifier/HTMLModule/Presentation.php';
require 'HTMLPurifier/HTMLModule/Proprietary.php';
require 'HTMLPurifier/HTMLModule/Ruby.php';
require 'HTMLPurifier/HTMLModule/SafeEmbed.php';
require 'HTMLPurifier/HTMLModule/SafeObject.php';
require 'HTMLPurifier/HTMLModule/Scripting.php';
require 'HTMLPurifier/HTMLModule/StyleAttribute.php';
require 'HTMLPurifier/HTMLModule/Tables.php';
require 'HTMLPurifier/HTMLModule/Target.php';
require 'HTMLPurifier/HTMLModule/Text.php';
require 'HTMLPurifier/HTMLModule/Tidy.php';
require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
require 'HTMLPurifier/HTMLModule/Tidy/Name.php';
require 'HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
require 'HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
require 'HTMLPurifier/HTMLModule/Tidy/Strict.php';
require 'HTMLPurifier/HTMLModule/Tidy/Transitional.php';
require 'HTMLPurifier/HTMLModule/Tidy/XHTML.php';
require 'HTMLPurifier/Injector/AutoParagraph.php';
require 'HTMLPurifier/Injector/DisplayLinkURI.php';
require 'HTMLPurifier/Injector/Linkify.php';
require 'HTMLPurifier/Injector/PurifierLinkify.php';
require 'HTMLPurifier/Injector/RemoveEmpty.php';
require 'HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
require 'HTMLPurifier/Injector/SafeObject.php';
require 'HTMLPurifier/Lexer/DOMLex.php';
require 'HTMLPurifier/Lexer/DirectLex.php';
require 'HTMLPurifier/Strategy/Composite.php';
require 'HTMLPurifier/Strategy/Core.php';
require 'HTMLPurifier/Strategy/FixNesting.php';
require 'HTMLPurifier/Strategy/MakeWellFormed.php';
require 'HTMLPurifier/Strategy/RemoveForeignElements.php';
require 'HTMLPurifier/Strategy/ValidateAttributes.php';
require 'HTMLPurifier/TagTransform/Font.php';
require 'HTMLPurifier/TagTransform/Simple.php';
require 'HTMLPurifier/Token/Comment.php';
require 'HTMLPurifier/Token/Tag.php';
require 'HTMLPurifier/Token/Empty.php';
require 'HTMLPurifier/Token/End.php';
require 'HTMLPurifier/Token/Start.php';
require 'HTMLPurifier/Token/Text.php';
require 'HTMLPurifier/URIFilter/DisableExternal.php';
require 'HTMLPurifier/URIFilter/DisableExternalResources.php';
require 'HTMLPurifier/URIFilter/DisableResources.php';
require 'HTMLPurifier/URIFilter/HostBlacklist.php';
require 'HTMLPurifier/URIFilter/MakeAbsolute.php';
require 'HTMLPurifier/URIFilter/Munge.php';
require 'HTMLPurifier/URIScheme/data.php';
require 'HTMLPurifier/URIScheme/file.php';
require 'HTMLPurifier/URIScheme/ftp.php';
require 'HTMLPurifier/URIScheme/http.php';
require 'HTMLPurifier/URIScheme/https.php';
require 'HTMLPurifier/URIScheme/mailto.php';
require 'HTMLPurifier/URIScheme/news.php';
require 'HTMLPurifier/URIScheme/nntp.php';
require 'HTMLPurifier/VarParser/Flexible.php';
require 'HTMLPurifier/VarParser/Native.php';

30
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.kses.php vendored
View File

@ -1,30 +0,0 @@
<?php
/**
* @file
* Emulation layer for code that used kses(), substituting in HTML Purifier.
*/
require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
function kses($string, $allowed_html, $allowed_protocols = null) {
$config = HTMLPurifier_Config::createDefault();
$allowed_elements = array();
$allowed_attributes = array();
foreach ($allowed_html as $element => $attributes) {
$allowed_elements[$element] = true;
foreach ($attributes as $attribute => $x) {
$allowed_attributes["$element.$attribute"] = true;
}
}
$config->set('HTML.AllowedElements', $allowed_elements);
$config->set('HTML.AllowedAttributes', $allowed_attributes);
$allowed_schemes = array();
if ($allowed_protocols !== null) {
$config->set('URI.AllowedSchemes', $allowed_protocols);
}
$purifier = new HTMLPurifier($config);
return $purifier->purify($string);
}
// vim: et sw=4 sts=4

11
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.path.php vendored
View File

@ -1,11 +0,0 @@
<?php
/**
* @file
* Convenience stub file that adds HTML Purifier's library file to the path
* without any other side-effects.
*/
set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
// vim: et sw=4 sts=4

