ddtrace 1.9.0 → 1.10.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (695) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +77 -1
  3. data/LICENSE-3rdparty.csv +1 -0
  4. data/ext/ddtrace_profiling_loader/extconf.rb +0 -2
  5. data/ext/ddtrace_profiling_native_extension/collectors_cpu_and_wall_time_worker.c +81 -36
  6. data/ext/ddtrace_profiling_native_extension/collectors_idle_sampling_helper.c +3 -3
  7. data/ext/ddtrace_profiling_native_extension/collectors_stack.c +37 -48
  8. data/ext/ddtrace_profiling_native_extension/collectors_stack.h +3 -1
  9. data/ext/ddtrace_profiling_native_extension/{collectors_cpu_and_wall_time.c → collectors_thread_context.c} +222 -143
  10. data/ext/ddtrace_profiling_native_extension/collectors_thread_context.h +14 -0
  11. data/ext/ddtrace_profiling_native_extension/extconf.rb +7 -18
  12. data/ext/ddtrace_profiling_native_extension/http_transport.c +25 -32
  13. data/ext/ddtrace_profiling_native_extension/libdatadog_helpers.h +9 -2
  14. data/ext/ddtrace_profiling_native_extension/native_extension_helpers.rb +9 -9
  15. data/ext/ddtrace_profiling_native_extension/private_vm_api_access.c +7 -121
  16. data/ext/ddtrace_profiling_native_extension/private_vm_api_access.h +1 -1
  17. data/ext/ddtrace_profiling_native_extension/profiling.c +2 -2
  18. data/ext/ddtrace_profiling_native_extension/ruby_helpers.c +2 -2
  19. data/ext/ddtrace_profiling_native_extension/ruby_helpers.h +1 -1
  20. data/ext/ddtrace_profiling_native_extension/stack_recorder.c +125 -21
  21. data/ext/ddtrace_profiling_native_extension/stack_recorder.h +9 -34
  22. data/lib/datadog/appsec/assets/waf_rules/recommended.json +321 -185
  23. data/lib/datadog/appsec/assets/waf_rules/strict.json +59 -2
  24. data/lib/datadog/appsec/assets.rb +0 -2
  25. data/lib/datadog/appsec/autoload.rb +4 -11
  26. data/lib/datadog/appsec/component.rb +41 -0
  27. data/lib/datadog/appsec/configuration/settings.rb +8 -3
  28. data/lib/datadog/appsec/configuration.rb +4 -2
  29. data/lib/datadog/appsec/contrib/auto_instrument.rb +0 -2
  30. data/lib/datadog/appsec/contrib/configuration/settings.rb +0 -2
  31. data/lib/datadog/appsec/contrib/integration.rb +0 -2
  32. data/lib/datadog/appsec/contrib/patcher.rb +0 -2
  33. data/lib/datadog/appsec/contrib/rack/configuration/settings.rb +0 -2
  34. data/lib/datadog/appsec/contrib/rack/ext.rb +0 -2
  35. data/lib/datadog/appsec/contrib/rack/gateway/request.rb +97 -0
  36. data/lib/datadog/appsec/contrib/rack/gateway/response.rb +30 -0
  37. data/lib/datadog/appsec/contrib/rack/gateway/watcher.rb +111 -109
  38. data/lib/datadog/appsec/contrib/rack/integration.rb +0 -2
  39. data/lib/datadog/appsec/contrib/rack/patcher.rb +2 -2
  40. data/lib/datadog/appsec/contrib/rack/reactive/request.rb +18 -21
  41. data/lib/datadog/appsec/contrib/rack/reactive/request_body.rb +10 -11
  42. data/lib/datadog/appsec/contrib/rack/reactive/response.rb +10 -11
  43. data/lib/datadog/appsec/contrib/rack/request_body_middleware.rb +6 -4
  44. data/lib/datadog/appsec/contrib/rack/request_middleware.rb +40 -26
  45. data/lib/datadog/appsec/contrib/rails/configuration/settings.rb +0 -2
  46. data/lib/datadog/appsec/contrib/rails/ext.rb +0 -2
  47. data/lib/datadog/appsec/contrib/rails/framework.rb +0 -2
  48. data/lib/datadog/appsec/contrib/rails/gateway/request.rb +67 -0
  49. data/lib/datadog/appsec/contrib/rails/gateway/watcher.rb +41 -37
  50. data/lib/datadog/appsec/contrib/rails/integration.rb +0 -2
  51. data/lib/datadog/appsec/contrib/rails/patcher.rb +3 -3
  52. data/lib/datadog/appsec/contrib/rails/reactive/action.rb +12 -11
  53. data/lib/datadog/appsec/contrib/rails/request.rb +0 -2
  54. data/lib/datadog/appsec/contrib/rails/request_middleware.rb +0 -2
  55. data/lib/datadog/appsec/contrib/sinatra/configuration/settings.rb +0 -2
  56. data/lib/datadog/appsec/contrib/sinatra/ext.rb +0 -2
  57. data/lib/datadog/appsec/contrib/sinatra/framework.rb +0 -2
  58. data/lib/datadog/appsec/contrib/sinatra/gateway/request.rb +17 -0
  59. data/lib/datadog/appsec/contrib/sinatra/gateway/route_params.rb +23 -0
  60. data/lib/datadog/appsec/contrib/sinatra/gateway/watcher.rb +76 -71
  61. data/lib/datadog/appsec/contrib/sinatra/integration.rb +0 -2
  62. data/lib/datadog/appsec/contrib/sinatra/patcher.rb +12 -4
  63. data/lib/datadog/appsec/contrib/sinatra/reactive/routed.rb +10 -9
  64. data/lib/datadog/appsec/contrib/sinatra/request_middleware.rb +0 -2
  65. data/lib/datadog/appsec/event.rb +4 -8
  66. data/lib/datadog/appsec/ext.rb +9 -0
  67. data/lib/datadog/appsec/extensions.rb +10 -2
  68. data/lib/datadog/appsec/instrumentation/gateway/argument.rb +24 -0
  69. data/lib/datadog/appsec/instrumentation/gateway.rb +11 -5
  70. data/lib/datadog/appsec/instrumentation.rb +9 -0
  71. data/lib/datadog/appsec/monitor/gateway/watcher.rb +86 -0
  72. data/lib/datadog/appsec/monitor/reactive/set_user.rb +61 -0
  73. data/lib/datadog/appsec/monitor.rb +11 -0
  74. data/lib/datadog/appsec/processor.rb +74 -25
  75. data/lib/datadog/appsec/rate_limiter.rb +0 -2
  76. data/lib/datadog/appsec/reactive/address_hash.rb +6 -2
  77. data/lib/datadog/appsec/reactive/engine.rb +10 -7
  78. data/lib/datadog/appsec/reactive/operation.rb +19 -2
  79. data/lib/datadog/appsec/reactive/subscriber.rb +2 -1
  80. data/lib/datadog/appsec/response.rb +0 -2
  81. data/lib/datadog/appsec/utils/http/media_range.rb +0 -2
  82. data/lib/datadog/appsec/utils/http/media_type.rb +0 -2
  83. data/lib/datadog/appsec.rb +20 -2
  84. data/lib/datadog/ci/configuration/components.rb +0 -2
  85. data/lib/datadog/ci/configuration/settings.rb +0 -2
  86. data/lib/datadog/ci/contrib/cucumber/configuration/settings.rb +0 -2
  87. data/lib/datadog/ci/contrib/cucumber/ext.rb +0 -2
  88. data/lib/datadog/ci/contrib/cucumber/formatter.rb +0 -2
  89. data/lib/datadog/ci/contrib/cucumber/instrumentation.rb +0 -2
  90. data/lib/datadog/ci/contrib/cucumber/integration.rb +0 -2
  91. data/lib/datadog/ci/contrib/cucumber/patcher.rb +0 -2
  92. data/lib/datadog/ci/contrib/rspec/configuration/settings.rb +0 -2
  93. data/lib/datadog/ci/contrib/rspec/example.rb +0 -2
  94. data/lib/datadog/ci/contrib/rspec/ext.rb +0 -2
  95. data/lib/datadog/ci/contrib/rspec/integration.rb +0 -2
  96. data/lib/datadog/ci/contrib/rspec/patcher.rb +0 -2
  97. data/lib/datadog/ci/ext/app_types.rb +0 -2
  98. data/lib/datadog/ci/ext/environment.rb +2 -24
  99. data/lib/datadog/ci/ext/settings.rb +0 -2
  100. data/lib/datadog/ci/ext/test.rb +0 -2
  101. data/lib/datadog/ci/extensions.rb +0 -2
  102. data/lib/datadog/ci/flush.rb +0 -2
  103. data/lib/datadog/ci/test.rb +0 -2
  104. data/lib/datadog/ci.rb +0 -2
  105. data/lib/datadog/core/buffer/cruby.rb +0 -2
  106. data/lib/datadog/core/buffer/random.rb +0 -2
  107. data/lib/datadog/core/buffer/thread_safe.rb +0 -2
  108. data/lib/datadog/core/chunker.rb +0 -2
  109. data/lib/datadog/core/configuration/agent_settings_resolver.rb +0 -17
  110. data/lib/datadog/core/configuration/base.rb +0 -2
  111. data/lib/datadog/core/configuration/components.rb +14 -318
  112. data/lib/datadog/core/configuration/dependency_resolver.rb +0 -2
  113. data/lib/datadog/core/configuration/ext.rb +0 -2
  114. data/lib/datadog/core/configuration/option.rb +0 -2
  115. data/lib/datadog/core/configuration/option_definition.rb +0 -2
  116. data/lib/datadog/core/configuration/option_definition_set.rb +0 -2
  117. data/lib/datadog/core/configuration/option_set.rb +0 -2
  118. data/lib/datadog/core/configuration/options.rb +0 -2
  119. data/lib/datadog/core/configuration/settings.rb +14 -5
  120. data/lib/datadog/core/configuration.rb +0 -4
  121. data/lib/datadog/core/diagnostics/environment_logger.rb +0 -2
  122. data/lib/datadog/core/diagnostics/health.rb +0 -2
  123. data/lib/datadog/core/encoding.rb +0 -4
  124. data/lib/datadog/core/environment/cgroup.rb +0 -4
  125. data/lib/datadog/core/environment/class_count.rb +0 -2
  126. data/lib/datadog/core/environment/container.rb +0 -4
  127. data/lib/datadog/core/environment/ext.rb +0 -2
  128. data/lib/datadog/core/environment/gc.rb +0 -2
  129. data/lib/datadog/core/environment/identity.rb +0 -2
  130. data/lib/datadog/core/environment/platform.rb +0 -2
  131. data/lib/datadog/core/environment/socket.rb +0 -2
  132. data/lib/datadog/core/environment/thread_count.rb +0 -2
  133. data/lib/datadog/core/environment/variable_helpers.rb +0 -2
  134. data/lib/datadog/core/environment/vm_cache.rb +17 -2
  135. data/lib/datadog/core/error.rb +0 -2
  136. data/lib/datadog/core/extensions.rb +0 -2
  137. data/lib/datadog/core/git/ext.rb +0 -2
  138. data/lib/datadog/core/logger.rb +0 -2
  139. data/lib/datadog/core/metrics/client.rb +0 -2
  140. data/lib/datadog/core/metrics/ext.rb +0 -2
  141. data/lib/datadog/core/metrics/helpers.rb +0 -2
  142. data/lib/datadog/core/metrics/logging.rb +0 -2
  143. data/lib/datadog/core/metrics/metric.rb +0 -2
  144. data/lib/datadog/core/metrics/options.rb +0 -2
  145. data/lib/datadog/core/pin.rb +0 -2
  146. data/lib/datadog/core/runtime/ext.rb +2 -2
  147. data/lib/datadog/core/runtime/metrics.rb +21 -7
  148. data/lib/datadog/core/telemetry/client.rb +0 -2
  149. data/lib/datadog/core/telemetry/collector.rb +0 -2
  150. data/lib/datadog/core/telemetry/emitter.rb +0 -2
  151. data/lib/datadog/core/telemetry/event.rb +0 -4
  152. data/lib/datadog/core/telemetry/ext.rb +0 -2
  153. data/lib/datadog/core/telemetry/heartbeat.rb +0 -2
  154. data/lib/datadog/core/telemetry/http/adapters/net.rb +0 -2
  155. data/lib/datadog/core/telemetry/http/env.rb +0 -2
  156. data/lib/datadog/core/telemetry/http/response.rb +0 -4
  157. data/lib/datadog/core/telemetry/http/transport.rb +0 -2
  158. data/lib/datadog/core/telemetry/v1/app_event.rb +0 -2
  159. data/lib/datadog/core/utils/compression.rb +0 -2
  160. data/lib/datadog/core/utils/forking.rb +0 -2
  161. data/lib/datadog/core/utils/network.rb +140 -0
  162. data/lib/datadog/core/utils/object_set.rb +0 -2
  163. data/lib/datadog/core/utils/only_once.rb +0 -2
  164. data/lib/datadog/core/utils/safe_dup.rb +0 -2
  165. data/lib/datadog/core/utils/sequence.rb +0 -2
  166. data/lib/datadog/core/utils/string_table.rb +0 -2
  167. data/lib/datadog/core/utils/time.rb +0 -4
  168. data/lib/datadog/core/utils.rb +0 -2
  169. data/lib/datadog/core/vendor/ipaddr.rb +78 -0
  170. data/lib/datadog/core/vendor/multipart-post/multipart/post/composite_read_io.rb +0 -2
  171. data/lib/datadog/core/vendor/multipart-post/multipart/post/multipartable.rb +0 -2
  172. data/lib/datadog/core/vendor/multipart-post/multipart/post/parts.rb +0 -2
  173. data/lib/datadog/core/vendor/multipart-post/multipart/post/version.rb +0 -2
  174. data/lib/datadog/core/vendor/multipart-post/multipart/post.rb +0 -2
  175. data/lib/datadog/core/vendor/multipart-post/multipart.rb +0 -2
  176. data/lib/datadog/core/vendor/multipart-post/net/http/post/multipart.rb +0 -2
  177. data/lib/datadog/core/worker.rb +0 -2
  178. data/lib/datadog/core/workers/async.rb +0 -2
  179. data/lib/datadog/core/workers/interval_loop.rb +0 -2
  180. data/lib/datadog/core/workers/polling.rb +0 -2
  181. data/lib/datadog/core/workers/queue.rb +0 -2
  182. data/lib/datadog/core/workers/runtime_metrics.rb +0 -2
  183. data/lib/datadog/core.rb +0 -1
  184. data/lib/datadog/kit/appsec/events.rb +1 -2
  185. data/lib/datadog/kit/enable_core_dumps.rb +5 -6
  186. data/lib/datadog/kit/identity.rb +7 -1
  187. data/lib/datadog/kit.rb +0 -2
  188. data/lib/datadog/opentelemetry/api/context.rb +0 -1
  189. data/lib/datadog/opentelemetry/api/trace/span.rb +0 -1
  190. data/lib/datadog/opentelemetry/sdk/configurator.rb +0 -1
  191. data/lib/datadog/opentelemetry/sdk/id_generator.rb +0 -1
  192. data/lib/datadog/opentelemetry/sdk/propagator.rb +0 -1
  193. data/lib/datadog/opentelemetry/sdk/span_processor.rb +0 -1
  194. data/lib/datadog/opentelemetry.rb +0 -1
  195. data/lib/datadog/opentracer/binary_propagator.rb +0 -2
  196. data/lib/datadog/opentracer/carrier.rb +0 -2
  197. data/lib/datadog/opentracer/distributed_headers.rb +0 -2
  198. data/lib/datadog/opentracer/global_tracer.rb +0 -2
  199. data/lib/datadog/opentracer/propagator.rb +0 -2
  200. data/lib/datadog/opentracer/rack_propagator.rb +0 -2
  201. data/lib/datadog/opentracer/scope.rb +0 -2
  202. data/lib/datadog/opentracer/scope_manager.rb +0 -2
  203. data/lib/datadog/opentracer/span.rb +0 -2
  204. data/lib/datadog/opentracer/span_context.rb +0 -2
  205. data/lib/datadog/opentracer/span_context_factory.rb +0 -2
  206. data/lib/datadog/opentracer/text_map_propagator.rb +0 -2
  207. data/lib/datadog/opentracer/thread_local_scope.rb +0 -2
  208. data/lib/datadog/opentracer/thread_local_scope_manager.rb +0 -2
  209. data/lib/datadog/opentracer/tracer.rb +0 -2
  210. data/lib/datadog/opentracer.rb +0 -2
  211. data/lib/datadog/profiling/backtrace_location.rb +0 -2
  212. data/lib/datadog/profiling/buffer.rb +0 -2
  213. data/lib/datadog/profiling/collectors/code_provenance.rb +0 -2
  214. data/lib/datadog/profiling/collectors/cpu_and_wall_time_worker.rb +12 -7
  215. data/lib/datadog/profiling/collectors/dynamic_sampling_rate.rb +0 -2
  216. data/lib/datadog/profiling/collectors/idle_sampling_helper.rb +1 -3
  217. data/lib/datadog/profiling/collectors/old_stack.rb +1 -5
  218. data/lib/datadog/profiling/collectors/stack.rb +0 -2
  219. data/lib/datadog/profiling/collectors/{cpu_and_wall_time.rb → thread_context.rb} +8 -5
  220. data/lib/datadog/profiling/component.rb +161 -0
  221. data/lib/datadog/profiling/encoding/profile.rb +0 -2
  222. data/lib/datadog/profiling/event.rb +0 -2
  223. data/lib/datadog/profiling/events/stack.rb +0 -2
  224. data/lib/datadog/profiling/exporter.rb +0 -2
  225. data/lib/datadog/profiling/ext/forking.rb +0 -2
  226. data/lib/datadog/profiling/ext.rb +0 -2
  227. data/lib/datadog/profiling/flush.rb +0 -2
  228. data/lib/datadog/profiling/http_transport.rb +0 -2
  229. data/lib/datadog/profiling/load_native_extension.rb +0 -2
