|
3 | 3 | # Script to post a payload against a local webserver at each paranoia level |
4 | 4 | # |
5 | 5 | # Note: Webserver has to be prepared to take desired PL as Request Header "PL" |
| 6 | +# Check the access log format at https://www.netnea.com/cms/apache-tutorial-5_extending-access-log/ |
6 | 7 | # |
7 | | -#Path to CRS rule set and local files |
| 8 | +# Path to CRS rule set and local files |
8 | 9 | CRS="/usr/share/modsecurity-crs/rules/" |
9 | 10 | accesslog="/apache/logs/access.log" |
10 | 11 | errorlog="/apache/logs/error.log" |
11 | 12 |
|
12 | | -#URL of web server |
| 13 | +# URL of web server |
13 | 14 | URL="localhost:40080" |
14 | 15 |
|
15 | | -#Rules per Paranoia level |
16 | | -#Paranoia level 1 rules, rule 012 is the phase 2 rule delimiter of the start of PL1 |
17 | | -#Paranoia level 1 rules, rule 013 is the phase 1 rule delimiter of the finish of PL1 |
| 16 | +# Rules per Paranoia level |
| 17 | +# Paranoia level 1 rules, rule 012 is the phase 2 rule delimiter of the start of PL1 |
| 18 | +# Paranoia level 1 rules, rule 013 is the phase 1 rule delimiter of the finish of PL1 |
18 | 19 | PL1=$(awk "/012,phase:2/,/013,phase:1/" $CRS/*.conf |egrep -v "(012|013),phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,') |
19 | 20 |
|
20 | | -#Paranoia level 2 rules, rule 014 is the phase 2 rule delimiter of the start of PL2 |
21 | | -#Paranoia level 2 rules, rule 015 is the phase 1 rule delimiter of the finish of PL2 |
| 21 | +# Paranoia level 2 rules, rule 014 is the phase 2 rule delimiter of the start of PL2 |
| 22 | +# Paranoia level 2 rules, rule 015 is the phase 1 rule delimiter of the finish of PL2 |
22 | 23 | PL2=$(awk "/014,phase:2/,/015,phase:1/" $CRS/*.conf |egrep -v "(014|015),phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,') |
23 | 24 |
|
24 | | -#Paranoia level 3 rules, rule 016 is the phase 2 rule delimiter of the start of PL3 |
25 | | -#Paranoia level 3 rules, rule 017 is the phase 1 rule delimiter of the finish of PL3 |
| 25 | +# Paranoia level 3 rules, rule 016 is the phase 2 rule delimiter of the start of PL3 |
| 26 | +# Paranoia level 3 rules, rule 017 is the phase 1 rule delimiter of the finish of PL3 |
26 | 27 | PL3=$(awk "/016,phase:2/,/017,phase:1/" $CRS/*.conf |egrep -v "(016|017),phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,') |
27 | 28 |
|
28 | | -#Paranoia level 4 rules, rule 018 is the phase 2 rule delimiter of the start of PL4 |
29 | | -#Paranoia level 4 rules, "Paranoia Levels Finished" delimiter of the finish of PL4 |
| 29 | +# Paranoia level 4 rules, rule 018 is the phase 2 rule delimiter of the start of PL4 |
| 30 | +# Paranoia level 4 rules, "Paranoia Levels Finished" delimiter of the finish of PL4 |
30 | 31 | PL4=$(awk "/018,phase:2/,/Paranoia Levels Finished/" $CRS/*.conf |egrep -v "018,phase" |egrep -o "id:[0-9]+" |sed -r 's,id:([0-9]+),\1\\,' |tr -t '\n' '\|' |sed -r 's,\\\|$,,') |
31 | 32 |
|
32 | 33 | if [ ! -z "$1" ]; then |
|
0 commit comments