237
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.php vendored
View File

@ -1,237 +0,0 @@
<?php
/*! @mainpage
*
* HTML Purifier is an HTML filter that will take an arbitrary snippet of
* HTML and rigorously test, validate and filter it into a version that
* is safe for output onto webpages. It achieves this by:
*
* -# Lexing (parsing into tokens) the document,
* -# Executing various strategies on the tokens:
* -# Removing all elements not in the whitelist,
* -# Making the tokens well-formed,
* -# Fixing the nesting of the nodes, and
* -# Validating attributes of the nodes; and
* -# Generating HTML from the purified tokens.
*
* However, most users will only need to interface with the HTMLPurifier
* and HTMLPurifier_Config.
*/
/*
HTML Purifier 4.3.0 - Standards Compliant HTML Filtering
Copyright (C) 2006-2008 Edward Z. Yang
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
/**
* Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
*
* @note There are several points in which configuration can be specified
* for HTML Purifier. The precedence of these (from lowest to
* highest) is as follows:
* -# Instance: new HTMLPurifier($config)
* -# Invocation: purify($html, $config)
* These configurations are entirely independent of each other and
* are *not* merged (this behavior may change in the future).
*
* @todo We need an easier way to inject strategies using the configuration
* object.
*/
class HTMLPurifier
{
/** Version of HTML Purifier */
public $version = '4.3.0';
/** Constant with version of HTML Purifier */
const VERSION = '4.3.0';
/** Global configuration object */
public $config;
/** Array of extra HTMLPurifier_Filter objects to run on HTML, for backwards compatibility */
private $filters = array();
/** Single instance of HTML Purifier */
private static $instance;
protected $strategy, $generator;
/**
* Resultant HTMLPurifier_Context of last run purification. Is an array
* of contexts if the last called method was purifyArray().
*/
public $context;
/**
* Initializes the purifier.
* @param $config Optional HTMLPurifier_Config object for all instances of
* the purifier, if omitted, a default configuration is
* supplied (which can be overridden on a per-use basis).
* The parameter can also be any type that
* HTMLPurifier_Config::create() supports.
*/
public function __construct($config = null) {
$this->config = HTMLPurifier_Config::create($config);
$this->strategy = new HTMLPurifier_Strategy_Core();
}
/**
* Adds a filter to process the output. First come first serve
* @param $filter HTMLPurifier_Filter object
*/
public function addFilter($filter) {
trigger_error('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom', E_USER_WARNING);
$this->filters[] = $filter;
}
/**
* Filters an HTML snippet/document to be XSS-free and standards-compliant.
*
* @param $html String of HTML to purify
* @param $config HTMLPurifier_Config object for this operation, if omitted,
* defaults to the config object specified during this
* object's construction. The parameter can also be any type
* that HTMLPurifier_Config::create() supports.
* @return Purified HTML
*/
public function purify($html, $config = null) {
// :TODO: make the config merge in, instead of replace
$config = $config ? HTMLPurifier_Config::create($config) : $this->config;
// implementation is partially environment dependant, partially
// configuration dependant
$lexer = HTMLPurifier_Lexer::create($config);
$context = new HTMLPurifier_Context();
// setup HTML generator
$this->generator = new HTMLPurifier_Generator($config, $context);
$context->register('Generator', $this->generator);
// set up global context variables
if ($config->get('Core.CollectErrors')) {
// may get moved out if other facilities use it
$language_factory = HTMLPurifier_LanguageFactory::instance();
$language = $language_factory->create($config, $context);
$context->register('Locale', $language);
$error_collector = new HTMLPurifier_ErrorCollector($context);
$context->register('ErrorCollector', $error_collector);
}
// setup id_accumulator context, necessary due to the fact that
// AttrValidator can be called from many places
$id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
$context->register('IDAccumulator', $id_accumulator);
$html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context);
// setup filters
$filter_flags = $config->getBatch('Filter');
$custom_filters = $filter_flags['Custom'];
unset($filter_flags['Custom']);
$filters = array();
foreach ($filter_flags as $filter => $flag) {
if (!$flag) continue;
if (strpos($filter, '.') !== false) continue;
$class = "HTMLPurifier_Filter_$filter";
$filters[] = new $class;
}
foreach ($custom_filters as $filter) {
// maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat
$filters[] = $filter;
}
$filters = array_merge($filters, $this->filters);
// maybe prepare(), but later
for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {
$html = $filters[$i]->preFilter($html, $config, $context);
}
// purified HTML
$html =
$this->generator->generateFromTokens(
// list of tokens
$this->strategy->execute(
// list of un-purified tokens
$lexer->tokenizeHTML(
// un-purified HTML
$html, $config, $context
),
$config, $context
)
);
for ($i = $filter_size - 1; $i >= 0; $i--) {
$html = $filters[$i]->postFilter($html, $config, $context);
}
$html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);
$this->context =& $context;
return $html;
}
/**
* Filters an array of HTML snippets
* @param $config Optional HTMLPurifier_Config object for this operation.
* See HTMLPurifier::purify() for more details.
* @return Array of purified HTML
*/
public function purifyArray($array_of_html, $config = null) {
$context_array = array();
foreach ($array_of_html as $key => $html) {
$array_of_html[$key] = $this->purify($html, $config);
$context_array[$key] = $this->context;
}
$this->context = $context_array;
return $array_of_html;
}
/**
* Singleton for enforcing just one HTML Purifier in your system
* @param $prototype Optional prototype HTMLPurifier instance to
* overload singleton with, or HTMLPurifier_Config
* instance to configure the generated version with.
*/
public static function instance($prototype = null) {
if (!self::$instance || $prototype) {
if ($prototype instanceof HTMLPurifier) {
self::$instance = $prototype;
} elseif ($prototype) {
self::$instance = new HTMLPurifier($prototype);
} else {
self::$instance = new HTMLPurifier();
}
}
return self::$instance;
}
/**
* @note Backwards compatibility, see instance()
*/
public static function getInstance($prototype = null) {
return HTMLPurifier::instance($prototype);
}
}
// vim: et sw=4 sts=4

208
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php vendored
View File

@ -1,208 +0,0 @@
<?php
/**
* @file
* This file was auto-generated by generate-includes.php and includes all of
* the core files required by HTML Purifier. This is a convenience stub that
* includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
* EDIT THIS FILE, changes will be overwritten the next time the script is run.
*
* Changes to include_path are not necessary.
*/
$__dir = dirname(__FILE__);
require_once $__dir . '/HTMLPurifier.php';
require_once $__dir . '/HTMLPurifier/AttrCollections.php';
require_once $__dir . '/HTMLPurifier/AttrDef.php';
require_once $__dir . '/HTMLPurifier/AttrTransform.php';
require_once $__dir . '/HTMLPurifier/AttrTypes.php';
require_once $__dir . '/HTMLPurifier/AttrValidator.php';
require_once $__dir . '/HTMLPurifier/Bootstrap.php';
require_once $__dir . '/HTMLPurifier/Definition.php';
require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
require_once $__dir . '/HTMLPurifier/ChildDef.php';
require_once $__dir . '/HTMLPurifier/Config.php';
require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
require_once $__dir . '/HTMLPurifier/ContentSets.php';
require_once $__dir . '/HTMLPurifier/Context.php';
require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
require_once $__dir . '/HTMLPurifier/Doctype.php';
require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
require_once $__dir . '/HTMLPurifier/ElementDef.php';
require_once $__dir . '/HTMLPurifier/Encoder.php';
require_once $__dir . '/HTMLPurifier/EntityLookup.php';
require_once $__dir . '/HTMLPurifier/EntityParser.php';
require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
require_once $__dir . '/HTMLPurifier/Exception.php';
require_once $__dir . '/HTMLPurifier/Filter.php';
require_once $__dir . '/HTMLPurifier/Generator.php';
require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
require_once $__dir . '/HTMLPurifier/HTMLModule.php';
require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
require_once $__dir . '/HTMLPurifier/Injector.php';
require_once $__dir . '/HTMLPurifier/Language.php';
require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
require_once $__dir . '/HTMLPurifier/Length.php';
require_once $__dir . '/HTMLPurifier/Lexer.php';
require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
require_once $__dir . '/HTMLPurifier/PropertyList.php';
require_once $__dir . '/HTMLPurifier/PropertyListIterator.php';
require_once $__dir . '/HTMLPurifier/Strategy.php';
require_once $__dir . '/HTMLPurifier/StringHash.php';
require_once $__dir . '/HTMLPurifier/StringHashParser.php';
require_once $__dir . '/HTMLPurifier/TagTransform.php';
require_once $__dir . '/HTMLPurifier/Token.php';
require_once $__dir . '/HTMLPurifier/TokenFactory.php';
require_once $__dir . '/HTMLPurifier/URI.php';
require_once $__dir . '/HTMLPurifier/URIDefinition.php';
require_once $__dir . '/HTMLPurifier/URIFilter.php';
require_once $__dir . '/HTMLPurifier/URIParser.php';
require_once $__dir . '/HTMLPurifier/URIScheme.php';
require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
require_once $__dir . '/HTMLPurifier/UnitConverter.php';
require_once $__dir . '/HTMLPurifier/VarParser.php';
require_once $__dir . '/HTMLPurifier/VarParserException.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/NameSync.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Nofollow.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Nofollow.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
require_once $__dir . '/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
require_once $__dir . '/HTMLPurifier/Token/Comment.php';
require_once $__dir . '/HTMLPurifier/Token/Tag.php';
require_once $__dir . '/HTMLPurifier/Token/Empty.php';
require_once $__dir . '/HTMLPurifier/Token/End.php';
require_once $__dir . '/HTMLPurifier/Token/Start.php';
require_once $__dir . '/HTMLPurifier/Token/Text.php';
require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
require_once $__dir . '/HTMLPurifier/URIFilter/DisableResources.php';
require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
require_once $__dir . '/HTMLPurifier/URIScheme/data.php';
require_once $__dir . '/HTMLPurifier/URIScheme/file.php';
require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
require_once $__dir . '/HTMLPurifier/VarParser/Native.php';