  230. data/lib/datadog/profiling/native_extension.rb +0 -2
  231. data/lib/datadog/profiling/old_recorder.rb +0 -2
  232. data/lib/datadog/profiling/pprof/builder.rb +0 -2
  233. data/lib/datadog/profiling/pprof/converter.rb +0 -2
  234. data/lib/datadog/profiling/pprof/message_set.rb +0 -2
  235. data/lib/datadog/profiling/pprof/payload.rb +0 -2
  236. data/lib/datadog/profiling/pprof/pprof_pb.rb +0 -2
  237. data/lib/datadog/profiling/pprof/stack_sample.rb +0 -2
  238. data/lib/datadog/profiling/pprof/string_table.rb +0 -2
  239. data/lib/datadog/profiling/pprof/template.rb +0 -2
  240. data/lib/datadog/profiling/preload.rb +0 -2
  241. data/lib/datadog/profiling/profiler.rb +0 -2
  242. data/lib/datadog/profiling/scheduler.rb +0 -2
  243. data/lib/datadog/profiling/stack_recorder.rb +3 -8
  244. data/lib/datadog/profiling/tag_builder.rb +0 -2
  245. data/lib/datadog/profiling/tasks/exec.rb +0 -2
  246. data/lib/datadog/profiling/tasks/help.rb +0 -2
  247. data/lib/datadog/profiling/tasks/setup.rb +0 -2
  248. data/lib/datadog/profiling/trace_identifiers/ddtrace.rb +0 -2
  249. data/lib/datadog/profiling/trace_identifiers/helper.rb +0 -2
  250. data/lib/datadog/profiling.rb +44 -7
  251. data/lib/datadog/tracing/analytics.rb +0 -2
  252. data/lib/datadog/tracing/buffer.rb +0 -4
  253. data/lib/datadog/tracing/client_ip.rb +38 -141
  254. data/lib/datadog/tracing/component.rb +176 -0
  255. data/lib/datadog/tracing/configuration/ext.rb +2 -2
  256. data/lib/datadog/tracing/configuration/settings.rb +20 -2
  257. data/lib/datadog/tracing/context.rb +0 -2
  258. data/lib/datadog/tracing/context_provider.rb +0 -2
  259. data/lib/datadog/tracing/contrib/action_cable/configuration/settings.rb +0 -2
  260. data/lib/datadog/tracing/contrib/action_cable/event.rb +0 -2
  261. data/lib/datadog/tracing/contrib/action_cable/events/broadcast.rb +0 -2
  262. data/lib/datadog/tracing/contrib/action_cable/events/perform_action.rb +0 -2
  263. data/lib/datadog/tracing/contrib/action_cable/events/transmit.rb +0 -2
  264. data/lib/datadog/tracing/contrib/action_cable/events.rb +0 -2
  265. data/lib/datadog/tracing/contrib/action_cable/ext.rb +0 -2
  266. data/lib/datadog/tracing/contrib/action_cable/instrumentation.rb +0 -2
  267. data/lib/datadog/tracing/contrib/action_cable/integration.rb +0 -2
  268. data/lib/datadog/tracing/contrib/action_cable/patcher.rb +0 -2
  269. data/lib/datadog/tracing/contrib/action_mailer/configuration/settings.rb +0 -2
  270. data/lib/datadog/tracing/contrib/action_mailer/event.rb +0 -2
  271. data/lib/datadog/tracing/contrib/action_mailer/events/deliver.rb +0 -2
  272. data/lib/datadog/tracing/contrib/action_mailer/events/process.rb +0 -2
  273. data/lib/datadog/tracing/contrib/action_mailer/events.rb +0 -2
  274. data/lib/datadog/tracing/contrib/action_mailer/ext.rb +0 -2
  275. data/lib/datadog/tracing/contrib/action_mailer/integration.rb +0 -2
  276. data/lib/datadog/tracing/contrib/action_mailer/patcher.rb +0 -2
  277. data/lib/datadog/tracing/contrib/action_pack/action_controller/instrumentation.rb +0 -2
  278. data/lib/datadog/tracing/contrib/action_pack/action_controller/patcher.rb +0 -2
  279. data/lib/datadog/tracing/contrib/action_pack/configuration/settings.rb +0 -2
  280. data/lib/datadog/tracing/contrib/action_pack/ext.rb +0 -2
  281. data/lib/datadog/tracing/contrib/action_pack/integration.rb +0 -2
  282. data/lib/datadog/tracing/contrib/action_pack/patcher.rb +0 -2
  283. data/lib/datadog/tracing/contrib/action_pack/utils.rb +0 -2
  284. data/lib/datadog/tracing/contrib/action_view/configuration/settings.rb +0 -2
  285. data/lib/datadog/tracing/contrib/action_view/event.rb +0 -2
  286. data/lib/datadog/tracing/contrib/action_view/events/render_partial.rb +0 -2
  287. data/lib/datadog/tracing/contrib/action_view/events/render_template.rb +0 -2
  288. data/lib/datadog/tracing/contrib/action_view/events.rb +0 -2
  289. data/lib/datadog/tracing/contrib/action_view/ext.rb +0 -2
  290. data/lib/datadog/tracing/contrib/action_view/instrumentation/partial_renderer.rb +0 -2
  291. data/lib/datadog/tracing/contrib/action_view/instrumentation/template_renderer.rb +0 -2
  292. data/lib/datadog/tracing/contrib/action_view/integration.rb +0 -2
  293. data/lib/datadog/tracing/contrib/action_view/patcher.rb +0 -2
  294. data/lib/datadog/tracing/contrib/action_view/utils.rb +0 -2
  295. data/lib/datadog/tracing/contrib/active_job/configuration/settings.rb +0 -2
  296. data/lib/datadog/tracing/contrib/active_job/event.rb +0 -2
  297. data/lib/datadog/tracing/contrib/active_job/events/discard.rb +0 -2
  298. data/lib/datadog/tracing/contrib/active_job/events/enqueue.rb +0 -2
  299. data/lib/datadog/tracing/contrib/active_job/events/enqueue_at.rb +0 -2
  300. data/lib/datadog/tracing/contrib/active_job/events/enqueue_retry.rb +0 -2
  301. data/lib/datadog/tracing/contrib/active_job/events/perform.rb +0 -2
  302. data/lib/datadog/tracing/contrib/active_job/events/retry_stopped.rb +0 -2
  303. data/lib/datadog/tracing/contrib/active_job/events.rb +0 -2
  304. data/lib/datadog/tracing/contrib/active_job/ext.rb +0 -2
  305. data/lib/datadog/tracing/contrib/active_job/integration.rb +0 -2
  306. data/lib/datadog/tracing/contrib/active_job/log_injection.rb +0 -2
  307. data/lib/datadog/tracing/contrib/active_job/patcher.rb +0 -2
  308. data/lib/datadog/tracing/contrib/active_model_serializers/configuration/settings.rb +0 -2
  309. data/lib/datadog/tracing/contrib/active_model_serializers/event.rb +0 -2
  310. data/lib/datadog/tracing/contrib/active_model_serializers/events/render.rb +0 -2
  311. data/lib/datadog/tracing/contrib/active_model_serializers/events/serialize.rb +0 -2
  312. data/lib/datadog/tracing/contrib/active_model_serializers/events.rb +0 -2
  313. data/lib/datadog/tracing/contrib/active_model_serializers/ext.rb +0 -2
  314. data/lib/datadog/tracing/contrib/active_model_serializers/integration.rb +0 -2
  315. data/lib/datadog/tracing/contrib/active_model_serializers/patcher.rb +0 -2
  316. data/lib/datadog/tracing/contrib/active_record/configuration/makara_resolver.rb +0 -2
  317. data/lib/datadog/tracing/contrib/active_record/configuration/resolver.rb +0 -2
  318. data/lib/datadog/tracing/contrib/active_record/configuration/settings.rb +0 -2
  319. data/lib/datadog/tracing/contrib/active_record/event.rb +0 -2
  320. data/lib/datadog/tracing/contrib/active_record/events/instantiation.rb +0 -2
  321. data/lib/datadog/tracing/contrib/active_record/events/sql.rb +0 -2
  322. data/lib/datadog/tracing/contrib/active_record/events.rb +0 -2
  323. data/lib/datadog/tracing/contrib/active_record/ext.rb +0 -2
  324. data/lib/datadog/tracing/contrib/active_record/integration.rb +0 -2
  325. data/lib/datadog/tracing/contrib/active_record/patcher.rb +0 -2
  326. data/lib/datadog/tracing/contrib/active_record/utils.rb +0 -2
  327. data/lib/datadog/tracing/contrib/active_record/vendor/connection_specification.rb +0 -2
  328. data/lib/datadog/tracing/contrib/active_support/cache/instrumentation.rb +0 -2
  329. data/lib/datadog/tracing/contrib/active_support/cache/patcher.rb +0 -2
  330. data/lib/datadog/tracing/contrib/active_support/cache/redis.rb +0 -2
  331. data/lib/datadog/tracing/contrib/active_support/configuration/settings.rb +0 -2
  332. data/lib/datadog/tracing/contrib/active_support/ext.rb +0 -2
  333. data/lib/datadog/tracing/contrib/active_support/integration.rb +0 -2
  334. data/lib/datadog/tracing/contrib/active_support/notifications/event.rb +0 -2
  335. data/lib/datadog/tracing/contrib/active_support/notifications/subscriber.rb +0 -2
  336. data/lib/datadog/tracing/contrib/active_support/notifications/subscription.rb +0 -2
  337. data/lib/datadog/tracing/contrib/active_support/patcher.rb +0 -2
  338. data/lib/datadog/tracing/contrib/analytics.rb +0 -2
  339. data/lib/datadog/tracing/contrib/auto_instrument.rb +0 -2
  340. data/lib/datadog/tracing/contrib/aws/configuration/settings.rb +0 -2
  341. data/lib/datadog/tracing/contrib/aws/ext.rb +0 -2
  342. data/lib/datadog/tracing/contrib/aws/instrumentation.rb +0 -2
  343. data/lib/datadog/tracing/contrib/aws/integration.rb +0 -2
  344. data/lib/datadog/tracing/contrib/aws/parsed_context.rb +0 -2
  345. data/lib/datadog/tracing/contrib/aws/patcher.rb +0 -2
  346. data/lib/datadog/tracing/contrib/aws/services.rb +0 -2
  347. data/lib/datadog/tracing/contrib/concurrent_ruby/configuration/settings.rb +0 -2
  348. data/lib/datadog/tracing/contrib/concurrent_ruby/context_composite_executor_service.rb +0 -2
  349. data/lib/datadog/tracing/contrib/concurrent_ruby/ext.rb +0 -2
  350. data/lib/datadog/tracing/contrib/concurrent_ruby/future_patch.rb +0 -2
  351. data/lib/datadog/tracing/contrib/concurrent_ruby/integration.rb +0 -2
  352. data/lib/datadog/tracing/contrib/concurrent_ruby/patcher.rb +0 -3
  353. data/lib/datadog/tracing/contrib/configurable.rb +0 -2
  354. data/lib/datadog/tracing/contrib/configuration/resolver.rb +0 -2
  355. data/lib/datadog/tracing/contrib/configuration/resolvers/pattern_resolver.rb +0 -2
  356. data/lib/datadog/tracing/contrib/configuration/settings.rb +0 -4
  357. data/lib/datadog/tracing/contrib/dalli/configuration/settings.rb +0 -2
  358. data/lib/datadog/tracing/contrib/dalli/ext.rb +0 -2
  359. data/lib/datadog/tracing/contrib/dalli/instrumentation.rb +2 -2
  360. data/lib/datadog/tracing/contrib/dalli/integration.rb +0 -2
  361. data/lib/datadog/tracing/contrib/dalli/patcher.rb +0 -2
  362. data/lib/datadog/tracing/contrib/dalli/quantize.rb +0 -2
  363. data/lib/datadog/tracing/contrib/delayed_job/configuration/settings.rb +0 -2
  364. data/lib/datadog/tracing/contrib/delayed_job/ext.rb +0 -2
  365. data/lib/datadog/tracing/contrib/delayed_job/integration.rb +0 -2
  366. data/lib/datadog/tracing/contrib/delayed_job/patcher.rb +0 -2
  367. data/lib/datadog/tracing/contrib/delayed_job/plugin.rb +4 -2
  368. data/lib/datadog/tracing/contrib/delayed_job/server_internal_tracer/worker.rb +2 -2
  369. data/lib/datadog/tracing/contrib/elasticsearch/configuration/settings.rb +0 -2
  370. data/lib/datadog/tracing/contrib/elasticsearch/ext.rb +0 -2
  371. data/lib/datadog/tracing/contrib/elasticsearch/integration.rb +0 -2
  372. data/lib/datadog/tracing/contrib/elasticsearch/patcher.rb +3 -4
  373. data/lib/datadog/tracing/contrib/elasticsearch/quantize.rb +0 -4
  374. data/lib/datadog/tracing/contrib/ethon/configuration/settings.rb +0 -2
  375. data/lib/datadog/tracing/contrib/ethon/easy_patch.rb +0 -2
  376. data/lib/datadog/tracing/contrib/ethon/ext.rb +0 -2
  377. data/lib/datadog/tracing/contrib/ethon/integration.rb +0 -2
  378. data/lib/datadog/tracing/contrib/ethon/multi_patch.rb +0 -2
  379. data/lib/datadog/tracing/contrib/ethon/patcher.rb +0 -3
  380. data/lib/datadog/tracing/contrib/excon/configuration/settings.rb +0 -2
  381. data/lib/datadog/tracing/contrib/excon/ext.rb +0 -2
  382. data/lib/datadog/tracing/contrib/excon/integration.rb +0 -2
  383. data/lib/datadog/tracing/contrib/excon/middleware.rb +0 -2
  384. data/lib/datadog/tracing/contrib/excon/patcher.rb +0 -2
  385. data/lib/datadog/tracing/contrib/ext.rb +5 -0
  386. data/lib/datadog/tracing/contrib/extensions.rb +0 -2
  387. data/lib/datadog/tracing/contrib/faraday/configuration/settings.rb +0 -2
  388. data/lib/datadog/tracing/contrib/faraday/connection.rb +0 -2
  389. data/lib/datadog/tracing/contrib/faraday/ext.rb +0 -2
  390. data/lib/datadog/tracing/contrib/faraday/integration.rb +0 -2
  391. data/lib/datadog/tracing/contrib/faraday/middleware.rb +0 -2
  392. data/lib/datadog/tracing/contrib/faraday/patcher.rb +0 -2
  393. data/lib/datadog/tracing/contrib/faraday/rack_builder.rb +0 -2
  394. data/lib/datadog/tracing/contrib/grape/configuration/settings.rb +0 -2
  395. data/lib/datadog/tracing/contrib/grape/endpoint.rb +0 -2
  396. data/lib/datadog/tracing/contrib/grape/ext.rb +0 -2
  397. data/lib/datadog/tracing/contrib/grape/instrumentation.rb +0 -2
  398. data/lib/datadog/tracing/contrib/grape/integration.rb +0 -2
  399. data/lib/datadog/tracing/contrib/grape/patcher.rb +0 -2
  400. data/lib/datadog/tracing/contrib/graphql/configuration/settings.rb +0 -2
  401. data/lib/datadog/tracing/contrib/graphql/ext.rb +0 -2
  402. data/lib/datadog/tracing/contrib/graphql/integration.rb +0 -2
  403. data/lib/datadog/tracing/contrib/graphql/patcher.rb +0 -2
  404. data/lib/datadog/tracing/contrib/grpc/configuration/settings.rb +0 -2
  405. data/lib/datadog/tracing/contrib/grpc/datadog_interceptor/client.rb +0 -2
  406. data/lib/datadog/tracing/contrib/grpc/datadog_interceptor/server.rb +0 -2
  407. data/lib/datadog/tracing/contrib/grpc/datadog_interceptor.rb +0 -2
  408. data/lib/datadog/tracing/contrib/grpc/distributed/fetcher.rb +0 -1
  409. data/lib/datadog/tracing/contrib/grpc/distributed/propagation.rb +0 -1
  410. data/lib/datadog/tracing/contrib/grpc/ext.rb +0 -2
  411. data/lib/datadog/tracing/contrib/grpc/integration.rb +8 -3
  412. data/lib/datadog/tracing/contrib/grpc/intercept_with_datadog.rb +0 -2
  413. data/lib/datadog/tracing/contrib/grpc/patcher.rb +0 -3
  414. data/lib/datadog/tracing/contrib/hanami/action_tracer.rb +0 -2
  415. data/lib/datadog/tracing/contrib/hanami/configuration/settings.rb +0 -2
  416. data/lib/datadog/tracing/contrib/hanami/ext.rb +0 -2
  417. data/lib/datadog/tracing/contrib/hanami/integration.rb +0 -2
  418. data/lib/datadog/tracing/contrib/hanami/patcher.rb +0 -2
  419. data/lib/datadog/tracing/contrib/hanami/plugin.rb +0 -2
  420. data/lib/datadog/tracing/contrib/hanami/renderer_policy_tracing.rb +0 -2
  421. data/lib/datadog/tracing/contrib/hanami/router_tracing.rb +0 -2
  422. data/lib/datadog/tracing/contrib/http/circuit_breaker.rb +0 -2
  423. data/lib/datadog/tracing/contrib/http/configuration/settings.rb +0 -2
  424. data/lib/datadog/tracing/contrib/http/distributed/fetcher.rb +0 -1
  425. data/lib/datadog/tracing/contrib/http/distributed/propagation.rb +0 -1
  426. data/lib/datadog/tracing/contrib/http/ext.rb +0 -2
