github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
ModSecurity/iis/ModSecurityIIS/owasp_crs/lua/osvdb.lua
Greg Wroblewski c1ba71ab16 Fixed files overwriting in installer; added OWASP CRS.
2013-02-05 16:36:29 -08:00

26 lines
659 B
Lua
Raw Blame History

#!/opt/local/bin/lua
local request_filename = m.getvar("REQUEST_FILENAME", "none")
local args = {};
args = m.getvars("ARGS_NAMES", "none")
function main ()
for line in io.lines("/usr/local/apache/conf/modsec_current/base_rules/vulnerabilities.txt") do
if line:find(request_filename) then
if string.find(line, "^%d+\,") then
for k,v in pairs(args) do
local arg_name = v["value"] .. "=";
if string.find(line, arg_name) then
m.setvar("resource.osvdb_check", "1")
m.setvar("resource.osvdb_vulnerable", "1")
m.setvar("tx.osvdb_msg", line)
return(line)
end
end
end
end
end
m.setvar("resource.osvdb_check", "1")
return nil
end
Reference in New Issue View Git Blame Copy Permalink