128
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php vendored
View File

@ -1,128 +0,0 @@
<?php
/**
* Defines common attribute collections that modules reference
*/
class HTMLPurifier_AttrCollections
{
/**
* Associative array of attribute collections, indexed by name
*/
public $info = array();
/**
* Performs all expansions on internal data for use by other inclusions
* It also collects all attribute collection extensions from
* modules
* @param $attr_types HTMLPurifier_AttrTypes instance
* @param $modules Hash array of HTMLPurifier_HTMLModule members
*/
public function __construct($attr_types, $modules) {
// load extensions from the modules
foreach ($modules as $module) {
foreach ($module->attr_collections as $coll_i => $coll) {
if (!isset($this->info[$coll_i])) {
$this->info[$coll_i] = array();
}
foreach ($coll as $attr_i => $attr) {
if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {
// merge in includes
$this->info[$coll_i][$attr_i] = array_merge(
$this->info[$coll_i][$attr_i], $attr);
continue;
}
$this->info[$coll_i][$attr_i] = $attr;
}
}
}
// perform internal expansions and inclusions
foreach ($this->info as $name => $attr) {
// merge attribute collections that include others
$this->performInclusions($this->info[$name]);
// replace string identifiers with actual attribute objects
$this->expandIdentifiers($this->info[$name], $attr_types);
}
}
/**
* Takes a reference to an attribute associative array and performs
* all inclusions specified by the zero index.
* @param &$attr Reference to attribute array
*/
public function performInclusions(&$attr) {
if (!isset($attr[0])) return;
$merge = $attr[0];
$seen = array(); // recursion guard
// loop through all the inclusions
for ($i = 0; isset($merge[$i]); $i++) {
if (isset($seen[$merge[$i]])) continue;
$seen[$merge[$i]] = true;
// foreach attribute of the inclusion, copy it over
if (!isset($this->info[$merge[$i]])) continue;
foreach ($this->info[$merge[$i]] as $key => $value) {
if (isset($attr[$key])) continue; // also catches more inclusions
$attr[$key] = $value;
}
if (isset($this->info[$merge[$i]][0])) {
// recursion
$merge = array_merge($merge, $this->info[$merge[$i]][0]);
}
}
unset($attr[0]);
}
/**
* Expands all string identifiers in an attribute array by replacing
* them with the appropriate values inside HTMLPurifier_AttrTypes
* @param &$attr Reference to attribute array
* @param $attr_types HTMLPurifier_AttrTypes instance
*/
public function expandIdentifiers(&$attr, $attr_types) {
// because foreach will process new elements we add, make sure we
// skip duplicates
$processed = array();
foreach ($attr as $def_i => $def) {
// skip inclusions
if ($def_i === 0) continue;
if (isset($processed[$def_i])) continue;
// determine whether or not attribute is required
if ($required = (strpos($def_i, '*') !== false)) {
// rename the definition
unset($attr[$def_i]);
$def_i = trim($def_i, '*');
$attr[$def_i] = $def;
}
$processed[$def_i] = true;
// if we've already got a literal object, move on
if (is_object($def)) {
// preserve previous required
$attr[$def_i]->required = ($required || $attr[$def_i]->required);
continue;
}
if ($def === false) {
unset($attr[$def_i]);
continue;
}
if ($t = $attr_types->get($def)) {
$attr[$def_i] = $t;
$attr[$def_i]->required = $required;
} else {
unset($attr[$def_i]);
}
}
}
}
// vim: et sw=4 sts=4

123
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef.php vendored
View File

@ -1,123 +0,0 @@
<?php
/**
* Base class for all validating attribute definitions.
*
* This family of classes forms the core for not only HTML attribute validation,
* but also any sort of string that needs to be validated or cleaned (which
* means CSS properties and composite definitions are defined here too).
* Besides defining (through code) what precisely makes the string valid,
* subclasses are also responsible for cleaning the code if possible.
*/
abstract class HTMLPurifier_AttrDef
{
/**
* Tells us whether or not an HTML attribute is minimized. Has no
* meaning in other contexts.
*/
public $minimized = false;
/**
* Tells us whether or not an HTML attribute is required. Has no
* meaning in other contexts
*/
public $required = false;
/**
* Validates and cleans passed string according to a definition.
*
* @param $string String to be validated and cleaned.
* @param $config Mandatory HTMLPurifier_Config object.
* @param $context Mandatory HTMLPurifier_AttrContext object.
*/
abstract public function validate($string, $config, $context);
/**
* Convenience method that parses a string as if it were CDATA.
*
* This method process a string in the manner specified at
* <http://www.w3.org/TR/html4/types.html#h-6.2> by removing
* leading and trailing whitespace, ignoring line feeds, and replacing
* carriage returns and tabs with spaces. While most useful for HTML
* attributes specified as CDATA, it can also be applied to most CSS
* values.
*
* @note This method is not entirely standards compliant, as trim() removes
* more types of whitespace than specified in the spec. In practice,
* this is rarely a problem, as those extra characters usually have
* already been removed by HTMLPurifier_Encoder.
*
* @warning This processing is inconsistent with XML's whitespace handling
* as specified by section 3.3.3 and referenced XHTML 1.0 section
* 4.7. However, note that we are NOT necessarily
* parsing XML, thus, this behavior may still be correct. We
* assume that newlines have been normalized.
*/
public function parseCDATA($string) {
$string = trim($string);
$string = str_replace(array("\n", "\t", "\r"), ' ', $string);
return $string;
}
/**
* Factory method for creating this class from a string.
* @param $string String construction info
* @return Created AttrDef object corresponding to $string
*/
public function make($string) {
// default implementation, return a flyweight of this object.
// If $string has an effect on the returned object (i.e. you
// need to overload this method), it is best
// to clone or instantiate new copies. (Instantiation is safer.)
return $this;
}
/**
* Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work
* properly. THIS IS A HACK!
*/
protected function mungeRgb($string) {
return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
}
/**
* Parses a possibly escaped CSS string and returns the "pure"
* version of it.
*/
protected function expandCSSEscape($string) {
// flexibly parse it
$ret = '';
for ($i = 0, $c = strlen($string); $i < $c; $i++) {
if ($string[$i] === '\\') {
$i++;
if ($i >= $c) {
$ret .= '\\';
break;
}
if (ctype_xdigit($string[$i])) {
$code = $string[$i];
for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
if (!ctype_xdigit($string[$i])) break;
$code .= $string[$i];
}
// We have to be extremely careful when adding
// new characters, to make sure we're not breaking
// the encoding.
$char = HTMLPurifier_Encoder::unichr(hexdec($code));
if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue;
$ret .= $char;
if ($i < $c && trim($string[$i]) !== '') $i--;
continue;
}
if ($string[$i] === "\n") continue;
}
$ret .= $string[$i];
}
return $ret;
}
}
// vim: et sw=4 sts=4