  427. data/lib/datadog/tracing/contrib/http/instrumentation.rb +0 -2
  428. data/lib/datadog/tracing/contrib/http/integration.rb +0 -2
  429. data/lib/datadog/tracing/contrib/http/patcher.rb +0 -2
  430. data/lib/datadog/tracing/contrib/http_annotation_helper.rb +0 -2
  431. data/lib/datadog/tracing/contrib/httpclient/configuration/settings.rb +0 -2
  432. data/lib/datadog/tracing/contrib/httpclient/ext.rb +0 -2
  433. data/lib/datadog/tracing/contrib/httpclient/instrumentation.rb +0 -2
  434. data/lib/datadog/tracing/contrib/httpclient/integration.rb +0 -2
  435. data/lib/datadog/tracing/contrib/httpclient/patcher.rb +0 -2
  436. data/lib/datadog/tracing/contrib/httprb/configuration/settings.rb +0 -2
  437. data/lib/datadog/tracing/contrib/httprb/ext.rb +0 -2
  438. data/lib/datadog/tracing/contrib/httprb/instrumentation.rb +0 -2
  439. data/lib/datadog/tracing/contrib/httprb/integration.rb +0 -2
  440. data/lib/datadog/tracing/contrib/httprb/patcher.rb +0 -2
  441. data/lib/datadog/tracing/contrib/integration.rb +0 -2
  442. data/lib/datadog/tracing/contrib/kafka/configuration/settings.rb +0 -2
  443. data/lib/datadog/tracing/contrib/kafka/consumer_event.rb +0 -2
  444. data/lib/datadog/tracing/contrib/kafka/consumer_group_event.rb +0 -2
  445. data/lib/datadog/tracing/contrib/kafka/event.rb +1 -2
  446. data/lib/datadog/tracing/contrib/kafka/events/connection/request.rb +0 -2
  447. data/lib/datadog/tracing/contrib/kafka/events/consumer/process_batch.rb +0 -2
  448. data/lib/datadog/tracing/contrib/kafka/events/consumer/process_message.rb +0 -2
  449. data/lib/datadog/tracing/contrib/kafka/events/consumer_group/heartbeat.rb +0 -2
  450. data/lib/datadog/tracing/contrib/kafka/events/consumer_group/join_group.rb +0 -2
  451. data/lib/datadog/tracing/contrib/kafka/events/consumer_group/leave_group.rb +0 -2
  452. data/lib/datadog/tracing/contrib/kafka/events/consumer_group/sync_group.rb +0 -2
  453. data/lib/datadog/tracing/contrib/kafka/events/produce_operation/send_messages.rb +0 -2
  454. data/lib/datadog/tracing/contrib/kafka/events/producer/deliver_messages.rb +0 -2
  455. data/lib/datadog/tracing/contrib/kafka/events.rb +0 -2
  456. data/lib/datadog/tracing/contrib/kafka/ext.rb +1 -2
  457. data/lib/datadog/tracing/contrib/kafka/integration.rb +0 -2
  458. data/lib/datadog/tracing/contrib/kafka/patcher.rb +0 -2
  459. data/lib/datadog/tracing/contrib/lograge/configuration/settings.rb +0 -2
  460. data/lib/datadog/tracing/contrib/lograge/ext.rb +0 -2
  461. data/lib/datadog/tracing/contrib/lograge/instrumentation.rb +0 -2
  462. data/lib/datadog/tracing/contrib/lograge/integration.rb +0 -2
  463. data/lib/datadog/tracing/contrib/lograge/patcher.rb +0 -2
  464. data/lib/datadog/tracing/contrib/mongodb/configuration/settings.rb +0 -2
  465. data/lib/datadog/tracing/contrib/mongodb/ext.rb +0 -2
  466. data/lib/datadog/tracing/contrib/mongodb/instrumentation.rb +0 -2
  467. data/lib/datadog/tracing/contrib/mongodb/integration.rb +0 -2
  468. data/lib/datadog/tracing/contrib/mongodb/parsers.rb +0 -2
  469. data/lib/datadog/tracing/contrib/mongodb/patcher.rb +0 -2
  470. data/lib/datadog/tracing/contrib/mongodb/subscribers.rb +0 -2
  471. data/lib/datadog/tracing/contrib/mysql2/configuration/settings.rb +0 -2
  472. data/lib/datadog/tracing/contrib/mysql2/ext.rb +0 -2
  473. data/lib/datadog/tracing/contrib/mysql2/instrumentation.rb +0 -2
  474. data/lib/datadog/tracing/contrib/mysql2/integration.rb +0 -2
  475. data/lib/datadog/tracing/contrib/mysql2/patcher.rb +0 -2
  476. data/lib/datadog/tracing/contrib/patchable.rb +0 -2
  477. data/lib/datadog/tracing/contrib/patcher.rb +0 -2
  478. data/lib/datadog/tracing/contrib/pg/configuration/settings.rb +0 -2
  479. data/lib/datadog/tracing/contrib/pg/ext.rb +0 -2
  480. data/lib/datadog/tracing/contrib/pg/instrumentation.rb +0 -2
  481. data/lib/datadog/tracing/contrib/pg/integration.rb +0 -2
  482. data/lib/datadog/tracing/contrib/pg/patcher.rb +0 -2
  483. data/lib/datadog/tracing/contrib/presto/configuration/settings.rb +0 -2
  484. data/lib/datadog/tracing/contrib/presto/ext.rb +1 -2
  485. data/lib/datadog/tracing/contrib/presto/instrumentation.rb +3 -2
  486. data/lib/datadog/tracing/contrib/presto/integration.rb +0 -2
  487. data/lib/datadog/tracing/contrib/presto/patcher.rb +0 -2
  488. data/lib/datadog/tracing/contrib/propagation/sql_comment/comment.rb +0 -2
  489. data/lib/datadog/tracing/contrib/propagation/sql_comment/ext.rb +0 -2
  490. data/lib/datadog/tracing/contrib/propagation/sql_comment/mode.rb +0 -2
  491. data/lib/datadog/tracing/contrib/propagation/sql_comment.rb +0 -2
  492. data/lib/datadog/tracing/contrib/qless/configuration/settings.rb +0 -2
  493. data/lib/datadog/tracing/contrib/qless/ext.rb +0 -2
  494. data/lib/datadog/tracing/contrib/qless/integration.rb +0 -2
  495. data/lib/datadog/tracing/contrib/qless/patcher.rb +0 -3
  496. data/lib/datadog/tracing/contrib/qless/qless_job.rb +3 -2
  497. data/lib/datadog/tracing/contrib/qless/tracer_cleaner.rb +0 -2
  498. data/lib/datadog/tracing/contrib/que/configuration/settings.rb +0 -2
  499. data/lib/datadog/tracing/contrib/que/ext.rb +0 -2
  500. data/lib/datadog/tracing/contrib/que/integration.rb +0 -2
  501. data/lib/datadog/tracing/contrib/que/patcher.rb +0 -2
  502. data/lib/datadog/tracing/contrib/que/tracer.rb +2 -2
  503. data/lib/datadog/tracing/contrib/racecar/configuration/settings.rb +0 -2
  504. data/lib/datadog/tracing/contrib/racecar/event.rb +1 -2
  505. data/lib/datadog/tracing/contrib/racecar/events/batch.rb +0 -2
  506. data/lib/datadog/tracing/contrib/racecar/events/consume.rb +0 -2
  507. data/lib/datadog/tracing/contrib/racecar/events/message.rb +0 -2
  508. data/lib/datadog/tracing/contrib/racecar/events.rb +0 -2
  509. data/lib/datadog/tracing/contrib/racecar/ext.rb +1 -2
  510. data/lib/datadog/tracing/contrib/racecar/integration.rb +0 -2
  511. data/lib/datadog/tracing/contrib/racecar/patcher.rb +0 -2
  512. data/lib/datadog/tracing/contrib/rack/configuration/settings.rb +0 -2
  513. data/lib/datadog/tracing/contrib/rack/ext.rb +5 -2
  514. data/lib/datadog/tracing/contrib/rack/integration.rb +0 -2
  515. data/lib/datadog/tracing/contrib/rack/middlewares.rb +42 -18
  516. data/lib/datadog/tracing/contrib/rack/patcher.rb +0 -2
  517. data/lib/datadog/tracing/contrib/rack/request_queue.rb +0 -2
  518. data/lib/datadog/tracing/contrib/rails/auto_instrument_railtie.rb +0 -2
  519. data/lib/datadog/tracing/contrib/rails/configuration/settings.rb +0 -2
  520. data/lib/datadog/tracing/contrib/rails/ext.rb +0 -2
  521. data/lib/datadog/tracing/contrib/rails/framework.rb +0 -2
  522. data/lib/datadog/tracing/contrib/rails/integration.rb +0 -2
  523. data/lib/datadog/tracing/contrib/rails/log_injection.rb +0 -2
  524. data/lib/datadog/tracing/contrib/rails/middlewares.rb +0 -2
  525. data/lib/datadog/tracing/contrib/rails/patcher.rb +0 -2
  526. data/lib/datadog/tracing/contrib/rails/railtie.rb +0 -2
  527. data/lib/datadog/tracing/contrib/rails/utils.rb +0 -2
  528. data/lib/datadog/tracing/contrib/rake/configuration/settings.rb +0 -2
  529. data/lib/datadog/tracing/contrib/rake/ext.rb +0 -2
  530. data/lib/datadog/tracing/contrib/rake/instrumentation.rb +0 -2
  531. data/lib/datadog/tracing/contrib/rake/integration.rb +0 -2
  532. data/lib/datadog/tracing/contrib/rake/patcher.rb +0 -2
  533. data/lib/datadog/tracing/contrib/redis/configuration/resolver.rb +0 -2
  534. data/lib/datadog/tracing/contrib/redis/configuration/settings.rb +0 -2
  535. data/lib/datadog/tracing/contrib/redis/ext.rb +0 -2
  536. data/lib/datadog/tracing/contrib/redis/instrumentation.rb +0 -2
  537. data/lib/datadog/tracing/contrib/redis/integration.rb +0 -2
  538. data/lib/datadog/tracing/contrib/redis/patcher.rb +0 -2
  539. data/lib/datadog/tracing/contrib/redis/quantize.rb +0 -2
  540. data/lib/datadog/tracing/contrib/redis/tags.rb +0 -2
  541. data/lib/datadog/tracing/contrib/redis/trace_middleware.rb +0 -2
  542. data/lib/datadog/tracing/contrib/redis/vendor/resolver.rb +0 -2
  543. data/lib/datadog/tracing/contrib/registerable.rb +0 -2
  544. data/lib/datadog/tracing/contrib/registry.rb +0 -2
  545. data/lib/datadog/tracing/contrib/resque/configuration/settings.rb +0 -2
  546. data/lib/datadog/tracing/contrib/resque/ext.rb +0 -2
  547. data/lib/datadog/tracing/contrib/resque/integration.rb +0 -2
  548. data/lib/datadog/tracing/contrib/resque/patcher.rb +0 -2
  549. data/lib/datadog/tracing/contrib/resque/resque_job.rb +2 -2
  550. data/lib/datadog/tracing/contrib/rest_client/configuration/settings.rb +0 -2
  551. data/lib/datadog/tracing/contrib/rest_client/ext.rb +0 -2
  552. data/lib/datadog/tracing/contrib/rest_client/integration.rb +0 -2
  553. data/lib/datadog/tracing/contrib/rest_client/patcher.rb +0 -3
  554. data/lib/datadog/tracing/contrib/rest_client/request_patch.rb +0 -2
  555. data/lib/datadog/tracing/contrib/semantic_logger/configuration/settings.rb +0 -2
  556. data/lib/datadog/tracing/contrib/semantic_logger/ext.rb +0 -2
  557. data/lib/datadog/tracing/contrib/semantic_logger/instrumentation.rb +0 -2
  558. data/lib/datadog/tracing/contrib/semantic_logger/integration.rb +0 -2
  559. data/lib/datadog/tracing/contrib/semantic_logger/patcher.rb +0 -2
  560. data/lib/datadog/tracing/contrib/sequel/configuration/settings.rb +0 -2
  561. data/lib/datadog/tracing/contrib/sequel/database.rb +0 -2
  562. data/lib/datadog/tracing/contrib/sequel/dataset.rb +0 -2
  563. data/lib/datadog/tracing/contrib/sequel/ext.rb +0 -2
  564. data/lib/datadog/tracing/contrib/sequel/integration.rb +0 -2
  565. data/lib/datadog/tracing/contrib/sequel/patcher.rb +0 -2
  566. data/lib/datadog/tracing/contrib/sequel/utils.rb +0 -2
  567. data/lib/datadog/tracing/contrib/shoryuken/configuration/settings.rb +0 -2
  568. data/lib/datadog/tracing/contrib/shoryuken/ext.rb +1 -2
  569. data/lib/datadog/tracing/contrib/shoryuken/integration.rb +0 -2
  570. data/lib/datadog/tracing/contrib/shoryuken/patcher.rb +0 -2
  571. data/lib/datadog/tracing/contrib/shoryuken/tracer.rb +2 -2
  572. data/lib/datadog/tracing/contrib/sidekiq/client_tracer.rb +2 -2
  573. data/lib/datadog/tracing/contrib/sidekiq/configuration/settings.rb +0 -2
  574. data/lib/datadog/tracing/contrib/sidekiq/ext.rb +0 -2
  575. data/lib/datadog/tracing/contrib/sidekiq/integration.rb +0 -2
  576. data/lib/datadog/tracing/contrib/sidekiq/patcher.rb +0 -2
  577. data/lib/datadog/tracing/contrib/sidekiq/server_internal_tracer/heartbeat.rb +4 -2
  578. data/lib/datadog/tracing/contrib/sidekiq/server_internal_tracer/job_fetch.rb +2 -2
  579. data/lib/datadog/tracing/contrib/sidekiq/server_internal_tracer/redis_info.rb +2 -2
  580. data/lib/datadog/tracing/contrib/sidekiq/server_internal_tracer/scheduled_poller.rb +4 -2
  581. data/lib/datadog/tracing/contrib/sidekiq/server_tracer.rb +2 -2
  582. data/lib/datadog/tracing/contrib/sidekiq/tracing.rb +0 -2
  583. data/lib/datadog/tracing/contrib/sinatra/configuration/settings.rb +0 -2
  584. data/lib/datadog/tracing/contrib/sinatra/env.rb +0 -2
  585. data/lib/datadog/tracing/contrib/sinatra/ext.rb +0 -2
  586. data/lib/datadog/tracing/contrib/sinatra/framework.rb +0 -2
  587. data/lib/datadog/tracing/contrib/sinatra/headers.rb +0 -2
  588. data/lib/datadog/tracing/contrib/sinatra/integration.rb +0 -2
  589. data/lib/datadog/tracing/contrib/sinatra/patcher.rb +0 -3
  590. data/lib/datadog/tracing/contrib/sinatra/tracer.rb +0 -2
  591. data/lib/datadog/tracing/contrib/sinatra/tracer_middleware.rb +0 -2
  592. data/lib/datadog/tracing/contrib/sneakers/configuration/settings.rb +0 -2
  593. data/lib/datadog/tracing/contrib/sneakers/ext.rb +1 -2
  594. data/lib/datadog/tracing/contrib/sneakers/integration.rb +0 -2
  595. data/lib/datadog/tracing/contrib/sneakers/patcher.rb +0 -2
  596. data/lib/datadog/tracing/contrib/sneakers/tracer.rb +3 -2
  597. data/lib/datadog/tracing/contrib/status_code_matcher.rb +0 -2
  598. data/lib/datadog/tracing/contrib/stripe/patcher.rb +0 -1
  599. data/lib/datadog/tracing/contrib/sucker_punch/configuration/settings.rb +0 -2
  600. data/lib/datadog/tracing/contrib/sucker_punch/exception_handler.rb +0 -2
  601. data/lib/datadog/tracing/contrib/sucker_punch/ext.rb +0 -2
  602. data/lib/datadog/tracing/contrib/sucker_punch/instrumentation.rb +0 -2
  603. data/lib/datadog/tracing/contrib/sucker_punch/integration.rb +0 -2
  604. data/lib/datadog/tracing/contrib/sucker_punch/patcher.rb +0 -3
  605. data/lib/datadog/tracing/contrib/utils/database.rb +0 -2
  606. data/lib/datadog/tracing/contrib/utils/quantization/hash.rb +0 -2
  607. data/lib/datadog/tracing/contrib/utils/quantization/http.rb +0 -4
  608. data/lib/datadog/tracing/contrib.rb +0 -2
  609. data/lib/datadog/tracing/correlation.rb +15 -3
  610. data/lib/datadog/tracing/diagnostics/ext.rb +0 -2
  611. data/lib/datadog/tracing/diagnostics/health.rb +0 -2
  612. data/lib/datadog/tracing/distributed/b3_multi.rb +12 -6
  613. data/lib/datadog/tracing/distributed/b3_single.rb +8 -6
  614. data/lib/datadog/tracing/distributed/datadog.rb +58 -11
  615. data/lib/datadog/tracing/distributed/datadog_tags_codec.rb +0 -1
  616. data/lib/datadog/tracing/distributed/fetcher.rb +0 -9
  617. data/lib/datadog/tracing/distributed/headers/ext.rb +0 -1
  618. data/lib/datadog/tracing/distributed/helpers.rb +21 -36
  619. data/lib/datadog/tracing/distributed/none.rb +0 -1
  620. data/lib/datadog/tracing/distributed/propagation.rb +0 -1
  621. data/lib/datadog/tracing/distributed/trace_context.rb +8 -13
  622. data/lib/datadog/tracing/event.rb +0 -2
  623. data/lib/datadog/tracing/flush.rb +0 -2
  624. data/lib/datadog/tracing/metadata/analytics.rb +0 -2
  625. data/lib/datadog/tracing/metadata/errors.rb +0 -2
  626. data/lib/datadog/tracing/metadata/ext.rb +6 -2
  627. data/lib/datadog/tracing/metadata/tagging.rb +0 -2
  628. data/lib/datadog/tracing/metadata.rb +0 -2
  629. data/lib/datadog/tracing/pipeline/span_filter.rb +0 -2
  630. data/lib/datadog/tracing/pipeline/span_processor.rb +0 -2
