mehrdadali14
April 27th, 2015, 15:10
من یک وی پی اس دارم که متاسفانه چند روز الوده به اینجکش شده چندتا سایتم هک شد که پس از حذف دوباره با فایل سالم ریستورش کردم اما هنوز این پیام رو mod-scuirty پیام زیر روی بعضی از سایتا میده
Ref: https://libinjection.client9.com/
.2:0.0.0.0.0.0.$text1:0:$1:0" style="color: rgb(55, 62, 77); font-family: helvetica, arial, 'lucida grande', sans-serif; line-height: 15.3599996566772px; white-space: pre-wrap; background-color: rgb(219, 237, 254);">#
.2:0.0.0.0.0.0.$text1:0:$3:0" style="color: rgb(55, 62, 77); font-family: helvetica, arial, 'lucida grande', sans-serif; line-height: 15.3599996566772px; white-space: pre-wrap; background-color: rgb(219, 237, 254);">SecRule ARGS|REQUEST_COOKIES|QUERY_STRING|REQUEST_FILENAME "@detectSQLi" "msg:'SQL Injection Attack Detected via LibInjection', id:981261, rev:'1', ver:'OWASP_CRS/3.0.0', maturity:'1', accuracy:'8', phase:request, block, multiMatch, t:none,t:utf8toUnicode,t:urlDecodeUni,t:removeNull s,t:removeComments, capture, logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}', tag:'OWASP_CRS/WEB_ATTACK/SQL_INJECTION', tag:'WASCTC/WASC-19', tag:'OWASP_TOP_10/A1', tag:'OWASP_AppSensor/CIE1', tag:'PCI/6.5.2', tag:'https://libinjection.client9.com/', setvar:tx.anomaly_score=+%{tx.critical_anomaly_sco re}, setvar:tx.sql_injection_score=+%{tx.critical_anoma ly_score}, setvar:'tx.msg=%{rule.msg}',setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/SQL_INJECTION-%{matched_var_name}=%{matched_var}"
Ref: https://libinjection.client9.com/
.2:0.0.0.0.0.0.$text1:0:$1:0" style="color: rgb(55, 62, 77); font-family: helvetica, arial, 'lucida grande', sans-serif; line-height: 15.3599996566772px; white-space: pre-wrap; background-color: rgb(219, 237, 254);">#
.2:0.0.0.0.0.0.$text1:0:$3:0" style="color: rgb(55, 62, 77); font-family: helvetica, arial, 'lucida grande', sans-serif; line-height: 15.3599996566772px; white-space: pre-wrap; background-color: rgb(219, 237, 254);">SecRule ARGS|REQUEST_COOKIES|QUERY_STRING|REQUEST_FILENAME "@detectSQLi" "msg:'SQL Injection Attack Detected via LibInjection', id:981261, rev:'1', ver:'OWASP_CRS/3.0.0', maturity:'1', accuracy:'8', phase:request, block, multiMatch, t:none,t:utf8toUnicode,t:urlDecodeUni,t:removeNull s,t:removeComments, capture, logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}', tag:'OWASP_CRS/WEB_ATTACK/SQL_INJECTION', tag:'WASCTC/WASC-19', tag:'OWASP_TOP_10/A1', tag:'OWASP_AppSensor/CIE1', tag:'PCI/6.5.2', tag:'https://libinjection.client9.com/', setvar:tx.anomaly_score=+%{tx.critical_anomaly_sco re}, setvar:tx.sql_injection_score=+%{tx.critical_anoma ly_score}, setvar:'tx.msg=%{rule.msg}',setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/SQL_INJECTION-%{matched_var_name}=%{matched_var}"