87
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS.php vendored
View File

@ -1,87 +0,0 @@
<?php
/**
* Validates the HTML attribute style, otherwise known as CSS.
* @note We don't implement the whole CSS specification, so it might be
* difficult to reuse this component in the context of validating
* actual stylesheet declarations.
* @note If we were really serious about validating the CSS, we would
* tokenize the styles and then parse the tokens. Obviously, we
* are not doing that. Doing that could seriously harm performance,
* but would make these components a lot more viable for a CSS
* filtering solution.
*/
class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
{
public function validate($css, $config, $context) {
$css = $this->parseCDATA($css);
$definition = $config->getCSSDefinition();
// we're going to break the spec and explode by semicolons.
// This is because semicolon rarely appears in escaped form
// Doing this is generally flaky but fast
// IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
// for details
$declarations = explode(';', $css);
$propvalues = array();
/**
* Name of the current CSS property being validated.
*/
$property = false;
$context->register('CurrentCSSProperty', $property);
foreach ($declarations as $declaration) {
if (!$declaration) continue;
if (!strpos($declaration, ':')) continue;
list($property, $value) = explode(':', $declaration, 2);
$property = trim($property);
$value = trim($value);
$ok = false;
do {
if (isset($definition->info[$property])) {
$ok = true;
break;
}
if (ctype_lower($property)) break;
$property = strtolower($property);
if (isset($definition->info[$property])) {
$ok = true;
break;
}
} while(0);
if (!$ok) continue;
// inefficient call, since the validator will do this again
if (strtolower(trim($value)) !== 'inherit') {
// inherit works for everything (but only on the base property)
$result = $definition->info[$property]->validate(
$value, $config, $context );
} else {
$result = 'inherit';
}
if ($result === false) continue;
$propvalues[$property] = $result;
}
$context->destroy('CurrentCSSProperty');
// procedure does not write the new CSS simultaneously, so it's
// slightly inefficient, but it's the only way of getting rid of
// duplicates. Perhaps config to optimize it, but not now.
$new_declarations = '';
foreach ($propvalues as $prop => $value) {
$new_declarations .= "$prop:$value;";
}
return $new_declarations ? $new_declarations : false;
}
}
// vim: et sw=4 sts=4

21
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/AlphaValue.php vendored
View File

@ -1,21 +0,0 @@
<?php
class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number
{
public function __construct() {
parent::__construct(false); // opacity is non-negative, but we will clamp it
}
public function validate($number, $config, $context) {
$result = parent::validate($number, $config, $context);
if ($result === false) return $result;
$float = (float) $result;
if ($float < 0.0) $result = '0';
if ($float > 1.0) $result = '1';
return $result;
}
}
// vim: et sw=4 sts=4

87
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php vendored
View File

@ -1,87 +0,0 @@
<?php
/**
* Validates shorthand CSS property background.
* @warning Does not support url tokens that have internal spaces.
*/
class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
{
/**
* Local copy of component validators.
* @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
*/
protected $info;
public function __construct($config) {
$def = $config->getCSSDefinition();
$this->info['background-color'] = $def->info['background-color'];
$this->info['background-image'] = $def->info['background-image'];
$this->info['background-repeat'] = $def->info['background-repeat'];
$this->info['background-attachment'] = $def->info['background-attachment'];
$this->info['background-position'] = $def->info['background-position'];
}
public function validate($string, $config, $context) {
// regular pre-processing
$string = $this->parseCDATA($string);
if ($string === '') return false;
// munge rgb() decl if necessary
$string = $this->mungeRgb($string);
// assumes URI doesn't have spaces in it
$bits = explode(' ', strtolower($string)); // bits to process
$caught = array();
$caught['color'] = false;
$caught['image'] = false;
$caught['repeat'] = false;
$caught['attachment'] = false;
$caught['position'] = false;
$i = 0; // number of catches
$none = false;
foreach ($bits as $bit) {
if ($bit === '') continue;
foreach ($caught as $key => $status) {
if ($key != 'position') {
if ($status !== false) continue;
$r = $this->info['background-' . $key]->validate($bit, $config, $context);
} else {
$r = $bit;
}
if ($r === false) continue;
if ($key == 'position') {
if ($caught[$key] === false) $caught[$key] = '';
$caught[$key] .= $r . ' ';
} else {
$caught[$key] = $r;
}
$i++;
break;
}
}
if (!$i) return false;
if ($caught['position'] !== false) {
$caught['position'] = $this->info['background-position']->
validate($caught['position'], $config, $context);
}
$ret = array();
foreach ($caught as $value) {
if ($value === false) continue;
$ret[] = $value;
}
if (empty($ret)) return false;
return implode(' ', $ret);
}
}
// vim: et sw=4 sts=4

133
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php vendored
View File

@ -1,133 +0,0 @@
<?php
/* W3C says:
[ // adjective and number must be in correct order, even if
// you could switch them without introducing ambiguity.
// some browsers support that syntax
[
<percentage> | <length> | left | center | right
]
[
<percentage> | <length> | top | center | bottom
]?
] |
[ // this signifies that the vertical and horizontal adjectives
// can be arbitrarily ordered, however, there can only be two,
// one of each, or none at all
[
left | center | right
] ||
[
top | center | bottom
]
]
top, left = 0%
center, (none) = 50%
bottom, right = 100%
*/
/* QuirksMode says:
keyword + length/percentage must be ordered correctly, as per W3C
Internet Explorer and Opera, however, support arbitrary ordering. We
should fix it up.
Minor issue though, not strictly necessary.
*/
// control freaks may appreciate the ability to convert these to
// percentages or something, but it's not necessary
/**
* Validates the value of background-position.
*/
class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
{
protected $length;
protected $percentage;
public function __construct() {
$this->length = new HTMLPurifier_AttrDef_CSS_Length();
$this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
$bits = explode(' ', $string);
$keywords = array();
$keywords['h'] = false; // left, right
$keywords['v'] = false; // top, bottom
$keywords['ch'] = false; // center (first word)
$keywords['cv'] = false; // center (second word)
$measures = array();
$i = 0;
$lookup = array(
'top' => 'v',
'bottom' => 'v',
'left' => 'h',
'right' => 'h',
'center' => 'c'
);
foreach ($bits as $bit) {
if ($bit === '') continue;
// test for keyword
$lbit = ctype_lower($bit) ? $bit : strtolower($bit);
if (isset($lookup[$lbit])) {
$status = $lookup[$lbit];
if ($status == 'c') {
if ($i == 0) {
$status = 'ch';
} else {
$status = 'cv';
}
}
$keywords[$status] = $lbit;
$i++;
}
// test for length
$r = $this->length->validate($bit, $config, $context);
if ($r !== false) {
$measures[] = $r;
$i++;
}
// test for percentage
$r = $this->percentage->validate($bit, $config, $context);
if ($r !== false) {
$measures[] = $r;
$i++;
}
}
if (!$i) return false; // no valid values were caught
$ret = array();
// first keyword
if ($keywords['h']) $ret[] = $keywords['h'];
elseif ($keywords['ch']) {
$ret[] = $keywords['ch'];
$keywords['cv'] = false; // prevent re-use: center = center center
}
elseif (count($measures)) $ret[] = array_shift($measures);
if ($keywords['v']) $ret[] = $keywords['v'];
elseif ($keywords['cv']) $ret[] = $keywords['cv'];
elseif (count($measures)) $ret[] = array_shift($measures);
if (empty($ret)) return false;
return implode(' ', $ret);
}
}
// vim: et sw=4 sts=4

43
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php vendored
View File

@ -1,43 +0,0 @@
<?php
/**
* Validates the border property as defined by CSS.
*/
class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
{
/**
* Local copy of properties this property is shorthand for.
*/
protected $info = array();
public function __construct($config) {
$def = $config->getCSSDefinition();
$this->info['border-width'] = $def->info['border-width'];
$this->info['border-style'] = $def->info['border-style'];
$this->info['border-top-color'] = $def->info['border-top-color'];
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
$string = $this->mungeRgb($string);
$bits = explode(' ', $string);
$done = array(); // segments we've finished
$ret = ''; // return value
foreach ($bits as $bit) {
foreach ($this->info as $propname => $validator) {
if (isset($done[$propname])) continue;
$r = $validator->validate($bit, $config, $context);
if ($r !== false) {
$ret .= $r . ' ';
$done[$propname] = true;
break;
}
}
}
return rtrim($ret);
}
}
// vim: et sw=4 sts=4

