Nu am mai scris nimic de mult timp, insa printre altele am facut un mic firewall, inca este incomplet insa se poate dezvolta mai mult, asa ca apelez la voi pentru dezvoltarea codului si pentru a putea acoperi cat mai multe vulnerabilitati, mai jos este codul :
<?php /** * @Package: Micul-Programator.ro firewall * @Author: Marian * @$Date: 06/08/2014 * @Contact: [email protected] * @$Rev: 1 */ class Firewall { '_ENTITIES' =--> FALSE, '_XSS' => FALSE, '_RFI' => FALSE, '_SQLI' => FALSE, ); 'XSS' => FALSE, 'RFI' => FALSE, 'SQLI' => FALSE ); private $_logs = 'logs.txt'; /** * Constructorul clasei seteaza protectia si detectia vulnerabilitatilor * @param array $protection -> lista de vulnerabilitati pentru care clasa ofera protectie * @param array $detection -> lista de vulnerabilitati pentru care clasa ofera detectie * @return void */ foreach ($protection as $key => $val) { $this->_protection[$key] = $val; } } } foreach ($detection as $key => $val) { $this->_detection[$key] = $val; } } } } /** * Scrierea logorilor in cazul detectari atacurilor * @param string -> tipul de atac xss, sqli, rfi * @return void */ function write_logs($attack = "XSS") { $mesaj = "======================================================================\n"; $mesaj .= "Tip atac: ".$attack." \n"; $mesaj .= "IP : ".$_SERVER['REMOTE_ADDR']. "\n"; $mesaj .= "Request: ".$_SERVER['REQUEST_URI']."\n"; $mesaj .= "=======================================================================\n"; } /** * Fuctia pune in "functiune" mecanismul de protectie impotriva vulnerabilitatilor * @param null * @return void */ public function enableProtection() { foreach ($this->_protection as $key => $val) { if ($val === TRUE) { } } } } /** * Fuctia pune in "functiune" mecanismul de detectie a vulnerabilitatilor * @param null * @return void */ public function enableDetection() { foreach ($this->_detection as $key => $val) { if ($val === TRUE) { } } } } /** * Transforma recursiv valorile variabilelor get,post,cookie in entitati html, bineinteles doar ce poate fi transalatat * @param null * @return void */ private function _ENTITIES() { } private function _callHTMLENTITIES(&$item, $key) { } /*************************** XSS detection/protection ***************/ /** * Filtreaza recursiv valorile din get,post,cookie pentru a oferi protectie xss * @param null * @return void */ private function _XSS() { } /** * Detecteaza recursiv un atac xss, in caz de atac scrie log si opreste executarea sciptului * @param null * @return void */ private function XSS() { } private function _callXSS(&$item, $key) { } private function _detectXSS($item, $key) { $this->write_logs("XSS"); } } /****************************END XSS******************************/ /****************SQL INJECTION detection/protection**************/ /** * Protectie recurisva pe toti parametri get,post si cookie. * @param null * @return void */ private function _SQLI() { } /** * Detectie sqli recurisva pe toti parametri get,post si cookie. * @param null * @return void */ private function SQLI() { } private function _callSQLI(&$item, $key) { } private function _detectSQLI($item, $key) { "'", "\"", '*/from/*', '*all*', '+all+', ' all ', '*/insert/*', '+insert+', '+into+', '%20into%20', '*/into/*', ' into ', '*/limit/*', '+select ', ' select+', '*/select/*', '+select+', '%20select%20', ' select ', '+union+', '%20union%20', '*/union/*', ' union ', ' union+', '+union ', '*/update/*', '*/where/*', 'select @@version', 'select user()', 'select database()', 'select @@datadir;', 'select benchmark', '+load_file+', ' load_file ', '*/load_file/*', "' or 1=1--", '" or 1=1--', "' or 0=0 --", " --", "%20--", ); $this->write_logs("SQL INJECTION"); } } /*********************** END SQLI *********************************/ /*************************RFI detection/protection ****************/ /** * Protectie recurisva impotriva rfi pe toti parametri get,post si cookie. * @param null * @return void */ private function _RFI() { } /** * Detectie recurisva rfi pe toti parametri get,post si cookie. * @param null * @return void */ private function RFI() { } private function _callRFI(&$item, $key) { $item = ""; } } private function _detectRFI(&$item, $key) { $this->write_logs("RFI"); } } /************************* END RFI ********************************/ } ?>
se foloseste astfel :
<?php include_once('firewall.php'); '_ENTITIES' =--> TRUE, '_XSS' => TRUE, '_RFI' => TRUE, '_SQLI' => FALSE, ); 'XSS' => TRUE, 'RFI' => TRUE, 'SQLI' => TRUE ); $obj = new Firewall($protection,$detection); $obj->enableDetection(); $obj->enableProtection(); ?>
am urcat si pe git codul : https://github.com/miculprogramator/mpfirewall
Astept sugestii si ajutor din partea voastra pentru a dezvolta acest mini firewall