  631. data/lib/datadog/tracing/pipeline.rb +0 -2
  632. data/lib/datadog/tracing/propagation/http.rb +0 -2
  633. data/lib/datadog/tracing/runtime/metrics.rb +0 -2
  634. data/lib/datadog/tracing/sampling/all_sampler.rb +0 -2
  635. data/lib/datadog/tracing/sampling/ext.rb +0 -2
  636. data/lib/datadog/tracing/sampling/matcher.rb +0 -2
  637. data/lib/datadog/tracing/sampling/priority_sampler.rb +0 -2
  638. data/lib/datadog/tracing/sampling/rate_by_key_sampler.rb +0 -2
  639. data/lib/datadog/tracing/sampling/rate_by_service_sampler.rb +0 -2
  640. data/lib/datadog/tracing/sampling/rate_limiter.rb +0 -2
  641. data/lib/datadog/tracing/sampling/rate_sampler.rb +0 -2
  642. data/lib/datadog/tracing/sampling/rule.rb +0 -2
  643. data/lib/datadog/tracing/sampling/rule_sampler.rb +0 -2
  644. data/lib/datadog/tracing/sampling/sampler.rb +0 -2
  645. data/lib/datadog/tracing/span.rb +0 -2
  646. data/lib/datadog/tracing/span_operation.rb +1 -3
  647. data/lib/datadog/tracing/sync_writer.rb +0 -2
  648. data/lib/datadog/tracing/trace_digest.rb +0 -2
  649. data/lib/datadog/tracing/trace_operation.rb +1 -3
  650. data/lib/datadog/tracing/trace_segment.rb +7 -2
  651. data/lib/datadog/tracing/tracer.rb +0 -2
  652. data/lib/datadog/tracing/utils.rb +33 -2
  653. data/lib/datadog/tracing/workers/trace_writer.rb +0 -2
  654. data/lib/datadog/tracing/workers.rb +0 -2
  655. data/lib/datadog/tracing/writer.rb +0 -2
  656. data/lib/datadog/tracing.rb +0 -2
  657. data/lib/ddtrace/auto_instrument.rb +0 -2
  658. data/lib/ddtrace/auto_instrument_base.rb +0 -2
  659. data/lib/ddtrace/profiling/preload.rb +0 -2
  660. data/lib/ddtrace/transport/ext.rb +0 -2
  661. data/lib/ddtrace/transport/http/adapters/net.rb +0 -2
  662. data/lib/ddtrace/transport/http/adapters/registry.rb +0 -2
  663. data/lib/ddtrace/transport/http/adapters/test.rb +0 -2
  664. data/lib/ddtrace/transport/http/adapters/unix_socket.rb +0 -2
  665. data/lib/ddtrace/transport/http/api/endpoint.rb +0 -2
  666. data/lib/ddtrace/transport/http/api/fallbacks.rb +0 -2
  667. data/lib/ddtrace/transport/http/api/instance.rb +0 -2
  668. data/lib/ddtrace/transport/http/api/map.rb +0 -2
  669. data/lib/ddtrace/transport/http/api/spec.rb +0 -2
  670. data/lib/ddtrace/transport/http/api.rb +0 -2
  671. data/lib/ddtrace/transport/http/builder.rb +0 -2
  672. data/lib/ddtrace/transport/http/client.rb +0 -2
  673. data/lib/ddtrace/transport/http/env.rb +0 -2
  674. data/lib/ddtrace/transport/http/response.rb +0 -2
  675. data/lib/ddtrace/transport/http/statistics.rb +0 -2
  676. data/lib/ddtrace/transport/http/traces.rb +1 -3
  677. data/lib/ddtrace/transport/http.rb +0 -4
  678. data/lib/ddtrace/transport/io/client.rb +0 -2
  679. data/lib/ddtrace/transport/io/response.rb +0 -2
  680. data/lib/ddtrace/transport/io/traces.rb +0 -4
  681. data/lib/ddtrace/transport/io.rb +0 -2
  682. data/lib/ddtrace/transport/parcel.rb +0 -4
  683. data/lib/ddtrace/transport/request.rb +0 -2
  684. data/lib/ddtrace/transport/response.rb +0 -2
  685. data/lib/ddtrace/transport/serializable_trace.rb +9 -5
  686. data/lib/ddtrace/transport/statistics.rb +0 -2
  687. data/lib/ddtrace/transport/trace_formatter.rb +7 -2
  688. data/lib/ddtrace/transport/traces.rb +1 -3
  689. data/lib/ddtrace/version.rb +2 -4
  690. data/lib/ddtrace.rb +1 -5
  691. metadata +26 -13
  692. data/ext/ddtrace_profiling_native_extension/collectors_cpu_and_wall_time.h +0 -9
  693. data/lib/datadog/appsec/assets/waf_rules/risky.json +0 -1499
  694. data/lib/datadog/appsec/contrib/rack/request.rb +0 -78
  695. data/lib/datadog/appsec/contrib/rack/response.rb +0 -24
@@ -1,1499 +0,0 @@
1
- {
2
- "version": "2.2",
3
- "metadata": {
4
- "rules_version": "1.4.3"
5
- },
6
- "rules": [
7
- {
8
- "id": "crs-921-130",
9
- "name": "HTTP Response Splitting Attack",
10
- "tags": {
11
- "type": "http_protocol_violation",
12
- "crs_id": "921130",
13
- "category": "attack_attempt"
14
- },
15
- "conditions": [
16
- {
17
- "parameters": {
18
- "inputs": [
19
- {
20
- "address": "server.request.query"
21
- },
22
- {
23
- "address": "server.request.body"
24
- },
25
- {
26
- "address": "server.request.path_params"
27
- }
28
- ],
29
- "regex": "(?:\\bhttp/\\d|<(?:html|meta)\\b)",
30
- "options": {
31
- "case_sensitive": true,
32
- "min_length": 5
33
- }
34
- },
35
- "operator": "match_regex"
36
- }
37
- ],
38
- "transformers": [
39
- "lowercase"
40
- ]
41
- },
42
- {
43
- "id": "crs-930-121",
44
- "name": "OS File Access Attempt",
45
- "tags": {
46
- "type": "lfi",
47
- "crs_id": "930121",
48
- "category": "attack_attempt"
49
- },
50
- "conditions": [
51
- {
52
- "parameters": {
53
- "inputs": [
54
- {
55
- "address": "server.request.query"
56
- }
57
- ],
58
- "list": [
59
- "/.htaccess",
60
- "/.htdigest",
61
- "/.htpasswd",
62
- "/.addressbook",
63
- ".aptitude/config",
64
- "/.bash_config",
65
- "/.bash_history",
66
- "/.bash_logout",
67
- "/.bash_profile",
68
- "/.bashrc",
69
- ".cache/notify-osd.log",
70
- ".config/odesk/odesk team.conf",
71
- "/.cshrc",
72
- "/.dockerignore",
73
- ".drush/",
74
- "/.eslintignore",
75
- "/.fbcindex",
76
- "/.forward",
77
- "/.gitattributes",
78
- "/.gitconfig",
79
- ".gnupg/",
80
- ".hplip/hplip.conf",
81
- "/.ksh_history",
82
- "/.lesshst",
83
- ".lftp/",
84
- "/.lhistory",
85
- "/.lldb-history",
86
- ".local/share/mc/",
87
- "/.lynx_cookies",
88
- "/.my.cnf",
89
- "/.mysql_history",
90
- "/.nano_history",
91
- "/.node_repl_history",
92
- "/.nsr",
93
- "/.pearrc",
94
- "/.php_history",
95
- "/.pinerc",
96
- ".pki/",
97
- "/.proclog",
98
- "/.procmailrc",
99
- "/.profile",
100
- "/.psql_history",
101
- "/.python_history",
102
- "/.rediscli_history",
103
- "/.rhistory",
104
- "/.rhosts",
105
- "/.sh_history",
106
- "/.sqlite_history",
107
- ".ssh/authorized_keys",
108
- ".ssh/config",
109
- ".ssh/id_dsa",
110
- ".ssh/id_dsa.pub",
111
- ".ssh/id_rsa",
112
- ".ssh/id_rsa.pub",
113
- ".ssh/identity",
114
- ".ssh/identity.pub",
115
- ".ssh/known_hosts",
116
- ".subversion/auth",
117
- ".subversion/config",
118
- ".subversion/servers",
119
- ".tconn/tconn.conf",
120
- "/.tcshrc",
121
- ".vidalia/vidalia.conf",
122
- "/.viminfo",
123
- "/.vimrc",
124
- "/.www_acl",
125
- "/.wwwacl",
126
- "/.xauthority",
127
- "/.zhistory",
128
- "/.zshrc",
129
- "/.zsh_history",
130
- "/.nsconfig",
131
- "etc/redis.conf",
132
- "etc/redis-sentinel.conf",
133
- "etc/php.ini",
134
- "bin/php.ini",
135
- "etc/httpd/php.ini",
136
- "usr/lib/php.ini",
137
- "usr/lib/php/php.ini",
138
- "usr/local/etc/php.ini",
139
- "usr/local/lib/php.ini",
140
- "usr/local/php/lib/php.ini",
141
- "usr/local/php4/lib/php.ini",
142
- "usr/local/php5/lib/php.ini",
143
- "usr/local/apache/conf/php.ini",
144
- "etc/php4.4/fcgi/php.ini",
145
- "etc/php4/apache/php.ini",
146
- "etc/php4/apache2/php.ini",
147
- "etc/php5/apache/php.ini",
148
- "etc/php5/apache2/php.ini",
149
- "etc/php/php.ini",
150
- "etc/php/php4/php.ini",
151
- "etc/php/apache/php.ini",
152
- "etc/php/apache2/php.ini",
153
- "web/conf/php.ini",
154
- "usr/local/zend/etc/php.ini",
155
- "opt/xampp/etc/php.ini",
156
- "var/local/www/conf/php.ini",
157
- "etc/php/cgi/php.ini",
158
- "etc/php4/cgi/php.ini",
159
- "etc/php5/cgi/php.ini",
160
- "home2/bin/stable/apache/php.ini",
161
- "home/bin/stable/apache/php.ini",
162
- "etc/httpd/conf.d/php.conf",
163
- "php5/php.ini",
164
- "php4/php.ini",
165
- "php/php.ini",
166
- "windows/php.ini",
167
- "winnt/php.ini",
168
- "apache/php/php.ini",
169
- "xampp/apache/bin/php.ini",
170
- "netserver/bin/stable/apache/php.ini",
171
- "volumes/macintosh_hd1/usr/local/php/lib/php.ini",
172
- "etc/mono/1.0/machine.config",
173
- "etc/mono/2.0/machine.config",
174
- "etc/mono/2.0/web.config",
175
- "etc/mono/config",
176
- "usr/local/cpanel/logs/stats_log",
177
- "usr/local/cpanel/logs/access_log",
178
- "usr/local/cpanel/logs/error_log",
179
- "usr/local/cpanel/logs/license_log",
180
- "usr/local/cpanel/logs/login_log",
181
- "var/cpanel/cpanel.config",
182
- "var/log/sw-cp-server/error_log",
183
- "usr/local/psa/admin/logs/httpsd_access_log",
184
- "usr/local/psa/admin/logs/panel.log",
185
- "var/log/sso/sso.log",
186
- "usr/local/psa/admin/conf/php.ini",
187
- "etc/sw-cp-server/applications.d/plesk.conf",
188
- "usr/local/psa/admin/conf/site_isolation_settings.ini",
189
- "usr/local/sb/config",
190
- "etc/sw-cp-server/applications.d/00-sso-cpserver.conf",
191
- "etc/sso/sso_config.ini",
192
- "etc/mysql/conf.d/old_passwords.cnf",
193
- "var/log/mysql/mysql-bin.log",
194
- "var/log/mysql/mysql-bin.index",
195
- "var/log/mysql/data/mysql-bin.index",
196
- "var/log/mysql.log",
197
- "var/log/mysql.err",
198
- "var/log/mysqlderror.log",
199
- "var/log/mysql/mysql.log",
200
- "var/log/mysql/mysql-slow.log",
201
- "var/log/mysql-bin.index",
202
- "var/log/data/mysql-bin.index",
203
- "var/mysql.log",
204
- "var/mysql-bin.index",
205
- "var/data/mysql-bin.index",
206
- "program files/mysql/mysql server 5.0/data/{host}.err",
207
- "program files/mysql/mysql server 5.0/data/mysql.log",
208
- "program files/mysql/mysql server 5.0/data/mysql.err",
209
- "program files/mysql/mysql server 5.0/data/mysql-bin.log",
210
- "program files/mysql/mysql server 5.0/data/mysql-bin.index",
211
- "program files/mysql/data/{host}.err",
212
- "program files/mysql/data/mysql.log",
213
- "program files/mysql/data/mysql.err",
214
- "program files/mysql/data/mysql-bin.log",
215
- "program files/mysql/data/mysql-bin.index",
216
- "mysql/data/{host}.err",
217
- "mysql/data/mysql.log",
218
- "mysql/data/mysql.err",
219
- "mysql/data/mysql-bin.log",
220
- "mysql/data/mysql-bin.index",
221
- "usr/local/mysql/data/mysql.log",
222
- "usr/local/mysql/data/mysql.err",
223
- "usr/local/mysql/data/mysql-bin.log",
224
- "usr/local/mysql/data/mysql-slow.log",
225
- "usr/local/mysql/data/mysqlderror.log",
226
- "usr/local/mysql/data/{host}.err",
227
- "usr/local/mysql/data/mysql-bin.index",
228
- "var/lib/mysql/my.cnf",
229
- "etc/mysql/my.cnf",
230
- "etc/my.cnf",
231
- "program files/mysql/mysql server 5.0/my.ini",
232
- "program files/mysql/mysql server 5.0/my.cnf",
233
- "program files/mysql/my.ini",
234
- "program files/mysql/my.cnf",
235
- "mysql/my.ini",
236
- "mysql/my.cnf",
237
- "mysql/bin/my.ini",
238
- "var/postgresql/log/postgresql.log",
239
- "var/log/postgresql/postgresql.log",
240
- "var/log/postgres/pg_backup.log",
241
- "var/log/postgres/postgres.log",
242
- "var/log/postgresql.log",
243
- "var/log/pgsql/pgsql.log",
244
- "var/log/postgresql/postgresql-8.1-main.log",
245
- "var/log/postgresql/postgresql-8.3-main.log",
246
- "var/log/postgresql/postgresql-8.4-main.log",
247
- "var/log/postgresql/postgresql-9.0-main.log",
248
- "var/log/postgresql/postgresql-9.1-main.log",
249
- "var/log/pgsql8.log",
250
- "var/log/postgresql/postgres.log",
251
- "var/log/pgsql_log",
252
- "var/log/postgresql/main.log",
253
- "var/log/cron/var/log/postgres.log",
254
- "usr/internet/pgsql/data/postmaster.log",
255
- "usr/local/pgsql/data/postgresql.log",
256
- "usr/local/pgsql/data/pg_log",
257
- "postgresql/log/pgadmin.log",
258
- "var/lib/pgsql/data/postgresql.conf",
259
- "var/postgresql/db/postgresql.conf",
260
- "var/nm2/postgresql.conf",
261
- "usr/local/pgsql/data/postgresql.conf",
262
- "usr/local/pgsql/data/pg_hba.conf",
263
- "usr/internet/pgsql/data/pg_hba.conf",
264
- "usr/local/pgsql/data/passwd",
265
- "usr/local/pgsql/bin/pg_passwd",
266
- "etc/postgresql/postgresql.conf",
267
- "etc/postgresql/pg_hba.conf",
268
- "home/postgres/data/postgresql.conf",
269
- "home/postgres/data/pg_version",
270
- "home/postgres/data/pg_ident.conf",
271
- "home/postgres/data/pg_hba.conf",
272
- "program files/postgresql/8.3/data/pg_hba.conf",
273
- "program files/postgresql/8.3/data/pg_ident.conf",
274
- "program files/postgresql/8.3/data/postgresql.conf",
275
- "program files/postgresql/8.4/data/pg_hba.conf",
276
- "program files/postgresql/8.4/data/pg_ident.conf",
277
- "program files/postgresql/8.4/data/postgresql.conf",
278
- "program files/postgresql/9.0/data/pg_hba.conf",
279
- "program files/postgresql/9.0/data/pg_ident.conf",
280
- "program files/postgresql/9.0/data/postgresql.conf",
281
- "program files/postgresql/9.1/data/pg_hba.conf",
282
- "program files/postgresql/9.1/data/pg_ident.conf",
283
- "program files/postgresql/9.1/data/postgresql.conf",
284
- "wamp/logs/access.log",
285
- "wamp/logs/apache_error.log",
286
- "wamp/logs/genquery.log",
287
- "wamp/logs/mysql.log",
288
- "wamp/logs/slowquery.log",
289
- "wamp/bin/apache/apache2.2.22/logs/access.log",
290
- "wamp/bin/apache/apache2.2.22/logs/error.log",
291
- "wamp/bin/apache/apache2.2.21/logs/access.log",
292
- "wamp/bin/apache/apache2.2.21/logs/error.log",
293
- "wamp/bin/mysql/mysql5.5.24/data/mysql-bin.index",
294
- "wamp/bin/mysql/mysql5.5.16/data/mysql-bin.index",
295
- "wamp/bin/apache/apache2.2.21/conf/httpd.conf",
296
- "wamp/bin/apache/apache2.2.22/conf/httpd.conf",
297
- "wamp/bin/apache/apache2.2.21/wampserver.conf",
298
- "wamp/bin/apache/apache2.2.22/wampserver.conf",
299
- "wamp/bin/apache/apache2.2.22/conf/wampserver.conf",
300
- "wamp/bin/mysql/mysql5.5.24/my.ini",
301
- "wamp/bin/mysql/mysql5.5.24/wampserver.conf",
302
- "wamp/bin/mysql/mysql5.5.16/my.ini",
303
- "wamp/bin/mysql/mysql5.5.16/wampserver.conf",
304
- "wamp/bin/php/php5.3.8/php.ini",
305
- "wamp/bin/php/php5.4.3/php.ini",
306
- "xampp/apache/logs/access.log",
307
- "xampp/apache/logs/error.log",
308
- "xampp/mysql/data/mysql-bin.index",
309
- "xampp/mysql/data/mysql.err",
310
- "xampp/mysql/data/{host}.err",
311
- "xampp/sendmail/sendmail.log",
312
- "xampp/apache/conf/httpd.conf",
313
- "xampp/filezillaftp/filezilla server.xml",
314
- "xampp/mercurymail/mercury.ini",
315
- "xampp/php/php.ini",
316
- "xampp/phpmyadmin/config.inc.php",
317
- "xampp/sendmail/sendmail.ini",
318
- "xampp/webalizer/webalizer.conf",
319
- "opt/lampp/etc/httpd.conf",
320
- "xampp/htdocs/aca.txt",
321
- "xampp/htdocs/admin.php",
322
- "xampp/htdocs/leer.txt",
323
- "usr/local/apache/logs/audit_log",