78
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php vendored
View File

@ -1,78 +0,0 @@
<?php
/**
* Validates Color as defined by CSS.
*/
class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
{
public function validate($color, $config, $context) {
static $colors = null;
if ($colors === null) $colors = $config->get('Core.ColorKeywords');
$color = trim($color);
if ($color === '') return false;
$lower = strtolower($color);
if (isset($colors[$lower])) return $colors[$lower];
if (strpos($color, 'rgb(') !== false) {
// rgb literal handling
$length = strlen($color);
if (strpos($color, ')') !== $length - 1) return false;
$triad = substr($color, 4, $length - 4 - 1);
$parts = explode(',', $triad);
if (count($parts) !== 3) return false;
$type = false; // to ensure that they're all the same type
$new_parts = array();
foreach ($parts as $part) {
$part = trim($part);
if ($part === '') return false;
$length = strlen($part);
if ($part[$length - 1] === '%') {
// handle percents
if (!$type) {
$type = 'percentage';
} elseif ($type !== 'percentage') {
return false;
}
$num = (float) substr($part, 0, $length - 1);
if ($num < 0) $num = 0;
if ($num > 100) $num = 100;
$new_parts[] = "$num%";
} else {
// handle integers
if (!$type) {
$type = 'integer';
} elseif ($type !== 'integer') {
return false;
}
$num = (int) $part;
if ($num < 0) $num = 0;
if ($num > 255) $num = 255;
$new_parts[] = (string) $num;
}
}
$new_triad = implode(',', $new_parts);
$color = "rgb($new_triad)";
} else {
// hexadecimal handling
if ($color[0] === '#') {
$hex = substr($color, 1);
} else {
$hex = $color;
$color = '#' . $color;
}
$length = strlen($hex);
if ($length !== 3 && $length !== 6) return false;
if (!ctype_xdigit($hex)) return false;
}
return $color;
}
}
// vim: et sw=4 sts=4

38
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php vendored
View File

@ -1,38 +0,0 @@
<?php
/**
* Allows multiple validators to attempt to validate attribute.
*
* Composite is just what it sounds like: a composite of many validators.
* This means that multiple HTMLPurifier_AttrDef objects will have a whack
* at the string. If one of them passes, that's what is returned. This is
* especially useful for CSS values, which often are a choice between
* an enumerated set of predefined values or a flexible data type.
*/
class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef
{
/**
* List of HTMLPurifier_AttrDef objects that may process strings
* @todo Make protected
*/
public $defs;
/**
* @param $defs List of HTMLPurifier_AttrDef objects
*/
public function __construct($defs) {
$this->defs = $defs;
}
public function validate($string, $config, $context) {
foreach ($this->defs as $i => $def) {
$result = $this->defs[$i]->validate($string, $config, $context);
if ($result !== false) return $result;
}
return false;
}
}
// vim: et sw=4 sts=4

28
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php vendored
View File

@ -1,28 +0,0 @@
<?php
/**
* Decorator which enables CSS properties to be disabled for specific elements.
*/
class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
{
public $def, $element;
/**
* @param $def Definition to wrap
* @param $element Element to deny
*/
public function __construct($def, $element) {
$this->def = $def;
$this->element = $element;
}
/**
* Checks if CurrentToken is set and equal to $this->element
*/
public function validate($string, $config, $context) {
$token = $context->get('CurrentToken', true);
if ($token && $token->name == $this->element) return false;
return $this->def->validate($string, $config, $context);
}
}
// vim: et sw=4 sts=4

54
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php vendored
View File

@ -1,54 +0,0 @@
<?php
/**
* Microsoft's proprietary filter: CSS property
* @note Currently supports the alpha filter. In the future, this will
* probably need an extensible framework
*/
class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
{
protected $intValidator;
public function __construct() {
$this->intValidator = new HTMLPurifier_AttrDef_Integer();
}
public function validate($value, $config, $context) {
$value = $this->parseCDATA($value);
if ($value === 'none') return $value;
// if we looped this we could support multiple filters
$function_length = strcspn($value, '(');
$function = trim(substr($value, 0, $function_length));
if ($function !== 'alpha' &&
$function !== 'Alpha' &&
$function !== 'progid:DXImageTransform.Microsoft.Alpha'
) return false;
$cursor = $function_length + 1;
$parameters_length = strcspn($value, ')', $cursor);
$parameters = substr($value, $cursor, $parameters_length);
$params = explode(',', $parameters);
$ret_params = array();
$lookup = array();
foreach ($params as $param) {
list($key, $value) = explode('=', $param);
$key = trim($key);
$value = trim($value);
if (isset($lookup[$key])) continue;
if ($key !== 'opacity') continue;
$value = $this->intValidator->validate($value, $config, $context);
if ($value === false) continue;
$int = (int) $value;
if ($int > 100) $value = '100';
if ($int < 0) $value = '0';
$ret_params[] = "$key=$value";
$lookup[$key] = true;
}
$ret_parameters = implode(',', $ret_params);
$ret_function = "$function($ret_parameters)";
return $ret_function;
}
}
// vim: et sw=4 sts=4

149
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php vendored
View File

@ -1,149 +0,0 @@
<?php
/**
* Validates shorthand CSS property font.
*/
class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
{
/**
* Local copy of component validators.
*
* @note If we moved specific CSS property definitions to their own
* classes instead of having them be assembled at run time by
* CSSDefinition, this wouldn't be necessary. We'd instantiate
* our own copies.
*/
protected $info = array();
public function __construct($config) {
$def = $config->getCSSDefinition();
$this->info['font-style'] = $def->info['font-style'];
$this->info['font-variant'] = $def->info['font-variant'];
$this->info['font-weight'] = $def->info['font-weight'];
$this->info['font-size'] = $def->info['font-size'];
$this->info['line-height'] = $def->info['line-height'];
$this->info['font-family'] = $def->info['font-family'];
}
public function validate($string, $config, $context) {
static $system_fonts = array(
'caption' => true,
'icon' => true,
'menu' => true,
'message-box' => true,
'small-caption' => true,
'status-bar' => true
);
// regular pre-processing
$string = $this->parseCDATA($string);
if ($string === '') return false;
// check if it's one of the keywords
$lowercase_string = strtolower($string);
if (isset($system_fonts[$lowercase_string])) {
return $lowercase_string;
}
$bits = explode(' ', $string); // bits to process
$stage = 0; // this indicates what we're looking for
$caught = array(); // which stage 0 properties have we caught?
$stage_1 = array('font-style', 'font-variant', 'font-weight');
$final = ''; // output
for ($i = 0, $size = count($bits); $i < $size; $i++) {
if ($bits[$i] === '') continue;
switch ($stage) {
// attempting to catch font-style, font-variant or font-weight
case 0:
foreach ($stage_1 as $validator_name) {
if (isset($caught[$validator_name])) continue;
$r = $this->info[$validator_name]->validate(
$bits[$i], $config, $context);
if ($r !== false) {
$final .= $r . ' ';
$caught[$validator_name] = true;
break;
}
}
// all three caught, continue on
if (count($caught) >= 3) $stage = 1;
if ($r !== false) break;
// attempting to catch font-size and perhaps line-height
case 1:
$found_slash = false;
if (strpos($bits[$i], '/') !== false) {
list($font_size, $line_height) =
explode('/', $bits[$i]);
if ($line_height === '') {
// ooh, there's a space after the slash!
$line_height = false;
$found_slash = true;
}
} else {
$font_size = $bits[$i];
$line_height = false;
}
$r = $this->info['font-size']->validate(
$font_size, $config, $context);
if ($r !== false) {
$final .= $r;
// attempt to catch line-height
if ($line_height === false) {
// we need to scroll forward
for ($j = $i + 1; $j < $size; $j++) {
if ($bits[$j] === '') continue;
if ($bits[$j] === '/') {
if ($found_slash) {
return false;
} else {
$found_slash = true;
continue;
}
}
$line_height = $bits[$j];
break;
}
} else {
// slash already found
$found_slash = true;
$j = $i;
}
if ($found_slash) {
$i = $j;
$r = $this->info['line-height']->validate(
$line_height, $config, $context);
if ($r !== false) {
$final .= '/' . $r;
}
}
$final .= ' ';
$stage = 2;
break;
}
return false;
// attempting to catch font-family
case 2:
$font_family =
implode(' ', array_slice($bits, $i, $size - $i));
$r = $this->info['font-family']->validate(
$font_family, $config, $context);
if ($r !== false) {
$final .= $r . ' ';
// processing completed successfully
return rtrim($final);
}
return false;
}
}
return false;
}
}
// vim: et sw=4 sts=4

