### libinjection.

{
	type => "misc",
	comment => "libinjection SQLi - with SQLi",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 9
                SecRequestBodyAccess On

		SecRule REQUEST_BODY "\@detectSQLi" "id:192372,log,deny"
	),
	match_log => {
		error => [ qr/detected SQLi using libinjection/, 1],
		debug => [ qr/detected SQLi using libinjection/, 1 ],
	},
	match_response => {
		status => qr/^403$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		#  Args
		"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
	),
},
{
	type => "misc",
	comment => "libinjection SQLi - without SQLi",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 9
                SecRequestBodyAccess On

		SecRule REQUEST_BODY "\@detectSQLi" "id:192372,log,deny"
	),
	match_log => {
		-error => [ qr/detected SQLi using libinjection/, 1],
		-debug => [ qr/detected SQLi using libinjection/, 1 ],
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		#  Args
		"some_variable=hello cruel world"
	),
},
{
	type => "misc",
	comment => "libinjection XSS - with XSS",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 9
                SecRequestBodyAccess On

		SecRule REQUEST_BODY "\@detectXSS" "id:192372,log,deny"
	),
	match_log => {
		error => [ qr/detected XSS using libinjection/, 1],
		debug => [ qr/detected XSS using libinjection/, 1 ],
	},
	match_response => {
		status => qr/^403$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		#  Args
		"some_variable=<a href=\"javascript:alert(1)\">"
	),
},
{
	type => "misc",
	comment => "libinjection XSS - without XSS",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 9
                SecRequestBodyAccess On

		SecRule REQUEST_BODY "\@detectXSS" "id:192372,log,deny"
	),
	match_log => {
		-error => [ qr/detected XSS using libinjection/, 1],
		-debug => [ qr/detected XSS using libinjection/, 1 ],
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		#  Args
		"some_variable=hello cruel world"
	),
}