324
- "usr/local/apache2/logs/audit_log",
325
- "logs/security_debug_log",
326
- "logs/security_log",
327
- "usr/local/apache/conf/modsec.conf",
328
- "usr/local/apache2/conf/modsec.conf",
329
- "winnt/system32/logfiles/msftpsvc",
330
- "winnt/system32/logfiles/msftpsvc1",
331
- "winnt/system32/logfiles/msftpsvc2",
332
- "windows/system32/logfiles/msftpsvc",
333
- "windows/system32/logfiles/msftpsvc1",
334
- "windows/system32/logfiles/msftpsvc2",
335
- "etc/logrotate.d/proftpd",
336
- "www/logs/proftpd.system.log",
337
- "var/log/proftpd",
338
- "var/log/proftpd/xferlog.legacy",
339
- "var/log/proftpd.access_log",
340
- "var/log/proftpd.xferlog",
341
- "etc/pam.d/proftpd",
342
- "etc/proftp.conf",
343
- "etc/protpd/proftpd.conf",
344
- "etc/vhcs2/proftpd/proftpd.conf",
345
- "etc/proftpd/modules.conf",
346
- "var/log/vsftpd.log",
347
- "etc/vsftpd.chroot_list",
348
- "etc/logrotate.d/vsftpd.log",
349
- "etc/vsftpd/vsftpd.conf",
350
- "etc/vsftpd.conf",
351
- "etc/chrootusers",
352
- "var/log/xferlog",
353
- "var/adm/log/xferlog",
354
- "etc/wu-ftpd/ftpaccess",
355
- "etc/wu-ftpd/ftphosts",
356
- "etc/wu-ftpd/ftpusers",
357
- "var/log/pure-ftpd/pure-ftpd.log",
358
- "logs/pure-ftpd.log",
359
- "var/log/pureftpd.log",
360
- "usr/sbin/pure-config.pl",
361
- "usr/etc/pure-ftpd.conf",
362
- "etc/pure-ftpd/pure-ftpd.conf",
363
- "usr/local/etc/pure-ftpd.conf",
364
- "usr/local/etc/pureftpd.pdb",
365
- "usr/local/pureftpd/etc/pureftpd.pdb",
366
- "usr/local/pureftpd/sbin/pure-config.pl",
367
- "usr/local/pureftpd/etc/pure-ftpd.conf",
368
- "etc/pure-ftpd.conf",
369
- "etc/pure-ftpd/pure-ftpd.pdb",
370
- "etc/pureftpd.pdb",
371
- "etc/pureftpd.passwd",
372
- "etc/pure-ftpd/pureftpd.pdb",
373
- "usr/ports/ftp/pure-ftpd/pure-ftpd.conf",
374
- "usr/ports/ftp/pure-ftpd/pureftpd.pdb",
375
- "usr/ports/ftp/pure-ftpd/pureftpd.passwd",
376
- "usr/ports/net/pure-ftpd/pure-ftpd.conf",
377
- "usr/ports/net/pure-ftpd/pureftpd.pdb",
378
- "usr/ports/net/pure-ftpd/pureftpd.passwd",
379
- "usr/pkgsrc/net/pureftpd/pure-ftpd.conf",
380
- "usr/pkgsrc/net/pureftpd/pureftpd.pdb",
381
- "usr/pkgsrc/net/pureftpd/pureftpd.passwd",
382
- "usr/ports/contrib/pure-ftpd/pure-ftpd.conf",
383
- "usr/ports/contrib/pure-ftpd/pureftpd.pdb",
384
- "usr/ports/contrib/pure-ftpd/pureftpd.passwd",
385
- "var/log/muddleftpd",
386
- "usr/sbin/mudlogd",
387
- "etc/muddleftpd/mudlog",
388
- "etc/muddleftpd.com",
389
- "etc/muddleftpd/mudlogd.conf",
390
- "etc/muddleftpd/muddleftpd.conf",
391
- "var/log/muddleftpd.conf",
392
- "usr/sbin/mudpasswd",
393
- "etc/muddleftpd/muddleftpd.passwd",
394
- "etc/muddleftpd/passwd",
395
- "var/log/ftp-proxy/ftp-proxy.log",
396
- "var/log/ftp-proxy",
397
- "var/log/ftplog",
398
- "etc/logrotate.d/ftp",
399
- "etc/ftpchroot",
400
- "etc/ftphosts",
401
- "etc/ftpusers",
402
- "var/log/exim_mainlog",
403
- "var/log/exim/mainlog",
404
- "var/log/maillog",
405
- "var/log/exim_paniclog",
406
- "var/log/exim/paniclog",
407
- "var/log/exim/rejectlog",
408
- "var/log/exim_rejectlog",
409
- "winnt/system32/logfiles/smtpsvc",
410
- "winnt/system32/logfiles/smtpsvc1",
411
- "winnt/system32/logfiles/smtpsvc2",
412
- "winnt/system32/logfiles/smtpsvc3",
413
- "winnt/system32/logfiles/smtpsvc4",
414
- "winnt/system32/logfiles/smtpsvc5",
415
- "windows/system32/logfiles/smtpsvc",
416
- "windows/system32/logfiles/smtpsvc1",
417
- "windows/system32/logfiles/smtpsvc2",
418
- "windows/system32/logfiles/smtpsvc3",
419
- "windows/system32/logfiles/smtpsvc4",
420
- "windows/system32/logfiles/smtpsvc5",
421
- "etc/osxhttpd/osxhttpd.conf",
422
- "system/library/webobjects/adaptors/apache2.2/apache.conf",
423
- "etc/apache2/sites-available/default",
424
- "etc/apache2/sites-available/default-ssl",
425
- "etc/apache2/sites-enabled/000-default",
426
- "etc/apache2/sites-enabled/default",
427
- "etc/apache2/apache2.conf",
428
- "etc/apache2/ports.conf",
429
- "usr/local/etc/apache/httpd.conf",
430
- "usr/pkg/etc/httpd/httpd.conf",
431
- "usr/pkg/etc/httpd/httpd-default.conf",
432
- "usr/pkg/etc/httpd/httpd-vhosts.conf",
433
- "etc/httpd/mod_php.conf",
434
- "etc/httpd/extra/httpd-ssl.conf",
435
- "etc/rc.d/rc.httpd",
436
- "usr/local/apache/conf/httpd.conf.default",
437
- "usr/local/apache/conf/access.conf",
438
- "usr/local/apache22/conf/httpd.conf",
439
- "usr/local/apache22/httpd.conf",
440
- "usr/local/etc/apache22/conf/httpd.conf",
441
- "usr/local/apps/apache22/conf/httpd.conf",
442
- "etc/apache22/conf/httpd.conf",
443
- "etc/apache22/httpd.conf",
444
- "opt/apache22/conf/httpd.conf",
445
- "usr/local/etc/apache2/vhosts.conf",
446
- "usr/local/apache/conf/vhosts.conf",
447
- "usr/local/apache2/conf/vhosts.conf",
448
- "usr/local/apache/conf/vhosts-custom.conf",
449
- "usr/local/apache2/conf/vhosts-custom.conf",
450
- "etc/apache/default-server.conf",
451
- "etc/apache2/default-server.conf",
452
- "usr/local/apache2/conf/extra/httpd-ssl.conf",
453
- "usr/local/apache2/conf/ssl.conf",
454
- "etc/httpd/conf.d",
455
- "usr/local/etc/apache22/httpd.conf",
456
- "usr/local/etc/apache2/httpd.conf",
457
- "etc/apache2/httpd2.conf",
458
- "etc/apache2/ssl-global.conf",
459
- "etc/apache2/vhosts.d/00_default_vhost.conf",
460
- "apache/conf/httpd.conf",
461
- "etc/apache/httpd.conf",
462
- "etc/httpd/conf",
463
- "http/httpd.conf",
464
- "usr/local/apache1.3/conf/httpd.conf",
465
- "usr/local/etc/httpd/conf",
466
- "var/apache/conf/httpd.conf",
467
- "var/www/conf",
468
- "www/apache/conf/httpd.conf",
469
- "www/conf/httpd.conf",
470
- "etc/init.d",
471
- "etc/apache/access.conf",
472
- "etc/rc.conf",
473
- "www/logs/freebsddiary-error.log",
474
- "www/logs/freebsddiary-access_log",
475
- "library/webserver/documents/index.html",
476
- "library/webserver/documents/index.htm",
477
- "library/webserver/documents/default.html",
478
- "library/webserver/documents/default.htm",
479
- "library/webserver/documents/index.php",
480
- "library/webserver/documents/default.php",
481
- "var/log/webmin/miniserv.log",
482
- "usr/local/etc/webmin/miniserv.conf",
483
- "etc/webmin/miniserv.conf",
484
- "usr/local/etc/webmin/miniserv.users",
485
- "etc/webmin/miniserv.users",
486
- "winnt/system32/logfiles/w3svc/inetsvn1.log",
487
- "winnt/system32/logfiles/w3svc1/inetsvn1.log",
488
- "winnt/system32/logfiles/w3svc2/inetsvn1.log",
489
- "winnt/system32/logfiles/w3svc3/inetsvn1.log",
490
- "windows/system32/logfiles/w3svc/inetsvn1.log",
491
- "windows/system32/logfiles/w3svc1/inetsvn1.log",
492
- "windows/system32/logfiles/w3svc2/inetsvn1.log",
493
- "windows/system32/logfiles/w3svc3/inetsvn1.log",
494
- "var/log/httpd/access_log",
495
- "var/log/httpd/error_log",
496
- "apache/logs/error.log",
497
- "apache/logs/access.log",
498
- "apache2/logs/error.log",
499
- "apache2/logs/access.log",
500
- "logs/error.log",
501
- "logs/access.log",
502
- "etc/httpd/logs/access_log",
503
- "etc/httpd/logs/access.log",
504
- "etc/httpd/logs/error_log",
505
- "etc/httpd/logs/error.log",
506
- "usr/local/apache/logs/access_log",
507
- "usr/local/apache/logs/access.log",
508
- "usr/local/apache/logs/error_log",
509
- "usr/local/apache/logs/error.log",
510
- "usr/local/apache2/logs/access_log",
511
- "usr/local/apache2/logs/access.log",
512
- "usr/local/apache2/logs/error_log",
513
- "usr/local/apache2/logs/error.log",
514
- "var/www/logs/access_log",
515
- "var/www/logs/access.log",
516
- "var/www/logs/error_log",
517
- "var/www/logs/error.log",
518
- "var/log/httpd/access.log",
519
- "var/log/httpd/error.log",
520
- "var/log/apache/access_log",
521
- "var/log/apache/access.log",
522
- "var/log/apache/error_log",
523
- "var/log/apache/error.log",
524
- "var/log/apache2/access_log",
525
- "var/log/apache2/access.log",
526
- "var/log/apache2/error_log",
527
- "var/log/apache2/error.log",
528
- "var/log/access_log",
529
- "var/log/access.log",
530
- "var/log/error_log",
531
- "var/log/error.log",
532
- "opt/lampp/logs/access_log",
533
- "opt/lampp/logs/error_log",
534
- "opt/xampp/logs/access_log",
535
- "opt/xampp/logs/error_log",
536
- "opt/lampp/logs/access.log",
537
- "opt/lampp/logs/error.log",
538
- "opt/xampp/logs/access.log",
539
- "opt/xampp/logs/error.log",
540
- "program files/apache group/apache/logs/access.log",
541
- "program files/apache group/apache/logs/error.log",
542
- "program files/apache software foundation/apache2.2/logs/error.log",
543
- "program files/apache software foundation/apache2.2/logs/access.log",
544
- "opt/apache/apache.conf",
545
- "opt/apache/conf/apache.conf",
546
- "opt/apache2/apache.conf",
547
- "opt/apache2/conf/apache.conf",
548
- "opt/httpd/apache.conf",
549
- "opt/httpd/conf/apache.conf",
550
- "etc/httpd/apache.conf",
551
- "etc/apache2/apache.conf",
552
- "etc/httpd/conf/apache.conf",
553
- "usr/local/apache/apache.conf",
554
- "usr/local/apache/conf/apache.conf",
555
- "usr/local/apache2/apache.conf",
556
- "usr/local/apache2/conf/apache.conf",
557
- "usr/local/php/apache.conf.php",
558
- "usr/local/php4/apache.conf.php",
559
- "usr/local/php5/apache.conf.php",
560
- "usr/local/php/apache.conf",
561
- "usr/local/php4/apache.conf",
562
- "usr/local/php5/apache.conf",
563
- "private/etc/httpd/apache.conf",
564
- "opt/apache/apache2.conf",
565
- "opt/apache/conf/apache2.conf",
566
- "opt/apache2/apache2.conf",
567
- "opt/apache2/conf/apache2.conf",
568
- "opt/httpd/apache2.conf",
569
- "opt/httpd/conf/apache2.conf",
570
- "etc/httpd/apache2.conf",
571
- "etc/httpd/conf/apache2.conf",
572
- "usr/local/apache/apache2.conf",
573
- "usr/local/apache/conf/apache2.conf",
574
- "usr/local/apache2/apache2.conf",
575
- "usr/local/apache2/conf/apache2.conf",
576
- "usr/local/php/apache2.conf.php",
577
- "usr/local/php4/apache2.conf.php",
578
- "usr/local/php5/apache2.conf.php",
579
- "usr/local/php/apache2.conf",
580
- "usr/local/php4/apache2.conf",
581
- "usr/local/php5/apache2.conf",
582
- "private/etc/httpd/apache2.conf",
583
- "usr/local/apache/conf/httpd.conf",
584
- "usr/local/apache2/conf/httpd.conf",
585
- "etc/httpd/conf/httpd.conf",
586
- "etc/apache/apache.conf",
587
- "etc/apache/conf/httpd.conf",
588
- "etc/apache2/httpd.conf",
589
- "usr/apache2/conf/httpd.conf",
590
- "usr/apache/conf/httpd.conf",
591
- "usr/local/etc/apache/conf/httpd.conf",
592
- "usr/local/apache/httpd.conf",
593
- "usr/local/apache2/httpd.conf",
594
- "usr/local/httpd/conf/httpd.conf",
595
- "usr/local/etc/apache2/conf/httpd.conf",
596
- "usr/local/etc/httpd/conf/httpd.conf",
597
- "usr/local/apps/apache2/conf/httpd.conf",
598
- "usr/local/apps/apache/conf/httpd.conf",
599
- "usr/local/php/httpd.conf.php",
600
- "usr/local/php4/httpd.conf.php",
601
- "usr/local/php5/httpd.conf.php",
602
- "usr/local/php/httpd.conf",
603
- "usr/local/php4/httpd.conf",
604
- "usr/local/php5/httpd.conf",
605
- "etc/apache2/conf/httpd.conf",
606
- "etc/http/conf/httpd.conf",
607
- "etc/httpd/httpd.conf",
608
- "etc/http/httpd.conf",
609
- "etc/httpd.conf",
610
- "opt/apache/conf/httpd.conf",
611
- "opt/apache2/conf/httpd.conf",
612
- "var/www/conf/httpd.conf",
613
- "private/etc/httpd/httpd.conf",
614
- "private/etc/httpd/httpd.conf.default",
615
- "etc/apache2/vhosts.d/default_vhost.include",
616
- "etc/apache2/conf.d/charset",
617
- "etc/apache2/conf.d/security",
618
- "etc/apache2/envvars",
619
- "etc/apache2/mods-available/autoindex.conf",
620
- "etc/apache2/mods-available/deflate.conf",
621
- "etc/apache2/mods-available/dir.conf",
622
- "etc/apache2/mods-available/mem_cache.conf",
623
- "etc/apache2/mods-available/mime.conf",
624
- "etc/apache2/mods-available/proxy.conf",
625
- "etc/apache2/mods-available/setenvif.conf",
626
- "etc/apache2/mods-available/ssl.conf",
627
- "etc/apache2/mods-enabled/alias.conf",
628
- "etc/apache2/mods-enabled/deflate.conf",
629
- "etc/apache2/mods-enabled/dir.conf",
630
- "etc/apache2/mods-enabled/mime.conf",
631
- "etc/apache2/mods-enabled/negotiation.conf",
632
- "etc/apache2/mods-enabled/php5.conf",
633
- "etc/apache2/mods-enabled/status.conf",
634
- "program files/apache group/apache/conf/httpd.conf",
635
- "program files/apache group/apache2/conf/httpd.conf",
636
- "program files/xampp/apache/conf/apache.conf",
637
- "program files/xampp/apache/conf/apache2.conf",
638
- "program files/xampp/apache/conf/httpd.conf",
639
- "program files/apache group/apache/apache.conf",
640
- "program files/apache group/apache/conf/apache.conf",
641
- "program files/apache group/apache2/conf/apache.conf",
642
- "program files/apache group/apache/apache2.conf",
643
- "program files/apache group/apache/conf/apache2.conf",
644
- "program files/apache group/apache2/conf/apache2.conf",
645
- "program files/apache software foundation/apache2.2/conf/httpd.conf",
646
- "volumes/macintosh_hd1/opt/httpd/conf/httpd.conf",
647
- "volumes/macintosh_hd1/opt/apache/conf/httpd.conf",
648
- "volumes/macintosh_hd1/opt/apache2/conf/httpd.conf",
649
- "volumes/macintosh_hd1/usr/local/php/httpd.conf.php",
650
- "volumes/macintosh_hd1/usr/local/php4/httpd.conf.php",
651
- "volumes/macintosh_hd1/usr/local/php5/httpd.conf.php",
652
- "volumes/webbackup/opt/apache2/conf/httpd.conf",
653
- "volumes/webbackup/private/etc/httpd/httpd.conf",
654
- "volumes/webbackup/private/etc/httpd/httpd.conf.default",
655
- "usr/local/etc/apache/vhosts.conf",
656
- "usr/local/jakarta/tomcat/conf/jakarta.conf",
657
- "usr/local/jakarta/tomcat/conf/server.xml",
658
- "usr/local/jakarta/tomcat/conf/context.xml",
659
- "usr/local/jakarta/tomcat/conf/workers.properties",
660
- "usr/local/jakarta/tomcat/conf/logging.properties",
661
- "usr/local/jakarta/dist/tomcat/conf/jakarta.conf",
662
- "usr/local/jakarta/dist/tomcat/conf/server.xml",
663
- "usr/local/jakarta/dist/tomcat/conf/context.xml",
664
- "usr/local/jakarta/dist/tomcat/conf/workers.properties",
665
- "usr/local/jakarta/dist/tomcat/conf/logging.properties",
666
- "usr/share/tomcat6/conf/server.xml",
667
- "usr/share/tomcat6/conf/context.xml",
668
- "usr/share/tomcat6/conf/workers.properties",
669
- "usr/share/tomcat6/conf/logging.properties",
670
- "var/log/tomcat6/catalina.out",