197
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php vendored
View File

@ -1,197 +0,0 @@
<?php
/**
* Validates a font family list according to CSS spec
*/
class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
{
protected $mask = null;
public function __construct() {
$this->mask = '- ';
for ($c = 'a'; $c <= 'z'; $c++) $this->mask .= $c;
for ($c = 'A'; $c <= 'Z'; $c++) $this->mask .= $c;
for ($c = '0'; $c <= '9'; $c++) $this->mask .= $c; // cast-y, but should be fine
// special bytes used by UTF-8
for ($i = 0x80; $i <= 0xFF; $i++) {
// We don't bother excluding invalid bytes in this range,
// because the our restriction of well-formed UTF-8 will
// prevent these from ever occurring.
$this->mask .= chr($i);
}
/*
PHP's internal strcspn implementation is
O(length of string * length of mask), making it inefficient
for large masks. However, it's still faster than
preg_match 8)
for (p = s1;;) {
spanp = s2;
do {
if (*spanp == c || p == s1_end) {
return p - s1;
}
} while (spanp++ < (s2_end - 1));
c = *++p;
}
*/
// possible optimization: invert the mask.
}
public function validate($string, $config, $context) {
static $generic_names = array(
'serif' => true,
'sans-serif' => true,
'monospace' => true,
'fantasy' => true,
'cursive' => true
);
$allowed_fonts = $config->get('CSS.AllowedFonts');
// assume that no font names contain commas in them
$fonts = explode(',', $string);
$final = '';
foreach($fonts as $font) {
$font = trim($font);
if ($font === '') continue;
// match a generic name
if (isset($generic_names[$font])) {
if ($allowed_fonts === null || isset($allowed_fonts[$font])) {
$final .= $font . ', ';
}
continue;
}
// match a quoted name
if ($font[0] === '"' || $font[0] === "'") {
$length = strlen($font);
if ($length <= 2) continue;
$quote = $font[0];
if ($font[$length - 1] !== $quote) continue;
$font = substr($font, 1, $length - 2);
}
$font = $this->expandCSSEscape($font);
// $font is a pure representation of the font name
if ($allowed_fonts !== null && !isset($allowed_fonts[$font])) {
continue;
}
if (ctype_alnum($font) && $font !== '') {
// very simple font, allow it in unharmed
$final .= $font . ', ';
continue;
}
// bugger out on whitespace. form feed (0C) really
// shouldn't show up regardless
$font = str_replace(array("\n", "\t", "\r", "\x0C"), ' ', $font);
// Here, there are various classes of characters which need
// to be treated differently:
// - Alphanumeric characters are essentially safe. We
// handled these above.
// - Spaces require quoting, though most parsers will do
// the right thing if there aren't any characters that
// can be misinterpreted
// - Dashes rarely occur, but they fairly unproblematic
// for parsing/rendering purposes.
// The above characters cover the majority of Western font
// names.
// - Arbitrary Unicode characters not in ASCII. Because
// most parsers give little thought to Unicode, treatment
// of these codepoints is basically uniform, even for
// punctuation-like codepoints. These characters can
// show up in non-Western pages and are supported by most
// major browsers, for example: " 明朝" is a
// legitimate font-name
// <http://ja.wikipedia.org/wiki/MS_明朝>. See
// the CSS3 spec for more examples:
// <http://www.w3.org/TR/2011/WD-css3-fonts-20110324/localizedfamilynames.png>
// You can see live samples of these on the Internet:
// <http://www.google.co.jp/search?q=font-family++明朝|ゴシック>
// However, most of these fonts have ASCII equivalents:
// for example, 'MS Mincho', and it's considered
// professional to use ASCII font names instead of
// Unicode font names. Thanks Takeshi Terada for
// providing this information.
// The following characters, to my knowledge, have not been
// used to name font names.
// - Single quote. While theoretically you might find a
// font name that has a single quote in its name (serving
// as an apostrophe, e.g. Dave's Scribble), I haven't
// been able to find any actual examples of this.
// Internet Explorer's cssText translation (which I
// believe is invoked by innerHTML) normalizes any
// quoting to single quotes, and fails to escape single
// quotes. (Note that this is not IE's behavior for all
// CSS properties, just some sort of special casing for
// font-family). So a single quote *cannot* be used
// safely in the font-family context if there will be an
// innerHTML/cssText translation. Note that Firefox 3.x
// does this too.
// - Double quote. In IE, these get normalized to
// single-quotes, no matter what the encoding. (Fun
// fact, in IE8, the 'content' CSS property gained
// support, where they special cased to preserve encoded
// double quotes, but still translate unadorned double
// quotes into single quotes.) So, because their
// fixpoint behavior is identical to single quotes, they
// cannot be allowed either. Firefox 3.x displays
// single-quote style behavior.
// - Backslashes are reduced by one (so \\ -> \) every
// iteration, so they cannot be used safely. This shows
// up in IE7, IE8 and FF3
// - Semicolons, commas and backticks are handled properly.
// - The rest of the ASCII punctuation is handled properly.
// We haven't checked what browsers do to unadorned
// versions, but this is not important as long as the
// browser doesn't /remove/ surrounding quotes (as IE does
// for HTML).
//
// With these results in hand, we conclude that there are
// various levels of safety:
// - Paranoid: alphanumeric, spaces and dashes(?)
// - International: Paranoid + non-ASCII Unicode
// - Edgy: Everything except quotes, backslashes
// - NoJS: Standards compliance, e.g. sod IE. Note that
// with some judicious character escaping (since certain
// types of escaping doesn't work) this is theoretically
// OK as long as innerHTML/cssText is not called.
// We believe that international is a reasonable default
// (that we will implement now), and once we do more
// extensive research, we may feel comfortable with dropping
// it down to edgy.
// Edgy: alphanumeric, spaces, dashes and Unicode. Use of
// str(c)spn assumes that the string was already well formed
// Unicode (which of course it is).
if (strspn($font, $this->mask) !== strlen($font)) {
continue;
}
// Historical:
// In the absence of innerHTML/cssText, these ugly
// transforms don't pose a security risk (as \\ and \"
// might--these escapes are not supported by most browsers).
// We could try to be clever and use single-quote wrapping
// when there is a double quote present, but I have choosen
// not to implement that. (NOTE: you can reduce the amount
// of escapes by one depending on what quoting style you use)
// $font = str_replace('\\', '\\5C ', $font);
// $font = str_replace('"', '\\22 ', $font);
// $font = str_replace("'", '\\27 ', $font);
// font possibly with spaces, requires quoting
$final .= "'$font', ";
}
$final = rtrim($final, ', ');
if ($final === '') return false;
return $final;
}
}
// vim: et sw=4 sts=4

