Skip to content
This repository was archived by the owner on May 14, 2020. It is now read-only.

Commit 2f7f6fe

Browse files
lifeformslifeforms
authored
Merge pull request #1526 from spartantri/v3.2/dev
send-payload-pls.sh script
2 parents 42a2f6f + 8e0681d commit 2f7f6fe

File tree

1 file changed

+56
-0
lines changed

1 file changed

+56
-0
lines changed

util/send-payload-pls.sh

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
#!/bin/bash
2+
#
3+
# Script to post a payload against a local webserver at each paranoia level
4+
#
5+
# Note: Webserver has to be prepared to take desired PL as Request Header "PL"
6+
# Check the access log format at https://www.netnea.com/cms/apache-tutorial-5_extending-access-log/
7+
#
8+
# Path to CRS rule set and local files
9+
CRS="/usr/share/modsecurity-crs/rules/"
10+
accesslog="/apache/logs/access.log"
11+
errorlog="/apache/logs/error.log"
12+
13+
# URL of web server
14+
URL="localhost:40080"
15+
16+
# Rules per Paranoia level
17+
# Paranoia level 1 rules, rule 012 is the phase 2 rule delimiter of the start of PL1
18+
# Paranoia level 1 rules, rule 013 is the phase 1 rule delimiter of the finish of PL1
19+
PL1=$(awk "/012,phase:2/,/013,phase:1/" $CRS/*.conf |egrep -v "(012|013),phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,')
20+
21+
# Paranoia level 2 rules, rule 014 is the phase 2 rule delimiter of the start of PL2
22+
# Paranoia level 2 rules, rule 015 is the phase 1 rule delimiter of the finish of PL2
23+
PL2=$(awk "/014,phase:2/,/015,phase:1/" $CRS/*.conf |egrep -v "(014|015),phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,')
24+
25+
# Paranoia level 3 rules, rule 016 is the phase 2 rule delimiter of the start of PL3
26+
# Paranoia level 3 rules, rule 017 is the phase 1 rule delimiter of the finish of PL3
27+
PL3=$(awk "/016,phase:2/,/017,phase:1/" $CRS/*.conf |egrep -v "(016|017),phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,')
28+
29+
# Paranoia level 4 rules, rule 018 is the phase 2 rule delimiter of the start of PL4
30+
# Paranoia level 4 rules, "Paranoia Levels Finished" delimiter of the finish of PL4
31+
PL4=$(awk "/018,phase:2/,/Paranoia Levels Finished/" $CRS/*.conf |egrep -v "018,phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,')
32+
33+
if [ ! -z "$1" ]; then
34+
PAYLOAD="$1"
35+
else
36+
echo "Please submit payload as parameter. This is fatal. Aborting."
37+
exit 1
38+
fi
39+
40+
echo "Sending the following payload at multiple paranoia levels: $PAYLOAD"
41+
echo
42+
43+
for PL in 1 2 3 4; do
44+
echo "--- Paranoia Level $PL ---"
45+
echo
46+
if [ -f "$PAYLOAD" ]; then
47+
curl $URL --data-binary "@$PAYLOAD" -H "PL: $PL" -o /dev/null -s
48+
else
49+
curl $URL -d "$PAYLOAD" -H "PL: $PL" -o /dev/null -s
50+
fi
51+
grep $(tail -1 $accesslog | cut -d\" -f11 | cut -b2-26) $errorlog | sed -e "s/.*\[id \"//" -e "s/\(......\).*\[msg \"/\1 /" -e "s/\"\].*//" -e "s/(Total .*/(Total ...) .../" -e "s/Incoming and Outgoing Score: [0-9]* [0-9]*/Incoming and Outgoing Score: .../" | sed -e "s/$PL1/& PL1/" -e "s/$PL2/& PL2/" -e "s/$PL3/& PL3/ "-e "s/$PL4/& PL4/" | sort -k2
52+
echo
53+
echo -n "Total Incoming Score: "
54+
tail -1 $accesslog | cut -d\" -f11 | cut -d\ -f14 | tr "-" "0"
55+
echo
56+
done

0 commit comments

Comments
 (0)