671
- "var/cpanel/tomcat.options",
672
- "usr/local/jakarta/tomcat/logs/catalina.out",
673
- "usr/local/jakarta/tomcat/logs/catalina.err",
674
- "opt/tomcat/logs/catalina.out",
675
- "opt/tomcat/logs/catalina.err",
676
- "usr/share/logs/catalina.out",
677
- "usr/share/logs/catalina.err",
678
- "usr/share/tomcat/logs/catalina.out",
679
- "usr/share/tomcat/logs/catalina.err",
680
- "usr/share/tomcat6/logs/catalina.out",
681
- "usr/share/tomcat6/logs/catalina.err",
682
- "usr/local/apache/logs/mod_jk.log",
683
- "usr/local/jakarta/tomcat/logs/mod_jk.log",
684
- "usr/local/jakarta/dist/tomcat/logs/mod_jk.log",
685
- "opt/[jboss]/server/default/conf/jboss-minimal.xml",
686
- "opt/[jboss]/server/default/conf/jboss-service.xml",
687
- "opt/[jboss]/server/default/conf/jndi.properties",
688
- "opt/[jboss]/server/default/conf/log4j.xml",
689
- "opt/[jboss]/server/default/conf/login-config.xml",
690
- "opt/[jboss]/server/default/conf/standardjaws.xml",
691
- "opt/[jboss]/server/default/conf/standardjboss.xml",
692
- "opt/[jboss]/server/default/conf/server.log.properties",
693
- "opt/[jboss]/server/default/deploy/jboss-logging.xml",
694
- "usr/local/[jboss]/server/default/conf/jboss-minimal.xml",
695
- "usr/local/[jboss]/server/default/conf/jboss-service.xml",
696
- "usr/local/[jboss]/server/default/conf/jndi.properties",
697
- "usr/local/[jboss]/server/default/conf/log4j.xml",
698
- "usr/local/[jboss]/server/default/conf/login-config.xml",
699
- "usr/local/[jboss]/server/default/conf/standardjaws.xml",
700
- "usr/local/[jboss]/server/default/conf/standardjboss.xml",
701
- "usr/local/[jboss]/server/default/conf/server.log.properties",
702
- "usr/local/[jboss]/server/default/deploy/jboss-logging.xml",
703
- "private/tmp/[jboss]/server/default/conf/jboss-minimal.xml",
704
- "private/tmp/[jboss]/server/default/conf/jboss-service.xml",
705
- "private/tmp/[jboss]/server/default/conf/jndi.properties",
706
- "private/tmp/[jboss]/server/default/conf/log4j.xml",
707
- "private/tmp/[jboss]/server/default/conf/login-config.xml",
708
- "private/tmp/[jboss]/server/default/conf/standardjaws.xml",
709
- "private/tmp/[jboss]/server/default/conf/standardjboss.xml",
710
- "private/tmp/[jboss]/server/default/conf/server.log.properties",
711
- "private/tmp/[jboss]/server/default/deploy/jboss-logging.xml",
712
- "tmp/[jboss]/server/default/conf/jboss-minimal.xml",
713
- "tmp/[jboss]/server/default/conf/jboss-service.xml",
714
- "tmp/[jboss]/server/default/conf/jndi.properties",
715
- "tmp/[jboss]/server/default/conf/log4j.xml",
716
- "tmp/[jboss]/server/default/conf/login-config.xml",
717
- "tmp/[jboss]/server/default/conf/standardjaws.xml",
718
- "tmp/[jboss]/server/default/conf/standardjboss.xml",
719
- "tmp/[jboss]/server/default/conf/server.log.properties",
720
- "tmp/[jboss]/server/default/deploy/jboss-logging.xml",
721
- "program files/[jboss]/server/default/conf/jboss-minimal.xml",
722
- "program files/[jboss]/server/default/conf/jboss-service.xml",
723
- "program files/[jboss]/server/default/conf/jndi.properties",
724
- "program files/[jboss]/server/default/conf/log4j.xml",
725
- "program files/[jboss]/server/default/conf/login-config.xml",
726
- "program files/[jboss]/server/default/conf/standardjaws.xml",
727
- "program files/[jboss]/server/default/conf/standardjboss.xml",
728
- "program files/[jboss]/server/default/conf/server.log.properties",
729
- "program files/[jboss]/server/default/deploy/jboss-logging.xml",
730
- "[jboss]/server/default/conf/jboss-minimal.xml",
731
- "[jboss]/server/default/conf/jboss-service.xml",
732
- "[jboss]/server/default/conf/jndi.properties",
733
- "[jboss]/server/default/conf/log4j.xml",
734
- "[jboss]/server/default/conf/login-config.xml",
735
- "[jboss]/server/default/conf/standardjaws.xml",
736
- "[jboss]/server/default/conf/standardjboss.xml",
737
- "[jboss]/server/default/conf/server.log.properties",
738
- "[jboss]/server/default/deploy/jboss-logging.xml",
739
- "opt/[jboss]/server/default/log/server.log",
740
- "opt/[jboss]/server/default/log/boot.log",
741
- "usr/local/[jboss]/server/default/log/server.log",
742
- "usr/local/[jboss]/server/default/log/boot.log",
743
- "private/tmp/[jboss]/server/default/log/server.log",
744
- "private/tmp/[jboss]/server/default/log/boot.log",
745
- "tmp/[jboss]/server/default/log/server.log",
746
- "tmp/[jboss]/server/default/log/boot.log",
747
- "program files/[jboss]/server/default/log/server.log",
748
- "program files/[jboss]/server/default/log/boot.log",
749
- "[jboss]/server/default/log/server.log",
750
- "[jboss]/server/default/log/boot.log",
751
- "var/log/lighttpd.error.log",
752
- "var/log/lighttpd.access.log",
753
- "var/lighttpd.log",
754
- "var/logs/access.log",
755
- "var/log/lighttpd/",
756
- "var/log/lighttpd/error.log",
757
- "var/log/lighttpd/access.www.log",
758
- "var/log/lighttpd/error.www.log",
759
- "var/log/lighttpd/access.log",
760
- "usr/local/apache2/logs/lighttpd.error.log",
761
- "usr/local/apache2/logs/lighttpd.log",
762
- "usr/local/apache/logs/lighttpd.error.log",
763
- "usr/local/apache/logs/lighttpd.log",
764
- "usr/local/lighttpd/log/lighttpd.error.log",
765
- "usr/local/lighttpd/log/access.log",
766
- "var/log/lighttpd/{domain}/access.log",
767
- "var/log/lighttpd/{domain}/error.log",
768
- "usr/home/user/var/log/lighttpd.error.log",
769
- "usr/home/user/var/log/apache.log",
770
- "home/user/lighttpd/lighttpd.conf",
771
- "usr/home/user/lighttpd/lighttpd.conf",
772
- "etc/lighttpd/lighthttpd.conf",
773
- "usr/local/etc/lighttpd.conf",
774
- "usr/local/lighttpd/conf/lighttpd.conf",
775
- "usr/local/etc/lighttpd.conf.new",
776
- "var/www/.lighttpdpassword",
777
- "var/log/nginx/access_log",
778
- "var/log/nginx/error_log",
779
- "var/log/nginx/access.log",
780
- "var/log/nginx/error.log",
781
- "var/log/nginx.access_log",
782
- "var/log/nginx.error_log",
783
- "logs/access_log",
784
- "logs/error_log",
785
- "etc/nginx/nginx.conf",
786
- "usr/local/etc/nginx/nginx.conf",
787
- "usr/local/nginx/conf/nginx.conf",
788
- "usr/local/zeus/web/global.cfg",
789
- "usr/local/zeus/web/log/errors",
790
- "opt/lsws/conf/httpd_conf.xml",
791
- "usr/local/lsws/conf/httpd_conf.xml",
792
- "opt/lsws/logs/error.log",
793
- "opt/lsws/logs/access.log",
794
- "usr/local/lsws/logs/error.log",
795
- "usr/local/logs/access.log",
796
- "usr/local/samba/lib/log.user",
797
- "usr/local/logs/samba.log",
798
- "var/log/samba/log.smbd",
799
- "var/log/samba/log.nmbd",
800
- "var/log/samba.log",
801
- "var/log/samba.log1",
802
- "var/log/samba.log2",
803
- "var/log/log.smb",
804
- "etc/samba/netlogon",
805
- "etc/smbpasswd",
806
- "etc/smb.conf",
807
- "etc/samba/dhcp.conf",
808
- "etc/samba/smb.conf",
809
- "etc/samba/samba.conf",
810
- "etc/samba/smb.conf.user",
811
- "etc/samba/smbpasswd",
812
- "etc/samba/smbusers",
813
- "etc/samba/private/smbpasswd",
814
- "usr/local/etc/smb.conf",
815
- "usr/local/samba/lib/smb.conf.user",
816
- "etc/dhcp3/dhclient.conf",
817
- "etc/dhcp3/dhcpd.conf",
818
- "etc/dhcp/dhclient.conf",
819
- "program files/vidalia bundle/polipo/polipo.conf",
820
- "etc/tor/tor-tsocks.conf",
821
- "etc/stunnel/stunnel.conf",
822
- "etc/tsocks.conf",
823
- "etc/tinyproxy/tinyproxy.conf",
824
- "etc/miredo-server.conf",
825
- "etc/miredo.conf",
826
- "etc/miredo/miredo-server.conf",
827
- "etc/miredo/miredo.conf",
828
- "etc/wicd/dhclient.conf.template.default",
829
- "etc/wicd/manager-settings.conf",
830
- "etc/wicd/wired-settings.conf",
831
- "etc/wicd/wireless-settings.conf",
832
- "var/log/ipfw.log",
833
- "var/log/ipfw",
834
- "var/log/ipfw/ipfw.log",
835
- "var/log/ipfw.today",
836
- "etc/ipfw.rules",
837
- "etc/ipfw.conf",
838
- "etc/firewall.rules",
839
- "winnt/system32/logfiles/firewall/pfirewall.log",
840
- "winnt/system32/logfiles/firewall/pfirewall.log.old",
841
- "windows/system32/logfiles/firewall/pfirewall.log",
842
- "windows/system32/logfiles/firewall/pfirewall.log.old",
843
- "etc/clamav/clamd.conf",
844
- "etc/clamav/freshclam.conf",
845
- "etc/x11/xorg.conf",
846
- "etc/x11/xorg.conf-vesa",
847
- "etc/x11/xorg.conf-vmware",
848
- "etc/x11/xorg.conf.beforevmwaretoolsinstall",
849
- "etc/x11/xorg.conf.orig",
850
- "etc/bluetooth/input.conf",
851
- "etc/bluetooth/main.conf",
852
- "etc/bluetooth/network.conf",
853
- "etc/bluetooth/rfcomm.conf",
854
- "etc/bash_completion.d/debconf",
855
- "root/.bash_logout",
856
- "root/.bash_history",
857
- "root/.bash_config",
858
- "root/.bashrc",
859
- "etc/bash.bashrc",
860
- "var/adm/syslog",
861
- "var/adm/sulog",
862
- "var/adm/utmp",
863
- "var/adm/utmpx",
864
- "var/adm/wtmp",
865
- "var/adm/wtmpx",
866
- "var/adm/lastlog/username",
867
- "usr/spool/lp/log",
868
- "var/adm/lp/lpd-errs",
869
- "usr/lib/cron/log",
870
- "var/adm/loginlog",
871
- "var/adm/pacct",
872
- "var/adm/dtmp",
873
- "var/adm/acct/sum/loginlog",
874
- "var/adm/x0msgs",
875
- "var/adm/crash/vmcore",
876
- "var/adm/crash/unix",
877
- "etc/newsyslog.conf",
878
- "var/adm/qacct",
879
- "var/adm/ras/errlog",
880
- "var/adm/ras/bootlog",
881
- "var/adm/cron/log",
882
- "etc/utmp",
883
- "etc/security/lastlog",
884
- "etc/security/failedlogin",
885
- "usr/spool/mqueue/syslog",
886
- "var/adm/messages",
887
- "var/adm/aculogs",
888
- "var/adm/aculog",
889
- "var/adm/vold.log",
890
- "var/adm/log/asppp.log",
891
- "var/log/poplog",
892
- "var/log/authlog",
893
- "var/lp/logs/lpsched",
894
- "var/lp/logs/lpnet",
895
- "var/lp/logs/requests",
896
- "var/cron/log",
897
- "var/saf/_log",
898
- "var/saf/port/log",
899
- "var/log/news.all",
900
- "var/log/news/news.all",
901
- "var/log/news/news.crit",
902
- "var/log/news/news.err",
903
- "var/log/news/news.notice",
904
- "var/log/news/suck.err",
905
- "var/log/news/suck.notice",
906
- "var/log/messages",
907
- "var/log/messages.1",
908
- "var/log/user.log",
909
- "var/log/user.log.1",
910
- "var/log/auth.log",
911
- "var/log/pm-powersave.log",
912
- "var/log/xorg.0.log",
913
- "var/log/daemon.log",
914
- "var/log/daemon.log.1",
915
- "var/log/kern.log",
916
- "var/log/kern.log.1",
917
- "var/log/mail.err",
918
- "var/log/mail.info",
919
- "var/log/mail.warn",
920
- "var/log/ufw.log",
921
- "var/log/boot.log",
922
- "var/log/syslog",
923
- "var/log/syslog.1",
924
- "tmp/access.log",
925
- "etc/sensors.conf",
926
- "etc/sensors3.conf",
927
- "etc/host.conf",
928
- "etc/pam.conf",
929
- "etc/resolv.conf",
930
- "etc/apt/apt.conf",
931
- "etc/inetd.conf",
932
- "etc/syslog.conf",
933
- "etc/sysctl.conf",
934
- "etc/sysctl.d/10-console-messages.conf",
935
- "etc/sysctl.d/10-network-security.conf",
936
- "etc/sysctl.d/10-process-security.conf",
937
- "etc/sysctl.d/wine.sysctl.conf",
938
- "etc/security/access.conf",
939
- "etc/security/group.conf",
940
- "etc/security/limits.conf",
941
- "etc/security/namespace.conf",
942
- "etc/security/pam_env.conf",
943
- "etc/security/sepermit.conf",
944
- "etc/security/time.conf",
945
- "etc/ssh/sshd_config",
946
- "etc/adduser.conf",
947
- "etc/deluser.conf",
948
- "etc/avahi/avahi-daemon.conf",
949
- "etc/ca-certificates.conf",
950
- "etc/ca-certificates.conf.dpkg-old",
951
- "etc/casper.conf",
952
- "etc/chkrootkit.conf",
953
- "etc/debconf.conf",
954
- "etc/dns2tcpd.conf",
955
- "etc/e2fsck.conf",
956
- "etc/esound/esd.conf",
957
- "etc/etter.conf",
958
- "etc/fuse.conf",
959
- "etc/foremost.conf",
960
- "etc/hdparm.conf",
961
- "etc/kernel-img.conf",
962
- "etc/kernel-pkg.conf",
963
- "etc/ld.so.conf",
964
- "etc/ltrace.conf",
965
- "etc/mail/sendmail.conf",
966
- "etc/manpath.config",
967
- "etc/kbd/config",
968
- "etc/ldap/ldap.conf",
969
- "etc/logrotate.conf",
970
- "etc/mtools.conf",
971
- "etc/smi.conf",
972
- "etc/updatedb.conf",
973
- "etc/pulse/client.conf",
974
- "usr/share/adduser/adduser.conf",
975
- "etc/hostname",
976
- "etc/networks",
977
- "etc/timezone",
978
- "etc/modules",
979
- "etc/passwd",
980
- "etc/passwd~",
981
- "etc/passwd-",
982
- "etc/shadow",
983
- "etc/shadow~",
984
- "etc/shadow-",
985
- "etc/fstab",
986
- "etc/motd",
987
- "etc/hosts",
988
- "etc/group",
989
- "etc/group-",
990
- "etc/alias",
991
- "etc/crontab",
992
- "etc/crypttab",
993
- "etc/exports",
994
- "etc/mtab",
995
- "etc/hosts.allow",
996
- "etc/hosts.deny",
997
- "etc/os-release",
998
- "etc/password.master",
999
- "etc/profile",
1000
- "etc/default/grub",
1001
- "etc/resolvconf/update-libc.d/sendmail",
1002
- "etc/inittab",
1003
- "etc/issue",
1004
- "etc/issue.net",
1005
- "etc/login.defs",
1006
- "etc/sudoers",
1007
- "etc/sysconfig/network-scripts/ifcfg-eth0",
1008
- "etc/redhat-release",
1009
- "etc/debian_version",
1010
- "etc/fedora-release",
1011
- "etc/mandrake-release",
1012
- "etc/slackware-release",
1013
- "etc/suse-release",
1014
- "etc/security/group",
1015
- "etc/security/passwd",
1016
- "etc/security/user",
1017
- "etc/security/environ",
1018
- "etc/security/limits",
1019
- "etc/security/opasswd",
1020
- "boot/grub/grub.cfg",
1021
- "boot/grub/menu.lst",
1022
- "root/.ksh_history",
1023
- "root/.xauthority",
1024
- "usr/lib/security/mkuser.default",
1025
- "var/log/squirrelmail.log",
1026
- "var/log/apache2/squirrelmail.log",
1027
- "var/log/apache2/squirrelmail.err.log",
1028
- "var/lib/squirrelmail/prefs/squirrelmail.log",
1029
- "var/log/mail.log",
1030
- "etc/squirrelmail/apache.conf",
1031
- "etc/squirrelmail/config_local.php",
1032
- "etc/squirrelmail/default_pref",
1033
- "etc/squirrelmail/index.php",
1034
- "etc/squirrelmail/config_default.php",
1035
- "etc/squirrelmail/config.php",
1036
- "etc/squirrelmail/filters_setup.php",
1037
- "etc/squirrelmail/sqspell_config.php",
1038
- "etc/squirrelmail/config/config.php",
1039
- "etc/httpd/conf.d/squirrelmail.conf",
1040
- "usr/share/squirrelmail/config/config.php",
1041
- "private/etc/squirrelmail/config/config.php",
1042
- "srv/www/htdos/squirrelmail/config/config.php",
1043
- "var/www/squirrelmail/config/config.php",
1044
- "var/www/html/squirrelmail/config/config.php",
1045
- "var/www/html/squirrelmail-1.2.9/config/config.php",
1046
- "usr/share/squirrelmail/plugins/squirrel_logger/setup.php",
