Skip to content

Merge #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 10 commits into from
May 8, 2014
Merged

Merge #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
dab5f4f
Merge pull request #43 from csk83/patch-1
lstrojny May 12, 2013
ef220be
trying to fix example
lstrojny Jun 26, 2013
04b8767
added apc cache sample to config.ini template
staabm Oct 16, 2013
006ad82
adjusted Storage to use less memory and trigger less cache writes
staabm Oct 16, 2013
e9665ff
Merge pull request #52 from staabm/patch-2
lstrojny Oct 31, 2013
6ec2220
Merge pull request #53 from staabm/patch-3
lstrojny Nov 6, 2013
5b83179
Fixed spelling mistakes
benpoulson Dec 20, 2013
8c39c76
Merge pull request #57 from BenPoulson/patch-1
lstrojny Jan 14, 2014
6340b0a
Fixed #58
zanbaldwin Jan 24, 2014
849e5c5
Merge pull request #59 from mynameiszanders/58-php-error-trying-to-bi…
lstrojny Jan 26, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/examples/example.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
* GNU General Public License for more details.
*/

require_once __DIR__.'/../../autoload.php';
require_once __DIR__.'/../../vendor/autoload.php';

use IDS\Init;
use IDS\Monitor;
Expand Down
4 changes: 2 additions & 2 deletions lib/IDS/Caching/DatabaseCache.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -261,11 +261,11 @@ private function write($handle, $data)
)'
);

$statement->bindParam(
$statement->bindValue(
'type',
$handle->quote($this->type)
);
$statement->bindParam('data', serialize($data));
$statement->bindValue('data', serialize($data));

if (!$statement->execute()) {
throw new \PDOException($statement->errorCode());
Expand Down
5 changes: 4 additions & 1 deletion lib/IDS/Config/Config.ini.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@

[Caching]

; caching: session|file|database|memcached|none
; caching: session|file|database|memcached|apc|none
caching = file
expiration_time = 600

Expand All @@ -53,3 +53,6 @@
;host = localhost
;port = 11211
;key_prefix = PHPIDS

; apc
;key_prefix = PHPIDS
175 changes: 106 additions & 69 deletions lib/IDS/Filter/Storage.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -225,47 +225,51 @@ public function getFilterFromXML()
/*
* Now the storage will be filled with IDS_Filter objects
*/
$data = array();
$nocache = $filters instanceof \SimpleXMLElement;
$filters = $nocache ? $filters->filter : $filters;

foreach ($filters as $filter) {
$id = $nocache ? (string) $filter->id :
$filter['id'];
$rule = $nocache ? (string) $filter->rule :
$filter['rule'];
$impact = $nocache ? (string) $filter->impact :
$filter['impact'];
$tags = $nocache ? array_values((array) $filter->tags) :
$filter['tags'];
$description = $nocache ? (string) $filter->description :
$filter['description'];

$this->addFilter(
new \IDS\Filter(
$id,
$rule,
$description,
(array) $tags[0],
(int) $impact
)
);

$data[] = array(
'id' => $id,
'rule' => $rule,
'impact' => $impact,
'tags' => $tags,
'description' => $description
);
}

/*
* If caching is enabled, the fetched data will be cached
*/
if ($this->cacheSettings) {

$this->cache->setCache($data);

if ($nocache)
{
// build filters and cache them for re-use on next run
$data = array();
$filters = $filters->filter;

foreach ($filters as $filter) {
$id = (string) $filter->id;
$rule = (string) $filter->rule;
$impact = (string) $filter->impact;
$tags = array_values((array) $filter->tags);
$description = (string) $filter->description;

$this->addFilter(
new \IDS\Filter(
$id,
$rule,
$description,
(array) $tags[0],
(int) $impact
)
);

$data[] = array(
'id' => $id,
'rule' => $rule,
'impact' => $impact,
'tags' => $tags,
'description' => $description
);
}

/*
* If caching is enabled, the fetched data will be cached
*/
if ($this->cacheSettings) {
$this->cache->setCache($data);
}