40
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php vendored
View File

@ -1,40 +0,0 @@
<?php
/**
* Decorator which enables !important to be used in CSS values.
*/
class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef
{
public $def, $allow;
/**
* @param $def Definition to wrap
* @param $allow Whether or not to allow !important
*/
public function __construct($def, $allow = false) {
$this->def = $def;
$this->allow = $allow;
}
/**
* Intercepts and removes !important if necessary
*/
public function validate($string, $config, $context) {
// test for ! and important tokens
$string = trim($string);
$is_important = false;
// :TODO: optimization: test directly for !important and ! important
if (strlen($string) >= 9 && substr($string, -9) === 'important') {
$temp = rtrim(substr($string, 0, -9));
// use a temp, because we might want to restore important
if (strlen($temp) >= 1 && substr($temp, -1) === '!') {
$string = rtrim(substr($temp, 0, -1));
$is_important = true;
}
}
$string = $this->def->validate($string, $config, $context);
if ($this->allow && $is_important) $string .= ' !important';
return $string;
}
}
// vim: et sw=4 sts=4

47
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Length.php vendored
View File

@ -1,47 +0,0 @@
<?php
/**
* Represents a Length as defined by CSS.
*/
class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
{
protected $min, $max;
/**
* @param HTMLPurifier_Length $max Minimum length, or null for no bound. String is also acceptable.
* @param HTMLPurifier_Length $max Maximum length, or null for no bound. String is also acceptable.
*/
public function __construct($min = null, $max = null) {
$this->min = $min !== null ? HTMLPurifier_Length::make($min) : null;
$this->max = $max !== null ? HTMLPurifier_Length::make($max) : null;
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
// Optimizations
if ($string === '') return false;
if ($string === '0') return '0';
if (strlen($string) === 1) return false;
$length = HTMLPurifier_Length::make($string);
if (!$length->isValid()) return false;
if ($this->min) {
$c = $length->compareTo($this->min);
if ($c === false) return false;
if ($c < 0) return false;
}
if ($this->max) {
$c = $length->compareTo($this->max);
if ($c === false) return false;
if ($c > 0) return false;
}
return $length->toString();
}
}
// vim: et sw=4 sts=4

78
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php vendored
View File

@ -1,78 +0,0 @@
<?php
/**
* Validates shorthand CSS property list-style.
* @warning Does not support url tokens that have internal spaces.
*/
class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef
{
/**
* Local copy of component validators.
* @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
*/
protected $info;
public function __construct($config) {
$def = $config->getCSSDefinition();
$this->info['list-style-type'] = $def->info['list-style-type'];
$this->info['list-style-position'] = $def->info['list-style-position'];
$this->info['list-style-image'] = $def->info['list-style-image'];
}
public function validate($string, $config, $context) {
// regular pre-processing
$string = $this->parseCDATA($string);
if ($string === '') return false;
// assumes URI doesn't have spaces in it
$bits = explode(' ', strtolower($string)); // bits to process
$caught = array();
$caught['type'] = false;
$caught['position'] = false;
$caught['image'] = false;
$i = 0; // number of catches
$none = false;
foreach ($bits as $bit) {
if ($i >= 3) return; // optimization bit
if ($bit === '') continue;
foreach ($caught as $key => $status) {
if ($status !== false) continue;
$r = $this->info['list-style-' . $key]->validate($bit, $config, $context);
if ($r === false) continue;
if ($r === 'none') {
if ($none) continue;
else $none = true;
if ($key == 'image') continue;
}
$caught[$key] = $r;
$i++;
break;
}
}
if (!$i) return false;
$ret = array();
// construct type
if ($caught['type']) $ret[] = $caught['type'];
// construct image
if ($caught['image']) $ret[] = $caught['image'];
// construct position
if ($caught['position']) $ret[] = $caught['position'];
if (empty($ret)) return false;
return implode(' ', $ret);
}
}
// vim: et sw=4 sts=4

58
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php vendored
View File

@ -1,58 +0,0 @@
<?php
/**
* Framework class for strings that involve multiple values.
*
* Certain CSS properties such as border-width and margin allow multiple
* lengths to be specified. This class can take a vanilla border-width
* definition and multiply it, usually into a max of four.
*
* @note Even though the CSS specification isn't clear about it, inherit
* can only be used alone: it will never manifest as part of a multi
* shorthand declaration. Thus, this class does not allow inherit.
*/
class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef
{
/**
* Instance of component definition to defer validation to.
* @todo Make protected
*/
public $single;
/**
* Max number of values allowed.
* @todo Make protected
*/
public $max;
/**
* @param $single HTMLPurifier_AttrDef to multiply
* @param $max Max number of values allowed (usually four)
*/
public function __construct($single, $max = 4) {
$this->single = $single;
$this->max = $max;
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
if ($string === '') return false;
$parts = explode(' ', $string); // parseCDATA replaced \r, \t and \n
$length = count($parts);
$final = '';
for ($i = 0, $num = 0; $i < $length && $num < $this->max; $i++) {
if (ctype_space($parts[$i])) continue;
$result = $this->single->validate($parts[$i], $config, $context);
if ($result !== false) {
$final .= $result . ' ';
$num++;
}
}
if ($final === '') return false;
return rtrim($final);
}
}
// vim: et sw=4 sts=4

69
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Number.php vendored
View File

@ -1,69 +0,0 @@
<?php
/**
* Validates a number as defined by the CSS spec.
*/
class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
{
/**
* Bool indicating whether or not only positive values allowed.
*/
protected $non_negative = false;
/**
* @param $non_negative Bool indicating whether negatives are forbidden
*/
public function __construct($non_negative = false) {
$this->non_negative = $non_negative;
}
/**
* @warning Some contexts do not pass $config, $context. These
* variables should not be used without checking HTMLPurifier_Length
*/
public function validate($number, $config, $context) {
$number = $this->parseCDATA($number);
if ($number === '') return false;
if ($number === '0') return '0';
$sign = '';
switch ($number[0]) {
case '-':
if ($this->non_negative) return false;
$sign = '-';
case '+':
$number = substr($number, 1);
}
if (ctype_digit($number)) {
$number = ltrim($number, '0');
return $number ? $sign . $number : '0';
}
// Period is the only non-numeric character allowed
if (strpos($number, '.') === false) return false;
list($left, $right) = explode('.', $number, 2);
if ($left === '' && $right === '') return false;
if ($left !== '' && !ctype_digit($left)) return false;
$left = ltrim($left, '0');
$right = rtrim($right, '0');
if ($right === '') {
return $left ? $sign . $left : '0';
} elseif (!ctype_digit($right)) {
return false;
}
return $sign . $left . '.' . $right;
}
}
// vim: et sw=4 sts=4

40
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Percentage.php vendored
View File

@ -1,40 +0,0 @@
<?php
/**
* Validates a Percentage as defined by the CSS spec.
*/
class HTMLPurifier_AttrDef_CSS_Percentage extends HTMLPurifier_AttrDef
{
/**
* Instance of HTMLPurifier_AttrDef_CSS_Number to defer number validation
*/
protected $number_def;
/**
* @param Bool indicating whether to forbid negative values
*/
public function __construct($non_negative = false) {
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
if ($string === '') return false;
$length = strlen($string);
if ($length === 1) return false;
if ($string[$length - 1] !== '%') return false;
$number = substr($string, 0, $length - 1);
$number = $this->number_def->validate($number, $config, $context);
if ($number === false) return false;
return "$number%";
}
}
// vim: et sw=4 sts=4