1047
- "usr/local/squirrelmail/www/readme",
1048
- "windows/system32/drivers/etc/hosts",
1049
- "windows/system32/drivers/etc/lmhosts.sam",
1050
- "windows/system32/drivers/etc/networks",
1051
- "windows/system32/drivers/etc/protocol",
1052
- "windows/system32/drivers/etc/services",
1053
- "/boot.ini",
1054
- "windows/debug/netsetup.log",
1055
- "windows/comsetup.log",
1056
- "windows/repair/setup.log",
1057
- "windows/setupact.log",
1058
- "windows/setupapi.log",
1059
- "windows/setuperr.log",
1060
- "windows/updspapi.log",
1061
- "windows/wmsetup.log",
1062
- "windows/windowsupdate.log",
1063
- "windows/odbc.ini",
1064
- "usr/local/psa/admin/htdocs/domains/databases/phpmyadmin/libraries/config.default.php",
1065
- "etc/apache2/conf.d/phpmyadmin.conf",
1066
- "etc/phpmyadmin/config.inc.php",
1067
- "etc/openldap/ldap.conf",
1068
- "etc/cups/acroread.conf",
1069
- "etc/cups/cupsd.conf",
1070
- "etc/cups/cupsd.conf.default",
1071
- "etc/cups/pdftops.conf",
1072
- "etc/cups/printers.conf",
1073
- "windows/system32/macromed/flash/flashinstall.log",
1074
- "windows/system32/macromed/flash/install.log",
1075
- "etc/cvs-cron.conf",
1076
- "etc/cvs-pserver.conf",
1077
- "etc/subversion/config",
1078
- "etc/modprobe.d/vmware-tools.conf",
1079
- "etc/updatedb.conf.beforevmwaretoolsinstall",
1080
- "etc/vmware-tools/config",
1081
- "etc/vmware-tools/tpvmlp.conf",
1082
- "etc/vmware-tools/vmware-tools-libraries.conf",
1083
- "var/log/vmware/hostd.log",
1084
- "var/log/vmware/hostd-1.log",
1085
- "/wp-config.php",
1086
- "/wp-config.bak",
1087
- "/wp-config.old",
1088
- "/wp-config.temp",
1089
- "/wp-config.tmp",
1090
- "/wp-config.txt",
1091
- "/config.yml",
1092
- "/config_dev.yml",
1093
- "/config_prod.yml",
1094
- "/config_test.yml",
1095
- "/parameters.yml",
1096
- "/routing.yml",
1097
- "/security.yml",
1098
- "/services.yml",
1099
- "sites/default/default.settings.php",
1100
- "sites/default/settings.php",
1101
- "sites/default/settings.local.php",
1102
- "app/etc/local.xml",
1103
- "/sftp-config.json",
1104
- "/web.config",
1105
- "includes/config.php",
1106
- "includes/configure.php",
1107
- "/config.inc.php",
1108
- "/localsettings.php",
1109
- "inc/config.php",
1110
- "typo3conf/localconf.php",
1111
- "config/app.php",
1112
- "config/custom.php",
1113
- "config/database.php",
1114
- "/configuration.php",
1115
- "/config.php",
1116
- "var/mail/www-data",
1117
- "etc/network/",
1118
- "etc/init/",
1119
- "inetpub/wwwroot/global.asa",
1120
- "system32/inetsrv/config/applicationhost.config",
1121
- "system32/inetsrv/config/administration.config",
1122
- "system32/inetsrv/config/redirection.config",
1123
- "system32/config/default",
1124
- "system32/config/sam",
1125
- "system32/config/system",
1126
- "system32/config/software",
1127
- "winnt/repair/sam._",
1128
- "/package.json",
1129
- "/package-lock.json",
1130
- "/gruntfile.js",
1131
- "/npm-debug.log",
1132
- "/ormconfig.json",
1133
- "/tsconfig.json",
1134
- "/webpack.config.js",
1135
- "/yarn.lock",
1136
- "proc/0",
1137
- "proc/1",
1138
- "proc/2",
1139
- "proc/3",
1140
- "proc/4",
1141
- "proc/5",
1142
- "proc/6",
1143
- "proc/7",
1144
- "proc/8",
1145
- "proc/9",
1146
- "proc/acpi",
1147
- "proc/asound",
1148
- "proc/bootconfig",
1149
- "proc/buddyinfo",
1150
- "proc/bus",
1151
- "proc/cgroups",
1152
- "proc/cmdline",
1153
- "proc/config.gz",
1154
- "proc/consoles",
1155
- "proc/cpuinfo",
1156
- "proc/crypto",
1157
- "proc/devices",
1158
- "proc/diskstats",
1159
- "proc/dma",
1160
- "proc/docker",
1161
- "proc/driver",
1162
- "proc/dynamic_debug",
1163
- "proc/execdomains",
1164
- "proc/fb",
1165
- "proc/filesystems",
1166
- "proc/fs",
1167
- "proc/interrupts",
1168
- "proc/iomem",
1169
- "proc/ioports",
1170
- "proc/ipmi",
1171
- "proc/irq",
1172
- "proc/kallsyms",
1173
- "proc/kcore",
1174
- "proc/keys",
1175
- "proc/keys",
1176
- "proc/key-users",
1177
- "proc/kmsg",
1178
- "proc/kpagecgroup",
1179
- "proc/kpagecount",
1180
- "proc/kpageflags",
1181
- "proc/latency_stats",
1182
- "proc/loadavg",
1183
- "proc/locks",
1184
- "proc/mdstat",
1185
- "proc/meminfo",
1186
- "proc/misc",
1187
- "proc/modules",
1188
- "proc/mounts",
1189
- "proc/mpt",
1190
- "proc/mtd",
1191
- "proc/mtrr",
1192
- "proc/net",
1193
- "proc/net/tcp",
1194
- "proc/net/udp",
1195
- "proc/pagetypeinfo",
1196
- "proc/partitions",
1197
- "proc/pressure",
1198
- "proc/sched_debug",
1199
- "proc/schedstat",
1200
- "proc/scsi",
1201
- "proc/self",
1202
- "proc/self/cmdline",
1203
- "proc/self/environ",
1204
- "proc/self/fd/0",
1205
- "proc/self/fd/1",
1206
- "proc/self/fd/10",
1207
- "proc/self/fd/11",
1208
- "proc/self/fd/12",
1209
- "proc/self/fd/13",
1210
- "proc/self/fd/14",
1211
- "proc/self/fd/15",
1212
- "proc/self/fd/2",
1213
- "proc/self/fd/3",
1214
- "proc/self/fd/4",
1215
- "proc/self/fd/5",
1216
- "proc/self/fd/6",
1217
- "proc/self/fd/7",
1218
- "proc/self/fd/8",
1219
- "proc/self/fd/9",
1220
- "proc/self/mounts",
1221
- "proc/self/stat",
1222
- "proc/self/status",
1223
- "proc/slabinfo",
1224
- "proc/softirqs",
1225
- "proc/stat",
1226
- "proc/swaps",
1227
- "proc/sys",
1228
- "proc/sysrq-trigger",
1229
- "proc/sysvipc",
1230
- "proc/thread-self",
1231
- "proc/timer_list",
1232
- "proc/timer_stats",
1233
- "proc/tty",
1234
- "proc/uptime",
1235
- "proc/version",
1236
- "proc/version_signature",
1237
- "proc/vmallocinfo",
1238
- "proc/vmstat",
1239
- "proc/zoneinfo",
1240
- "sys/block",
1241
- "sys/bus",
1242
- "sys/class",
1243
- "sys/dev",
1244
- "sys/devices",
1245
- "sys/firmware",
1246
- "sys/fs",
1247
- "sys/hypervisor",
1248
- "sys/kernel",
1249
- "sys/module",
1250
- "sys/power"
1251
- ]
1252
- },
1253
- "operator": "phrase_match"
1254
- }
1255
- ],
1256
- "transformers": [
1257
- "lowercase",
1258
- "normalizePath"
1259
- ]
1260
- },
1261
- {
1262
- "id": "crs-931-100",
1263
- "name": "Possible Remote File Inclusion (RFI) Attack: URL Parameter using IP Address",
1264
- "tags": {
1265
- "type": "rfi",
1266
- "crs_id": "931100",
1267
- "category": "attack_attempt"
1268
- },
1269
- "conditions": [
1270
- {
1271
- "parameters": {
1272
- "inputs": [
1273
- {
1274
- "address": "server.request.query"
1275
- },
1276
- {
1277
- "address": "server.request.body"
1278
- },
1279
- {
1280
- "address": "server.request.path_params"
1281
- }
1282
- ],
1283
- "regex": "^(?i:file|ftps?|https?)://(?:\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})",
1284
- "options": {
1285
- "case_sensitive": true,
1286
- "min_length": 13
1287
- }
1288
- },
1289
- "operator": "match_regex"
1290
- }
1291
- ],
1292
- "transformers": []
1293
- },
1294
- {
1295
- "id": "crs-932-105",
1296
- "name": "Remote Command Execution: Unix Command Injection",
1297
- "tags": {
1298
- "type": "command_injection",
1299
- "crs_id": "932105",
1300
- "category": "attack_attempt"
1301
- },
1302
- "conditions": [
1303
- {
1304
- "parameters": {
1305
- "inputs": [
1306
- {
1307
- "address": "server.request.query"
1308
- },
1309
- {
1310
- "address": "server.request.body"
1311
- },
1312
- {
1313
- "address": "server.request.path_params"
1314
- }
1315
- ],
1316
- "regex": "(?:[;\\n\\r`]|\\$(?:\\(?\\(|{)|(?:\\|)?\\||\\(\\s*\\)|[<>]\\(|&?&|\\{)\\s*(?:(?:\\w+=(?:[^\\s]*|\\$.*|\\$.*|<.*|>.*|\\'.*\\'|\\\".*\\\")\\s+|(?:\\s*\\(|!)\\s*|\\{|\\$))*\\s*(?:['\\\"])*(?:[\\?\\*\\[\\]\\(\\)\\-\\|+\\w'\\\"\\./\\x5c]+/)?[\\x5c'\\\"]*(?:s[\\x5c'\\\"]*(?:e[\\x5c'\\\"]*(?:t[\\x5c'\\\"]*(?:(?:f[\\x5c'\\\"]*a[\\x5c'\\\"]*c[\\x5c'\\\"]*l[\\x5c'\\\"]*)?(?:\\s|<|>).*|a[\\x5c'\\\"]*r[\\x5c'\\\"]*c[\\x5c'\\\"]*h|e[\\x5c'\\\"]*n[\\x5c'\\\"]*v|s[\\x5c'\\\"]*i[\\x5c'\\\"]*d)|(?:r[\\x5c'\\\"]*v[\\x5c'\\\"]*i[\\x5c'\\\"]*c[\\x5c'\\\"]*e|d)[\\x5c'\\\"]*(?:\\s|<|>).*|n[\\x5c'\\\"]*d[\\x5c'\\\"]*m[\\x5c'\\\"]*a[\\x5c'\\\"]*i[\\x5c'\\\"]*l)|t[\\x5c'\\\"]*(?:a[\\x5c'\\\"]*r[\\x5c'\\\"]*t[\\x5c'\\\"]*-[\\x5c'\\\"]*s[\\x5c'\\\"]*t[\\x5c'\\\"]*o[\\x5c'\\\"]*p[\\x5c'\\\"]*-[\\x5c'\\\"]*d[\\x5c'\\\"]*a[\\x5c'\\\"]*e[\\x5c'\\\"]*m[\\x5c'\\\"]*o[\\x5c'\\\"]*n|r[\\x5c'\\\"]*(?:i[\\x5c'\\\"]*n[\\x5c'\\\"]*g[\\x5c'\\\"]*s|a[\\x5c'\\\"]*c[\\x5c'\\\"]*e)|d[\\x5c'\\\"]*b[\\x5c'\\\"]*u[\\x5c'\\\"]*f)|h[\\x5c'\\\"]*(?:\\.[\\x5c'\\\"]*d[\\x5c'\\\"]*i[\\x5c'\\\"]*s[\\x5c'\\\"]*t[\\x5c'\\\"]*r[\\x5c'\\\"]*i[\\x5c'\\\"]*b|u[\\x5c'\\\"]*t[\\x5c'\\\"]*d[\\x5c'\\\"]*o[\\x5c'\\\"]*w[\\x5c'\\\"]*n|(?:\\s|<|>).*)|c[\\x5c'\\\"]*(?:(?:r[\\x5c'\\\"]*(?:e[\\x5c'\\\"]*e[\\x5c'\\\"]*n|i[\\x5c'\\\"]*p[\\x5c'\\\"]*t)|p)[\\x5c'\\\"]*(?:\\s|<|>).*|h[\\x5c'\\\"]*e[\\x5c'\\\"]*d)|o[\\x5c'\\\"]*(?:(?:u[\\x5c'\\\"]*r[\\x5c'\\\"]*c[\\x5c'\\\"]*e|r[\\x5c'\\\"]*t)[\\x5c'\\\"]*(?:\\s|<|>).*|c[\\x5c'\\\"]*a[\\x5c'\\\"]*t)|(?:p[\\x5c'\\\"]*l[\\x5c'\\\"]*i[\\x5c'\\\"]*t|g)[\\x5c'\\\"]*(?:\\s|<|>).*|q[\\x5c'\\\"]*l[\\x5c'\\\"]*i[\\x5c'\\\"]*t[\\x5c'\\\"]*e[\\x5c'\\\"]*3|(?:l[\\x5c'\\\"]*e[\\x5c'\\\"]*e|f[\\x5c'\\\"]*t)[\\x5c'\\\"]*p|y[\\x5c'\\\"]*s[\\x5c'\\\"]*c[\\x5c'\\\"]*t[\\x5c'\\\"]*l|u[\\x5c'\\\"]*(?:(?:\\s|<|>).*|d[\\x5c'\\\"]*o)|d[\\x5c'\\\"]*i[\\x5c'\\\"]*f[\\x5c'\\\"]*f|s[\\x5c'\\\"]*h|v[\\x5c'\\\"]*n)|p[\\x5c'\\\"]*(?:k[\\x5c'\\\"]*(?:g(?:(?:[\\x5c'\\\"]*_)?[\\x5c'\\\"]*i[\\x5c'\\\"]*n[\\x5c'\\\"]*f[\\x5c'\\\"]*o)?|e[\\x5c'\\\"]*x[\\x5c'\\\"]*e[\\x5c'\\\"]*c|i[\\x5c'\\\"]*l[\\x5c'\\\"]*l)|i[\\x5c'\\\"]*(?:(?:c(?:[\\x5c'\\\"]*o)?|p)[\\x5c'\\\"]*(?:\\s|<|>).*|d[\\x5c'\\\"]*s[\\x5c'\\\"]*t[\\x5c'\\\"]*a[\\x5c'\\\"]*t|n[\\x5c'\\\"]*g)|t[\\x5c'\\\"]*a[\\x5c'\\\"]*r(?:[\\x5c'\\\"]*(?:d[\\x5c'\\\"]*i[\\x5c'\\\"]*f[\\x5c'\\\"]*f|g[\\x5c'\\\"]*r[\\x5c'\\\"]*e[\\x5c'\\\"]*p))?|a[\\x5c'\\\"]*(?:t[\\x5c'\\\"]*c[\\x5c'\\\"]*h[\\x5c'\\\"]*(?:\\s|<|>).*|s[\\x5c'\\\"]*s[\\x5c'\\\"]*w[\\x5c'\\\"]*d)|r[\\x5c'\\\"]*i[\\x5c'\\\"]*n[\\x5c'\\\"]*t[\\x5c'\\\"]*(?:e[\\x5c'\\\"]*n[\\x5c'\\\"]*v|f[\\x5c'\\\"]*(?:\\s|<|>).*)|y[\\x5c'\\\"]*t[\\x5c'\\\"]*h[\\x5c'\\\"]*o[\\x5c'\\\"]*n(?:[\\x5c'\\\"]*(?:3(?:[\\x5c'\\\"]*m)?|2))?|e[\\x5c'\\\"]*r[\\x5c'\\\"]*(?:l(?:[\\x5c'\\\"]*(?:s[\\x5c'\\\"]*h|5))?|m[\\x5c'\\\"]*s)|(?:u[\\x5c'\\\"]*s[\\x5c'\\\"]*h|o[\\x5c'\\\"]*p)[\\x5c'\\\"]*d|f[\\x5c'\\\"]*(?:(?:\\s|<|>).*|t[\\x5c'\\\"]*p)|g[\\x5c'\\\"]*r[\\x5c'\\\"]*e[\\x5c'\\\"]*p|h[\\x5c'\\\"]*p(?:[\\x5c'\\\"]*[57])?|s[\\x5c'\\\"]*(?:\\s|<|>).*|d[\\x5c'\\\"]*b)|n[\\x5c'\\\"]*(?:c[\\x5c'\\\"]*(?:\\.[\\x5c'\\\"]*(?:t[\\x5c'\\\"]*r[\\x5c'\\\"]*a[\\x5c'\\\"]*d[\\x5c'\\\"]*i[\\x5c'\\\"]*t[\\x5c'\\\"]*i[\\x5c'\\\"]*o[\\x5c'\\\"]*n[\\x5c'\\\"]*a[\\x5c'\\\"]*l|o[\\x5c'\\\"]*p[\\x5c'\\\"]*e[\\x5c'\\\"]*n[\\x5c'\\\"]*b[\\x5c'\\\"]*s[\\x5c'\\\"]*d)|(?:\\s|<|>).*|a[\\x5c'\\\"]*t)|e[\\x5c'\\\"]*t[\\x5c'\\\"]*(?:k[\\x5c'\\\"]*i[\\x5c'\\\"]*t[\\x5c'\\\"]*-[\\x5c'\\\"]*f[\\x5c'\\\"]*t[\\x5c'\\\"]*p|(?:s[\\x5c'\\\"]*t|c)[\\x5c'\\\"]*a[\\x5c'\\\"]*t|(?:\\s|<|>).*)|s[\\x5c'\\\"]*(?:l[\\x5c'\\\"]*o[\\x5c'\\\"]*o[\\x5c'\\\"]*k[\\x5c'\\\"]*u[\\x5c'\\\"]*p|e[\\x5c'\\\"]*n[\\x5c'\\\"]*t[\\x5c'\\\"]*e[\\x5c'\\\"]*r|t[\\x5c'\\\"]*a[\\x5c'\\\"]*t)|o[\\x5c'\\\"]*(?:d[\\x5c'\\\"]*e[\\x5c'\\\"]*(?:\\s|<|>).*|h[\\x5c'\\\"]*u[\\x5c'\\\"]*p)|a[\\x5c'\\\"]*(?:n[\\x5c'\\\"]*o[\\x5c'\\\"]*(?:\\s|<|>).*|w[\\x5c'\\\"]*k)|p[\\x5c'\\\"]*(?:i[\\x5c'\\\"]*n[\\x5c'\\\"]*g|m[\\x5c'\\\"]*(?:\\s|<|>).*)|i[\\x5c'\\\"]*c[\\x5c'\\\"]*e[\\x5c'\\\"]*(?:\\s|<|>).*|r[\\x5c'\\\"]*o[\\x5c'\\\"]*f[\\x5c'\\\"]*f|m[\\x5c'\\\"]*a[\\x5c'\\\"]*p)|r[\\x5c'\\\"]*(?:u[\\x5c'\\\"]*(?:n[\\x5c'\\\"]*-[\\x5c'\\\"]*(?:m[\\x5c'\\\"]*a[\\x5c'\\\"]*i[\\x5c'\\\"]*l[\\x5c'\\\"]*c[\\x5c'\\\"]*a[\\x5c'\\\"]*p|p[\\x5c'\\\"]*a[\\x5c'\\\"]*r[\\x5c'\\\"]*t[\\x5c'\\\"]*s)|b[\\x5c'\\\"]*y(?:[\\x5c'\\\"]*(?:1(?:[\\x5c'\\\"]*[89])?|2[\\x5c'\\\"]*[012]))?)|e[\\x5c'\\\"]*(?:(?:p[\\x5c'\\\"]*(?:l[\\x5c'\\\"]*a[\\x5c'\\\"]*c[\\x5c'\\\"]*e|e[\\x5c'\\\"]*a[\\x5c'\\\"]*t)|n[\\x5c'\\\"]*a[\\x5c'\\\"]*m[\\x5c'\\\"]*e)[\\x5c'\\\"]*(?:\\s|<|>).*|a[\\x5c'\\\"]*l[\\x5c'\\\"]*p[\\x5c'\\\"]*a[\\x5c'\\\"]*t[\\x5c'\\\"]*h)|m[\\x5c'\\\"]*(?:(?:d[\\x5c'\\\"]*i[\\x5c'\\\"]*r[\\x5c'\\\"]*)?(?:\\s|<|>).*|u[\\x5c'\\\"]*s[\\x5c'\\\"]*e[\\x5c'\\\"]*r)|a[\\x5c'\\\"]*(?:k[\\x5c'\\\"]*(?:e[\\x5c'\\\"]*(?:\\s|<|>).*|u)|r[\\x5c'\\\"]*(?:\\s|<|>).*)|(?:c[\\x5c'\\\"]*p|p[\\x5c'\\\"]*m)[\\x5c'\\\"]*(?:\\s|<|>).*|v[\\x5c'\\\"]*i[\\x5c'\\\"]*(?:e[\\x5c'\\\"]*w|m)|n[\\x5c'\\\"]*a[\\x5c'\\\"]*n[\\x5c'\\\"]*o|o[\\x5c'\\\"]*u[\\x5c'\\\"]*t[\\x5c'\\\"]*e|s[\\x5c'\\\"]*y[\\x5c'\\\"]*n[\\x5c'\\\"]*c)|t[\\x5c'\\\"]*(?:c[\\x5c'\\\"]*(?:p[\\x5c'\\\"]*(?:t[\\x5c'\\\"]*r[\\x5c'\\\"]*a[\\x5c'\\\"]*c[\\x5c'\\\"]*e[\\x5c'\\\"]*r[\\x5c'\\\"]*o[\\x5c'\\\"]*u[\\x5c'\\\"]*t[\\x5c'\\\"]*e|i[\\x5c'\\\"]*n[\\x5c'\\\"]*g)|s[\\x5c'\\\"]*h)|i[\\x5c'\\\"]*m[\\x5c'\\\"]*e[\\x5c'\\\"]*(?:d[\\x5c'\\\"]*a[\\x5c'\\\"]*t[\\x5c'\\\"]*e[\\x5c'\\\"]*c[\\x5c'\\\"]*t[\\x5c'\\\"]*l|o[\\x5c'\\\"]*u[\\x5c'\\\"]*t|(?:\\s|<|>).*)|a[\\x5c'\\\"]*(?:s[\\x5c'\\\"]*k[\\x5c'\\\"]*s[\\x5c'\\\"]*e[\\x5c'\\\"]*t|i[\\x5c'\\\"]*l(?:[\\x5c'\\\"]*f)?|r[\\x5c'\\\"]*(?:\\s|<|>).*)|r[\\x5c'\\\"]*a[\\x5c'\\\"]*c[\\x5c'\\\"]*e[\\x5c'\\\"]*r[\\x5c'\\\"]*o[\\x5c'\\\"]*u[\\x5c'\\\"]*t[\\x5c'\\\"]*e(?:[\\x5c'\\\"]*6)?|e[\\x5c'\\\"]*(?:l[\\x5c'\\\"]*n[\\x5c'\\\"]*e[\\x5c'\\\"]*t|e[\\x5c'\\\"]*(?:\\s|<|>).*)|o[\\x5c'\\\"]*(?:u[\\x5c'\\\"]*c[\\x5c'\\\"]*h[\\x5c'\\\"]*(?:\\s|<|>).*|p)|m[\\x5c'\\\"]*u[\\x5c'\\\"]*x)|m[\\x5c'\\\"]*(?:y[\\x5c'\\\"]*s[\\x5c'\\\"]*q[\\x5c'\\\"]*l(?:[\\x5c'\\\"]*(?:d[\\x5c'\\\"]*u[\\x5c'\\\"]*m[\\x5c'\\\"]*p(?:[\\x5c'\\\"]*s[\\x5c'\\\"]*l[\\x5c'\\\"]*o[\\x5c'\\\"]*w)?|h[\\x5c'\\\"]*o[\\x5c'\\\"]*t[\\x5c'\\\"]*c[\\x5c'\\\"]*o[\\x5c'\\\"]*p[\\x5c'\\\"]*y|a[\\x5c'\\\"]*d[\\x5c'\\\"]*m[\\x5c'\\\"]*i[\\x5c'\\\"]*n|s[\\x5c'\\\"]*h[\\x5c'\\\"]*o[\\x5c'\\\"]*w))?|(?:o[\\x5c'\\\"]*(?:u[\\x5c'\\\"]*n[\\x5c'\\\"]*t|r[\\x5c'\\\"]*e)|k[\\x5c'\\\"]*d[\\x5c'\\\"]*i[\\x5c'\\\"]*r|u[\\x5c'\\\"]*t[\\x5c'\\\"]*t|v)[\\x5c'\\\"]*(?:\\s|<|>).*|a[\\x5c'\\\"]*(?:i[\\x5c'\\\"]*l[\\x5c'\\\"]*(?:x[\\x5c'\\\"]*(?:\\s|<|>).*|q)|(?:k[\\x5c'\\\"]*e|n)[\\x5c'\\\"]*(?:\\s|<|>).*|w[\\x5c'\\\"]*k)|l[\\x5c'\\\"]*o[\\x5c'\\\"]*c[\\x5c'\\\"]*a[\\x5c'\\\"]*t[\\x5c'\\\"]*e)|u[\\x5c'\\\"]*(?:n[\\x5c'\\\"]*(?:l[\\x5c'\\\"]*(?:i[\\x5c'\\\"]*n[\\x5c'\\\"]*k[\\x5c'\\\"]*(?:\\s|<|>).*|z[\\x5c'\\\"]*m[\\x5c'\\\"]*a)|s[\\x5c'\\\"]*(?:h[\\x5c'\\\"]*a[\\x5c'\\\"]*r[\\x5c'\\\"]*e|e[\\x5c'\\\"]*t)[\\x5c'\\\"]*(?:\\s|<|>).*|c[\\x5c'\\\"]*o[\\x5c'\\\"]*m[\\x5c'\\\"]*p[\\x5c'\\\"]*r[\\x5c'\\\"]*e[\\x5c'\\\"]*s[\\x5c'\\\"]*s|a[\\x5c'\\\"]*m[\\x5c'\\\"]*e|r[\\x5c'\\\"]*a[\\x5c'\\\"]*r|z[\\x5c'\\\"]*i[\\x5c'\\\"]*p|x[\\x5c'\\\"]*z)|s[\\x5c'\\\"]*e[\\x5c'\\\"]*r[\\x5c'\\\"]*(?:(?:a[\\x5c'\\\"]*d|m[\\x5c'\\\"]*o)[\\x5c'\\\"]*d|d[\\x5c'\\\"]*e[\\x5c'\\\"]*l)|l[\\x5c'\\\"]*i[\\x5c'\\\"]*m[\\x5c'\\\"]*i[\\x5c'\\\"]*t[\\x5c'\\\"]*(?:\\s|<|>).*)|x[\\x5c'\\\"]*(?:z[\\x5c'\\\"]*(?:(?:[ef][\\x5c'\\\"]*)?g[\\x5c'\\\"]*r[\\x5c'\\\"]*e[\\x5c'\\\"]*p|d[\\x5c'\\\"]*(?:i[\\x5c'\\\"]*f[\\x5c'\\\"]*f|e[\\x5c'\\\"]*c)|c[\\x5c'\\\"]*(?:a[\\x5c'\\\"]*t|m[\\x5c'\\\"]*p)|l[\\x5c'\\\"]*e[\\x5c'\\\"]*s[\\x5c'\\\"]*s|m[\\x5c'\\\"]*o[\\x5c'\\\"]*r[\\x5c'\\\"]*e|(?:\\s|<|>).*)|a[\\x5c'\\\"]*r[\\x5c'\\\"]*g[\\x5c'\\\"]*s|t[\\x5c'\\\"]*e[\\x5c'\\\"]*r[\\x5c'\\\"]*m|x[\\x5c'\\\"]*d[\\x5c'\\\"]*(?:\\s|<|>).*)|z[\\x5c'\\\"]*(?:(?:[ef][\\x5c'\\\"]*)?g[\\x5c'\\\"]*r[\\x5c'\\\"]*e[\\x5c'\\\"]*p|c[\\x5c'\\\"]*(?:a[\\x5c'\\\"]*t|m[\\x5c'\\\"]*p)|d[\\x5c'\\\"]*i[\\x5c'\\\"]*f[\\x5c'\\\"]*f|i[\\x5c'\\\"]*p[\\x5c'\\\"]*(?:\\s|<|>).*|l[\\x5c'\\\"]*e[\\x5c'\\\"]*s[\\x5c'\\\"]*s|m[\\x5c'\\\"]*o[\\x5c'\\\"]*r[\\x5c'\\\"]*e|r[\\x5c'\\\"]*u[\\x5c'\\\"]*n|s[\\x5c'\\\"]*h)|w[\\x5c'\\\"]*(?:h[\\x5c'\\\"]*o[\\x5c'\\\"]*(?:a[\\x5c'\\\"]*m[\\x5c'\\\"]*i|(?:\\s|<|>).*)|a[\\x5c'\\\"]*t[\\x5c'\\\"]*c[\\x5c'\\\"]*h[\\x5c'\\\"]*(?:\\s|<|>).*|g[\\x5c'\\\"]*e[\\x5c'\\\"]*t|3[\\x5c'\\\"]*m)|v[\\x5c'\\\"]*i[\\x5c'\\\"]*(?:m[\\x5c'\\\"]*(?:d[\\x5c'\\\"]*i[\\x5c'\\\"]*f[\\x5c'\\\"]*f|(?:\\s|<|>).*)|(?:e[\\x5c'\\\"]*w[\\x5c'\\\"]*)?(?:\\s|<|>).*|g[\\x5c'\\\"]*r|p[\\x5c'\\\"]*w)|o[\\x5c'\\\"]*(?:p[\\x5c'\\\"]*e[\\x5c'\\\"]*n[\\x5c'\\\"]*s[\\x5c'\\\"]*s[\\x5c'\\\"]*l|n[\\x5c'\\\"]*i[\\x5c'\\\"]*n[\\x5c'\\\"]*t[\\x5c'\\\"]*r)|y[\\x5c'\\\"]*u[\\x5c'\\\"]*m)\\b",