} else {

// build filters from cached content
$this->addFiltersFromArray($filters);
}

return $this;
Expand Down Expand Up @@ -313,52 +317,85 @@ public function getFilterFromJson()
/*
* Now the storage will be filled with IDS_Filter objects
*/
$data = array();
$nocache = !is_array($filters);
$filters = $nocache ? $filters->filters->filter : $filters;

foreach ($filters as $filter) {

$id = $nocache ? (string) $filter->id :
$filter['id'];
$rule = $nocache ? (string) $filter->rule :
$filter['rule'];
$impact = $nocache ? (string) $filter->impact :
$filter['impact'];
$tags = $nocache ? array_values((array) $filter->tags) :
$filter['tags'];
$description = $nocache ? (string) $filter->description :
$filter['description'];

$this->addFilter(

if ($nocache) {
// build filters and cache them for re-use on next run
$data = array();
$filters = $filters->filters->filter;

foreach ($filters as $filter) {

$id = (string) $filter->id;
$rule = (string) $filter->rule;
$impact = (string) $filter->impact;
$tags = array_values((array) $filter->tags);
$description = (string) $filter->description;
$this->addFilter(
new \IDS\Filter(
$id,
$rule,
$description,
(array) $tags[0],
(int) $impact
)
);

$data[] = array(
)
);
$data[] = array(
'id' => $id,
'rule' => $rule,
'impact' => $impact,
'tags' => $tags,
'description' => $description
);
}

/*
* If caching is enabled, the fetched data will be cached
*/
if ($this->cacheSettings) {
$this->cache->setCache($data);
);
}

/*
* If caching is enabled, the fetched data will be cached
*/
if ($this->cacheSettings) {
$this->cache->setCache($data);
}

} else {

// build filters from cached content
$this->addFiltersFromArray($filters);
}

return $this;
}

throw new \RuntimeException('json extension is not loaded.');
}

/**
* This functions adds an array of filters to the IDS_Storage object.
* Each entry within the array is expected to be an simple array containing all parts of the filter.
*
* @param array $filters
*/
private function addFiltersFromArray(array $filters)
{
foreach ($filters as $filter) {

$id = $filter['id'];
$rule = $filter['rule'];
$impact = $filter['impact'];
$tags = $filter['tags'];
$description = $filter['description'];

$this->addFilter(
new \IDS\Filter(
$id,
$rule,
$description,
(array) $tags[0],
(int) $impact
)
);
}
}
}
10 changes: 5 additions & 5 deletions lib/IDS/default_filter.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
{
"id":"1",
"rule":"(?:\"[^\"]*[^-]?>)|(?:[^\\w\\s]\\s*\\\/>)|(?:>\")",
"description":"finds html breaking injections including whitespace attacks",
"description":"Finds html breaking injections including whitespace attacks",
"tags":{
"tag":[
"xss",
Expand All @@ -16,7 +16,7 @@
{
"id":"2",
"rule":"(?:\"+.*[<=]\\s*\"[^\"]+\")|(?:\"\\s*\\w+\\s*=)|(?:>\\w=\\\/)|(?:#.+\\)[\"\\s]*>)|(?:\"\\s*(?:src|style|on\\w+)\\s*=\\s*\")|(?:[^\"]?\"[,;\\s]+\\w*[\\[\\(])",
"description":"finds attribute breaking injections including whitespace attacks",
"description":"Finds attribute breaking injections including whitespace attacks",
"tags":{
"tag":[
"xss",
Expand All @@ -28,7 +28,7 @@
{
"id":"3",
"rule":"(?:^>[\\w\\s]*<\\\/?\\w{2,}>)",
"description":"finds unquoted attribute breaking injections",
"description":"Finds unquoted attribute breaking injections",
"tags":{
"tag":[
"xss",
Expand Down Expand Up @@ -851,7 +851,7 @@
{
"id":"71",
"rule":"(?:[\\s\\d\\\/\"]+(?:on\\w+|style|poster|background)=[$\"\\w])|(?:-type\\s*:\\s*multipart)",
"description":"finds malicious attribute injection attempts and MHTML attacks",
"description":"Finds malicious attribute injection attempts and MHTML attacks",
"tags":{
"tag":[
"xss",
Expand Down Expand Up @@ -908,7 +908,7 @@
{
"id":"77",
"rule":"(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)",
"description":"Looking for intiger overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the \"magic number\" crash",
"description":"Looking for integer overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the \"magic number\" crash",
"tags":{
"tag":[
"sqli",
Expand Down