38
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php vendored
View File

@ -1,38 +0,0 @@
<?php
/**
* Validates the value for the CSS property text-decoration
* @note This class could be generalized into a version that acts sort of
* like Enum except you can compound the allowed values.
*/
class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
{
public function validate($string, $config, $context) {
static $allowed_values = array(
'line-through' => true,
'overline' => true,
'underline' => true,
);
$string = strtolower($this->parseCDATA($string));
if ($string === 'none') return $string;
$parts = explode(' ', $string);
$final = '';
foreach ($parts as $part) {
if (isset($allowed_values[$part])) {
$final .= $part . ' ';
}
}
$final = rtrim($final);
if ($final === '') return false;
return $final;
}
}
// vim: et sw=4 sts=4

61
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php vendored
View File

@ -1,61 +0,0 @@
<?php
/**
* Validates a URI in CSS syntax, which uses url('http://example.com')
* @note While theoretically speaking a URI in a CSS document could
* be non-embedded, as of CSS2 there is no such usage so we're
* generalizing it. This may need to be changed in the future.
* @warning Since HTMLPurifier_AttrDef_CSS blindly uses semicolons as
* the separator, you cannot put a literal semicolon in
* in the URI. Try percent encoding it, in that case.
*/
class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
{
public function __construct() {
parent::__construct(true); // always embedded
}
public function validate($uri_string, $config, $context) {
// parse the URI out of the string and then pass it onto
// the parent object
$uri_string = $this->parseCDATA($uri_string);
if (strpos($uri_string, 'url(') !== 0) return false;
$uri_string = substr($uri_string, 4);
$new_length = strlen($uri_string) - 1;
if ($uri_string[$new_length] != ')') return false;
$uri = trim(substr($uri_string, 0, $new_length));
if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) {
$quote = $uri[0];
$new_length = strlen($uri) - 1;
if ($uri[$new_length] !== $quote) return false;
$uri = substr($uri, 1, $new_length - 1);
}
$uri = $this->expandCSSEscape($uri);
$result = parent::validate($uri, $config, $context);
if ($result === false) return false;
// extra sanity check; should have been done by URI
$result = str_replace(array('"', "\\", "\n", "\x0c", "\r"), "", $result);
// suspicious characters are ()'; we're going to percent encode
// them for safety.
$result = str_replace(array('(', ')', "'"), array('%28', '%29', '%27'), $result);
// there's an extra bug where ampersands lose their escaping on
// an innerHTML cycle, so a very unlucky query parameter could
// then change the meaning of the URL. Unfortunately, there's
// not much we can do about that...
return "url(\"$result\")";
}
}
// vim: et sw=4 sts=4

65
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Enum.php vendored
View File

@ -1,65 +0,0 @@
<?php
// Enum = Enumerated
/**
* Validates a keyword against a list of valid values.
* @warning The case-insensitive compare of this function uses PHP's
* built-in strtolower and ctype_lower functions, which may
* cause problems with international comparisons
*/
class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
{
/**
* Lookup table of valid values.
* @todo Make protected
*/
public $valid_values = array();
/**
* Bool indicating whether or not enumeration is case sensitive.
* @note In general this is always case insensitive.
*/
protected $case_sensitive = false; // values according to W3C spec
/**
* @param $valid_values List of valid values
* @param $case_sensitive Bool indicating whether or not case sensitive
*/
public function __construct(
$valid_values = array(), $case_sensitive = false
) {
$this->valid_values = array_flip($valid_values);
$this->case_sensitive = $case_sensitive;
}
public function validate($string, $config, $context) {
$string = trim($string);
if (!$this->case_sensitive) {
// we may want to do full case-insensitive libraries
$string = ctype_lower($string) ? $string : strtolower($string);
}
$result = isset($this->valid_values[$string]);
return $result ? $string : false;
}
/**
* @param $string In form of comma-delimited list of case-insensitive
* valid values. Example: "foo,bar,baz". Prepend "s:" to make
* case sensitive
*/
public function make($string) {
if (strlen($string) > 2 && $string[0] == 's' && $string[1] == ':') {
$string = substr($string, 2);
$sensitive = true;
} else {
$sensitive = false;
}
$values = explode(',', $string);
return new HTMLPurifier_AttrDef_Enum($values, $sensitive);
}
}
// vim: et sw=4 sts=4

28
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/Bool.php vendored
View File

@ -1,28 +0,0 @@
<?php
/**
* Validates a boolean attribute
*/
class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
{
protected $name;
public $minimized = true;
public function __construct($name = false) {$this->name = $name;}
public function validate($string, $config, $context) {
if (empty($string)) return false;
return $this->name;
}
/**
* @param $string Name of attribute
*/
public function make($string) {
return new HTMLPurifier_AttrDef_HTML_Bool($string);
}
}
// vim: et sw=4 sts=4

34
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/Class.php vendored
View File

@ -1,34 +0,0 @@
<?php
/**
* Implements special behavior for class attribute (normally NMTOKENS)
*/
class HTMLPurifier_AttrDef_HTML_Class extends HTMLPurifier_AttrDef_HTML_Nmtokens
{
protected function split($string, $config, $context) {
// really, this twiddle should be lazy loaded
$name = $config->getDefinition('HTML')->doctype->name;
if ($name == "XHTML 1.1" || $name == "XHTML 2.0") {
return parent::split($string, $config, $context);
} else {
return preg_split('/\s+/', $string);
}
}
protected function filter($tokens, $config, $context) {
$allowed = $config->get('Attr.AllowedClasses');
$forbidden = $config->get('Attr.ForbiddenClasses');
$ret = array();
foreach ($tokens as $token) {
if (
($allowed === null || isset($allowed[$token])) &&
!isset($forbidden[$token]) &&
// We need this O(n) check because of PHP's array
// implementation that casts -0 to 0.
!in_array($token, $ret, true)
) {
$ret[] = $token;
}
}
return $ret;
}
}

32
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/Color.php vendored
View File

@ -1,32 +0,0 @@
<?php
/**
* Validates a color according to the HTML spec.
*/
class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
{
public function validate($string, $config, $context) {
static $colors = null;
if ($colors === null) $colors = $config->get('Core.ColorKeywords');
$string = trim($string);
if (empty($string)) return false;
if (isset($colors[$string])) return $colors[$string];
if ($string[0] === '#') $hex = substr($string, 1);
else $hex = $string;
$length = strlen($hex);
if ($length !== 3 && $length !== 6) return false;
if (!ctype_xdigit($hex)) return false;
if ($length === 3) $hex = $hex[0].$hex[0].$hex[1].$hex[1].$hex[2].$hex[2];
return "#$hex";
}
}
// vim: et sw=4 sts=4

21
libraries/plugins/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/FrameTarget.php vendored
View File

@ -1,21 +0,0 @@
<?php
/**
* Special-case enum attribute definition that lazy loads allowed frame targets
*/
class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
{
public $valid_values = false; // uninitialized value
protected $case_sensitive = false;
public function __construct() {}
public function validate($string, $config, $context) {
if ($this->valid_values === false) $this->valid_values = $config->get('Attr.AllowedFrameTargets');
return parent::validate($string, $config, $context);
}
}
// vim: et sw=4 sts=4

Some files were not shown because too many files have changed in this diff Show More