1317
- "options": {
1318
- "case_sensitive": true,
1319
- "min_length": 4
1320
- }
1321
- },
1322
- "operator": "match_regex"
1323
- }
1324
- ],
1325
- "transformers": []
1326
- },
1327
- {
1328
- "id": "crs-932-110",
1329
- "name": "Remote Command Execution: Windows Command Injection",
1330
- "tags": {
1331
- "type": "command_injection",
1332
- "crs_id": "932110",
1333
- "category": "attack_attempt"
1334
- },
1335
- "conditions": [
1336
- {
1337
- "parameters": {
1338
- "inputs": [
1339
- {
1340
- "address": "server.request.query"
1341
- },
1342
- {
1343
- "address": "server.request.body"
1344
- },
1345
- {
1346
- "address": "server.request.path_params"
1347
- }
1348
- ],
1349
- "regex": "(?:[;\\n\\r`]|(?:\\|)?\\||&?&|\\{)\\s*(?:['(?:,@\\\"\\s])*(?:(?:(?:[\\x5c'\\\"\\^]*\\w[\\x5c'\\\"\\^]*:.*|[\\^\\.\\w '\\\"/\\x5c]*)\\x5c|[\\w'\\\"\\./]+\\/))?[\\\"\\^]*(?:m[\\\"\\^]*(?:y[\\\"\\^]*s[\\\"\\^]*q[\\\"\\^]*l(?:[\\\"\\^]*(?:d[\\\"\\^]*u[\\\"\\^]*m[\\\"\\^]*p(?:[\\\"\\^]*s[\\\"\\^]*l[\\\"\\^]*o[\\\"\\^]*w)?|h[\\\"\\^]*o[\\\"\\^]*t[\\\"\\^]*c[\\\"\\^]*o[\\\"\\^]*p[\\\"\\^]*y|a[\\\"\\^]*d[\\\"\\^]*m[\\\"\\^]*i[\\\"\\^]*n|s[\\\"\\^]*h[\\\"\\^]*o[\\\"\\^]*w))?|s[\\\"\\^]*(?:i[\\\"\\^]*(?:n[\\\"\\^]*f[\\\"\\^]*o[\\\"\\^]*3[\\\"\\^]*2|e[\\\"\\^]*x[\\\"\\^]*e[\\\"\\^]*c)|c[\\\"\\^]*o[\\\"\\^]*n[\\\"\\^]*f[\\\"\\^]*i[\\\"\\^]*g|g[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|h[\\\"\\^]*t[\\\"\\^]*a|t[\\\"\\^]*s[\\\"\\^]*c)|o[\\\"\\^]*(?:u[\\\"\\^]*n[\\\"\\^]*t[\\\"\\^]*(?:(?:[\\s,;]|\\.|/|<|>).*|v[\\\"\\^]*o[\\\"\\^]*l)|v[\\\"\\^]*e[\\\"\\^]*u[\\\"\\^]*s[\\\"\\^]*e[\\\"\\^]*r|[dr][\\\"\\^]*e[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*)|k[\\\"\\^]*(?:d[\\\"\\^]*i[\\\"\\^]*r[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|l[\\\"\\^]*i[\\\"\\^]*n[\\\"\\^]*k)|d[\\\"\\^]*(?:s[\\\"\\^]*c[\\\"\\^]*h[\\\"\\^]*e[\\\"\\^]*d|(?:[\\s,;]|\\.|/|<|>).*)|a[\\\"\\^]*p[\\\"\\^]*i[\\\"\\^]*s[\\\"\\^]*e[\\\"\\^]*n[\\\"\\^]*d|b[\\\"\\^]*s[\\\"\\^]*a[\\\"\\^]*c[\\\"\\^]*l[\\\"\\^]*i|e[\\\"\\^]*a[\\\"\\^]*s[\\\"\\^]*u[\\\"\\^]*r[\\\"\\^]*e|m[\\\"\\^]*s[\\\"\\^]*y[\\\"\\^]*s)|d[\\\"\\^]*(?:i[\\\"\\^]*(?:s[\\\"\\^]*k[\\\"\\^]*(?:(?:m[\\\"\\^]*g[\\\"\\^]*m|p[\\\"\\^]*a[\\\"\\^]*r)[\\\"\\^]*t|s[\\\"\\^]*h[\\\"\\^]*a[\\\"\\^]*d[\\\"\\^]*o[\\\"\\^]*w)|r[\\\"\\^]*(?:(?:[\\s,;]|\\.|/|<|>).*|u[\\\"\\^]*s[\\\"\\^]*e)|f[\\\"\\^]*f[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*)|e[\\\"\\^]*(?:l[\\\"\\^]*(?:p[\\\"\\^]*r[\\\"\\^]*o[\\\"\\^]*f|t[\\\"\\^]*r[\\\"\\^]*e[\\\"\\^]*e|(?:[\\s,;]|\\.|/|<|>).*)|v[\\\"\\^]*(?:m[\\\"\\^]*g[\\\"\\^]*m[\\\"\\^]*t|c[\\\"\\^]*o[\\\"\\^]*n)|(?:f[\\\"\\^]*r[\\\"\\^]*a|b[\\\"\\^]*u)[\\\"\\^]*g)|s[\\\"\\^]*(?:a[\\\"\\^]*(?:c[\\\"\\^]*l[\\\"\\^]*s|d[\\\"\\^]*d)|q[\\\"\\^]*u[\\\"\\^]*e[\\\"\\^]*r[\\\"\\^]*y|m[\\\"\\^]*o[\\\"\\^]*(?:v[\\\"\\^]*e|d)|g[\\\"\\^]*e[\\\"\\^]*t|r[\\\"\\^]*m)|(?:r[\\\"\\^]*i[\\\"\\^]*v[\\\"\\^]*e[\\\"\\^]*r[\\\"\\^]*q[\\\"\\^]*u[\\\"\\^]*e[\\\"\\^]*r|o[\\\"\\^]*s[\\\"\\^]*k[\\\"\\^]*e)[\\\"\\^]*y|(?:c[\\\"\\^]*o[\\\"\\^]*m[\\\"\\^]*c[\\\"\\^]*n[\\\"\\^]*f|x[\\\"\\^]*d[\\\"\\^]*i[\\\"\\^]*a)[\\\"\\^]*g|a[\\\"\\^]*t[\\\"\\^]*e[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|n[\\\"\\^]*s[\\\"\\^]*s[\\\"\\^]*t[\\\"\\^]*a[\\\"\\^]*t)|c[\\\"\\^]*(?:o[\\\"\\^]*(?:m[\\\"\\^]*(?:p[\\\"\\^]*(?:(?:a[\\\"\\^]*c[\\\"\\^]*t[\\\"\\^]*)?(?:[\\s,;]|\\.|/|<|>).*|m[\\\"\\^]*g[\\\"\\^]*m[\\\"\\^]*t)|e[\\\"\\^]*x[\\\"\\^]*p)|n[\\\"\\^]*(?:2[\\\"\\^]*p|v[\\\"\\^]*e)[\\\"\\^]*r[\\\"\\^]*t|p[\\\"\\^]*y)|l[\\\"\\^]*(?:e[\\\"\\^]*a[\\\"\\^]*(?:n[\\\"\\^]*m[\\\"\\^]*g[\\\"\\^]*r|r[\\\"\\^]*m[\\\"\\^]*e[\\\"\\^]*m)|u[\\\"\\^]*s[\\\"\\^]*t[\\\"\\^]*e[\\\"\\^]*r)|h[\\\"\\^]*(?:k[\\\"\\^]*(?:n[\\\"\\^]*t[\\\"\\^]*f[\\\"\\^]*s|d[\\\"\\^]*s[\\\"\\^]*k)|d[\\\"\\^]*i[\\\"\\^]*r[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*)|s[\\\"\\^]*(?:c[\\\"\\^]*(?:r[\\\"\\^]*i[\\\"\\^]*p[\\\"\\^]*t|c[\\\"\\^]*m[\\\"\\^]*d)|v[\\\"\\^]*d[\\\"\\^]*e)|e[\\\"\\^]*r[\\\"\\^]*t[\\\"\\^]*(?:u[\\\"\\^]*t[\\\"\\^]*i[\\\"\\^]*l|r[\\\"\\^]*e[\\\"\\^]*q)|a[\\\"\\^]*(?:l[\\\"\\^]*l[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|c[\\\"\\^]*l[\\\"\\^]*s)|m[\\\"\\^]*d(?:[\\\"\\^]*k[\\\"\\^]*e[\\\"\\^]*y)?|i[\\\"\\^]*p[\\\"\\^]*h[\\\"\\^]*e[\\\"\\^]*r|u[\\\"\\^]*r[\\\"\\^]*l)|f[\\\"\\^]*(?:o[\\\"\\^]*r[\\\"\\^]*(?:m[\\\"\\^]*a[\\\"\\^]*t[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|f[\\\"\\^]*i[\\\"\\^]*l[\\\"\\^]*e[\\\"\\^]*s|e[\\\"\\^]*a[\\\"\\^]*c[\\\"\\^]*h)|i[\\\"\\^]*n[\\\"\\^]*d[\\\"\\^]*(?:(?:[\\s,;]|\\.|/|<|>).*|s[\\\"\\^]*t[\\\"\\^]*r)|s[\\\"\\^]*(?:m[\\\"\\^]*g[\\\"\\^]*m[\\\"\\^]*t|u[\\\"\\^]*t[\\\"\\^]*i[\\\"\\^]*l)|t[\\\"\\^]*(?:p[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|y[\\\"\\^]*p[\\\"\\^]*e)|r[\\\"\\^]*e[\\\"\\^]*e[\\\"\\^]*d[\\\"\\^]*i[\\\"\\^]*s[\\\"\\^]*k|c[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|g[\\\"\\^]*r[\\\"\\^]*e[\\\"\\^]*p)|n[\\\"\\^]*(?:e[\\\"\\^]*t[\\\"\\^]*(?:s[\\\"\\^]*(?:t[\\\"\\^]*a[\\\"\\^]*t|v[\\\"\\^]*c|h)|(?:[\\s,;]|\\.|/|<|>).*|c[\\\"\\^]*a[\\\"\\^]*t|d[\\\"\\^]*o[\\\"\\^]*m)|t[\\\"\\^]*(?:b[\\\"\\^]*a[\\\"\\^]*c[\\\"\\^]*k[\\\"\\^]*u[\\\"\\^]*p|r[\\\"\\^]*i[\\\"\\^]*g[\\\"\\^]*h[\\\"\\^]*t[\\\"\\^]*s)|(?:s[\\\"\\^]*l[\\\"\\^]*o[\\\"\\^]*o[\\\"\\^]*k[\\\"\\^]*u|m[\\\"\\^]*a)[\\\"\\^]*p|c[\\\"\\^]*(?:(?:[\\s,;]|\\.|/|<|>).*|a[\\\"\\^]*t)|b[\\\"\\^]*t[\\\"\\^]*s[\\\"\\^]*t[\\\"\\^]*a[\\\"\\^]*t)|e[\\\"\\^]*(?:x[\\\"\\^]*p[\\\"\\^]*(?:a[\\\"\\^]*n[\\\"\\^]*d[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|l[\\\"\\^]*o[\\\"\\^]*r[\\\"\\^]*e[\\\"\\^]*r)|v[\\\"\\^]*e[\\\"\\^]*n[\\\"\\^]*t[\\\"\\^]*(?:c[\\\"\\^]*r[\\\"\\^]*e[\\\"\\^]*a[\\\"\\^]*t[\\\"\\^]*e|v[\\\"\\^]*w[\\\"\\^]*r)|n[\\\"\\^]*d[\\\"\\^]*l[\\\"\\^]*o[\\\"\\^]*c[\\\"\\^]*a[\\\"\\^]*l|g[\\\"\\^]*r[\\\"\\^]*e[\\\"\\^]*p|r[\\\"\\^]*a[\\\"\\^]*s[\\\"\\^]*e|c[\\\"\\^]*h[\\\"\\^]*o)|g[\\\"\\^]*(?:a[\\\"\\^]*t[\\\"\\^]*h[\\\"\\^]*e[\\\"\\^]*r[\\\"\\^]*n[\\\"\\^]*e[\\\"\\^]*t[\\\"\\^]*w[\\\"\\^]*o[\\\"\\^]*r[\\\"\\^]*k[\\\"\\^]*i[\\\"\\^]*n[\\\"\\^]*f[\\\"\\^]*o|p[\\\"\\^]*(?:(?:r[\\\"\\^]*e[\\\"\\^]*s[\\\"\\^]*u[\\\"\\^]*l|e[\\\"\\^]*d[\\\"\\^]*i)[\\\"\\^]*t|u[\\\"\\^]*p[\\\"\\^]*d[\\\"\\^]*a[\\\"\\^]*t[\\\"\\^]*e)|i[\\\"\\^]*t[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|e[\\\"\\^]*t[\\\"\\^]*m[\\\"\\^]*a[\\\"\\^]*c)|i[\\\"\\^]*(?:r[\\\"\\^]*b(?:[\\\"\\^]*(?:1(?:[\\\"\\^]*[89])?|2[\\\"\\^]*[012]))?|f[\\\"\\^]*m[\\\"\\^]*e[\\\"\\^]*m[\\\"\\^]*b[\\\"\\^]*e[\\\"\\^]*r|p[\\\"\\^]*c[\\\"\\^]*o[\\\"\\^]*n[\\\"\\^]*f[\\\"\\^]*i[\\\"\\^]*g|n[\\\"\\^]*e[\\\"\\^]*t[\\\"\\^]*c[\\\"\\^]*p[\\\"\\^]*l|c[\\\"\\^]*a[\\\"\\^]*c[\\\"\\^]*l[\\\"\\^]*s)|a[\\\"\\^]*(?:d[\\\"\\^]*(?:d[\\\"\\^]*u[\\\"\\^]*s[\\\"\\^]*e[\\\"\\^]*r[\\\"\\^]*s|m[\\\"\\^]*o[\\\"\\^]*d[\\\"\\^]*c[\\\"\\^]*m[\\\"\\^]*d)|r[\\\"\\^]*p[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|t[\\\"\\^]*t[\\\"\\^]*r[\\\"\\^]*i[\\\"\\^]*b|s[\\\"\\^]*s[\\\"\\^]*o[\\\"\\^]*c|z[\\\"\\^]*m[\\\"\\^]*a[\\\"\\^]*n)|l[\\\"\\^]*(?:o[\\\"\\^]*g[\\\"\\^]*(?:e[\\\"\\^]*v[\\\"\\^]*e[\\\"\\^]*n[\\\"\\^]*t|t[\\\"\\^]*i[\\\"\\^]*m[\\\"\\^]*e|m[\\\"\\^]*a[\\\"\\^]*n|o[\\\"\\^]*f[\\\"\\^]*f)|a[\\\"\\^]*b[\\\"\\^]*e[\\\"\\^]*l[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|u[\\\"\\^]*s[\\\"\\^]*r[\\\"\\^]*m[\\\"\\^]*g[\\\"\\^]*r)|b[\\\"\\^]*(?:(?:c[\\\"\\^]*d[\\\"\\^]*(?:b[\\\"\\^]*o[\\\"\\^]*o|e[\\\"\\^]*d[\\\"\\^]*i)|r[\\\"\\^]*o[\\\"\\^]*w[\\\"\\^]*s[\\\"\\^]*t[\\\"\\^]*a)[\\\"\\^]*t|i[\\\"\\^]*t[\\\"\\^]*s[\\\"\\^]*a[\\\"\\^]*d[\\\"\\^]*m[\\\"\\^]*i[\\\"\\^]*n|o[\\\"\\^]*o[\\\"\\^]*t[\\\"\\^]*c[\\\"\\^]*f[\\\"\\^]*g)|h[\\\"\\^]*(?:o[\\\"\\^]*s[\\\"\\^]*t[\\\"\\^]*n[\\\"\\^]*a[\\\"\\^]*m[\\\"\\^]*e|d[\\\"\\^]*w[\\\"\\^]*w[\\\"\\^]*i[\\\"\\^]*z)|j[\\\"\\^]*a[\\\"\\^]*v[\\\"\\^]*a[\\\"\\^]*(?:[\\s,;]|\\.|/|<|>).*|7[\\\"\\^]*z(?:[\\\"\\^]*[ar])?)(?:\\.[\\\"\\^]*\\w+)?\\b",
1350
- "options": {
1351
- "min_length": 3
1352
- }
1353
- },
1354
- "operator": "match_regex"
1355
- }
1356
- ],
1357
- "transformers": []
1358
- },
1359
- {
1360
- "id": "crs-932-140",
1361
- "name": "Remote Command Execution: Windows FOR/IF Command Found",
1362
- "tags": {
1363
- "type": "command_injection",
1364
- "crs_id": "932140",
1365
- "category": "attack_attempt"
1366
- },
1367
- "conditions": [
1368
- {
1369
- "parameters": {
1370
- "inputs": [
1371
- {
1372
- "address": "server.request.query"
1373
- },
1374
- {
1375
- "address": "server.request.body"
1376
- },
1377
- {
1378
- "address": "server.request.path_params"
1379
- }
1380
- ],
1381
- "regex": "\\b(?:if(?:/i)?(?: not)?(?: exist\\b| defined\\b| errorlevel\\b| cmdextversion\\b|(?: |\\().*(?:\\bgeq\\b|\\bequ\\b|\\bneq\\b|\\bleq\\b|\\bgtr\\b|\\blss\\b|==))|for(?:/[dflr].*)? %+[^ ]+ in\\(.*\\)\\s?do)",
1382
- "options": {
1383
- "case_sensitive": true,
1384
- "min_length": 5
1385
- }
1386
- },
1387
- "operator": "match_regex"
1388
- }
1389
- ],
1390
- "transformers": []
1391
- },
1392
- {
1393
- "id": "crs-941-320",
1394
- "name": "Possible XSS Attack Detected - HTML Tag Handler",
1395
- "tags": {
1396
- "type": "xss",
1397
- "crs_id": "941320",
1398
- "category": "attack_attempt"
1399
- },
1400
- "conditions": [
1401
- {
1402
- "parameters": {
1403
- "inputs": [
1404
- {
1405
- "address": "server.request.query"
1406
- },
1407
- {
1408
- "address": "server.request.body"
1409
- },
1410
- {
1411
- "address": "server.request.path_params"
1412
- }
1413
- ],
1414
- "regex": "<(?:a|abbr|acronym|address|applet|area|audioscope|b|base|basefront|bdo|bgsound|big|blackface|blink|blockquote|body|bq|br|button|caption|center|cite|code|col|colgroup|comment|dd|del|dfn|dir|div|dl|dt|em|embed|fieldset|fn|font|form|frame|frameset|h1|head|hr|html|i|iframe|ilayer|img|input|ins|isindex|kdb|keygen|label|layer|legend|li|limittext|link|listing|map|marquee|menu|meta|multicol|nobr|noembed|noframes|noscript|nosmartquotes|object|ol|optgroup|option|p|param|plaintext|pre|q|rt|ruby|s|samp|script|select|server|shadow|sidebar|small|spacer|span|strike|strong|style|sub|sup|table|tbody|td|textarea|tfoot|th|thead|title|tr|tt|u|ul|var|wbr|xml|xmp)\\W",
1415
- "options": {
1416
- "case_sensitive": true,
1417
- "min_length": 3
1418
- }
1419
- },
1420
- "operator": "match_regex"
1421
- }
1422
- ],
1423
- "transformers": [
1424
- "lowercase"
1425
- ]
1426
- },
1427
- {
1428
- "id": "crs-942-140",
1429
- "name": "SQL Injection Attack: Common DB Names Detected",
1430
- "tags": {
1431
- "type": "sql_injection",
1432
- "crs_id": "942140",
1433
- "category": "attack_attempt"
1434
- },
1435
- "conditions": [
1436
- {
1437
- "parameters": {
1438
- "inputs": [
1439
- {
1440
- "address": "server.request.query"
1441
- },
1442
- {
1443
- "address": "server.request.body"
1444
- },
1445
- {
1446
- "address": "server.request.path_params"
1447
- },
1448
- {
1449
- "address": "grpc.server.request.message"
1450
- }
1451
- ],
1452
- "regex": "\\b(?:(?:m(?:s(?:ys(?:ac(?:cess(?:objects|storage|xml)|es)|(?:relationship|object|querie)s|modules2?)|db)|aster\\.\\.sysdatabases|ysql\\.db)|pg_(?:catalog|toast)|information_schema|northwind|tempdb)\\b|s(?:(?:ys(?:\\.database_name|aux)|qlite(?:_temp)?_master)\\b|chema(?:_name\\b|\\W*\\())|d(?:atabas|b_nam)e\\W*\\()",
1453
- "options": {
1454
- "min_length": 4
1455
- }
1456
- },
1457
- "operator": "match_regex"
1458
- }
1459
- ],
1460
- "transformers": []
1461
- },
1462
- {
1463
- "id": "crs-942-220",
1464
- "name": "Looking for integer overflow attacks",
1465
- "tags": {
1466
- "type": "sql_injection",
1467
- "crs_id": "942220",
1468
- "category": "attack_attempt"
1469
- },
1470
- "conditions": [
1471
- {
1472
- "parameters": {
1473
- "inputs": [
1474
- {
1475
- "address": "server.request.query"
1476
- },
1477
- {
1478
- "address": "server.request.body"
1479
- },
1480
- {
1481
- "address": "server.request.path_params"
1482
- },
1483
- {
1484
- "address": "grpc.server.request.message"
1485
- }
1486
- ],
1487
- "regex": "^(?i:-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|2.2250738585072011e-308|1e309)$",
1488
- "options": {
1489
- "case_sensitive": true,
1490
- "min_length": 5
1491
- }
1492
- },
1493
- "operator": "match_regex"
1494
- }
1495
- ],
1496
- "transformers": []
1497
- }
1498
- ]
1499
- }