rack-shield 1.2.2 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rack/shield/version.rb +1 -1
  3. data/lib/rack/shield.rb +126 -89
  4. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 51d97823d4d9691ca4e7aa4279a5b3271d77edf5d74c2952529242055e3677a5
4
- data.tar.gz: d5bfe6b47f7f5e6ca8002f7858803423c9f70bb08295fb65f1b7dafa6b69f685
3
+ metadata.gz: 63cf387ebad4d086f6fc76ac196700458a5bc277ba0fbd73d21a86eeee752ae7
4
+ data.tar.gz: 5b2497b3e5cbb43ca7572e75ca9b60db17d7c3883771a47c1e55ccfa67d9192d
5
5
  SHA512:
6
- metadata.gz: bfb74fe3a4b4a47a4353473c49af671a8fa43ed85f57e0864939148a1f89640b003310156505f665e69a06887c451a998c8ca4b5a0c4978f9f13e2de135bde66
7
- data.tar.gz: 197b286bd3770e8053c3343ad417f228e26beb9c759c114069c9fe1a540e8c2523d51963944706c461f1a224c8cac4cbe151ce143d8dd18fa59ffc95d2cbe32f
6
+ metadata.gz: 3356793cb01d020fd54e33ef9be0b70483731e47dd28c37dcc8a82d3956317c4b857bc96c717ef6c35c64e9192add00eb9dca5e7632cf105d55a018e4d376ffc
7
+ data.tar.gz: a0761e34fd2f3a0ff002651b7add35a69f2b82a514f1e6125cfb32e670ea598a8e9aacd45b9a0a3ceeede0da75fd2043ce8582d89971d5d014aed15bc8341f95
data/lib/rack/shield/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module Shield
3
- VERSION = '1.2.2'
3
+ VERSION = '1.2.4'
4
4
  end
5
5
  end
data/lib/rack/shield.rb CHANGED
@@ -7,97 +7,134 @@ require_relative 'shield/request_ext'
7
7
 
8
8
  module Rack
9
9
  module Shield
10
- DEFAULT_PATHS = [/\/wp-(includes|content|admin|json|config)/,
11
- /\.(php\d?|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|cmd|py|lasso|e?rb|pl|jsp|do|action|sh|dll|lsp)\z/i,
12
- 'cgi-bin',
13
- 'phpmyadmin',
14
- '/pma/',
15
- '/boaform/',
16
- 'sqlbuddy',
17
- /(my)?sql-backup/,
18
- 'etc/passwd',
19
- '/php/',
20
- '.php/',
21
- '/browsedisk',
22
- '/mambo/',
23
- '/ipython/',
24
- '/jenkins/',
25
- '/joomla/',
26
- '/varien/js.js',
27
- '/drupal.js',
28
- 'RELEASE_NOTES.txt',
29
- '/phpunit/',
30
- '/magento/',
31
- '/mage/',
32
- '/magento_version',
33
- '/mifs/',
34
- '/js/varien/',
35
- '/includes/',
36
- '/HNAP1',
37
- '/stalker_portal/',
38
- '/nmaplowercheck',
39
- '/solr/admin/',
40
- '/axis2/axis2-admin',
41
- '/telescope/requests',
42
- '/RELEASE_NOTES.txt',
43
- 'deployment-config.json',
44
- 'ftpsync.settings',
45
- '/_profiler/latest',
46
- '/_ignition/',
47
- '/_wpeprivate/',
48
- '/Config/SaveUploadedHotspotLogoFile',
49
- 'ALFA_DATA',
50
- 'cgialfa',
51
- 'alfacgiapi',
52
- '/+CSCOT+/',
53
- '/api/v2/cmdb/system',
54
- 'com.vmware.vsan.client.services',
55
- '/aspnet-ajax/',
56
- '/Portal.mwsl',
57
- '/adminer',
58
- '/appsuite/signin',
59
- '/io.ox/',
60
- '/tkset/',
61
- '/bakula-web',
62
- '/snort/',
63
- '/officescan/',
64
- '/servlet/',
65
- '/ox6/',
66
- '/ws_utc/',
67
- '/OASREST/',
68
- '/WEB-INF/',
69
- '/faspex/',
70
- '/(download)/',
71
- '/nacos/',
72
- '/UploadServlet',
73
- '/meta-data/identity-credentials/',
74
- '/SDK/webLanguage',
75
- /\A\/"/,
76
- /\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
77
- /\/old\/?\z/,
78
- /\/\.env\z/,
79
- /\A\/old-wp/,
80
- /\A\/(wordpress|wp)(\/|\z)/,
81
- /Open-Xchange/i]
10
+ DEFAULT_PATHS = [
11
+ '/actuator/gateway/routes',
12
+ '/actuator/health',
13
+ '/admin/uploadify/',
14
+ '/adminer',
15
+ 'alfacgiapi',
16
+ 'ALFA_DATA',
17
+ '/api/v2/cmdb/system',
18
+ '/api/v2/static/not.found',
19
+ '/appsuite/signin',
20
+ '/aspera/faspex',
21
+ '/aspnet-ajax/',
22
+ '/axis2/axis2-admin',
23
+ '/bakula-web',
24
+ '/boaform/',
25
+ '/browsedisk',
26
+ 'cgialfa',
27
+ 'cgi-bin',
28
+ 'com.vmware.vsan.client.services',
29
+ '/Config/SaveUploadedHotspotLogoFile',
30
+ '/+CSCOT+/',
31
+ 'deployment-config.json',
32
+ '/(download)/',
33
+ '/downloadMainLog',
34
+ '/drupal.js',
35
+ 'etc/passwd',
36
+ '/faspex/',
37
+ 'ftpsync.settings',
38
+ '/groovyconsole',
39
+ '/HNAP1',
40
+ '/geoserver/web',
41
+ '/_ignition/',
42
+ '/includes/',
43
+ '/io.ox/',
44
+ '/ipython/',
45
+ '/jenkins/',
46
+ '/jmx-console',
47
+ '/joomla/',
48
+ '/js/varien/',
49
+ '/mage/',
50
+ '/magento/',
51
+ '/magento_version',
52
+ '/mambo/',
53
+ '/meta-data/identity-credentials/',
54
+ '/mifs/',
55
+ '/mPlayer',
56
+ '/nacos/',
57
+ '/nginx.conf',
58
+ '/nice%20ports',
59
+ '/nmaplowercheck',
60
+ '/OASREST/',
61
+ '/officescan/',
62
+ '/owa/auth/',
63
+ '/ox6/',
64
+ '/php/',
65
+ '.php/',
66
+ '/phpinfo',
67
+ 'phpmyadmin',
68
+ '/phpunit/',
69
+ '/pma/',
70
+ '/Portal0000.htm',
71
+ '/Portal.mwsl',
72
+ '/_profiler/latest',
73
+ 'RELEASE_NOTES.txt',
74
+ '/RELEASE_NOTES.txt',
75
+ '/remote/logincheck',
76
+ '/rest/applinks/',
77
+ '/SaveUploadedHotspotLogoFile',
78
+ '/SDK/webLanguage',
79
+ '/seeyon/htmlofficeservlet',
80
+ '/servlet/',
81
+ '/SiteLoader',
82
+ '/snort/',
83
+ '/solr/admin/',
84
+ 'sqlbuddy',
85
+ '/stalker_portal/',
86
+ '/telescope/requests',
87
+ '/tkset/',
88
+ '/UploadServlet',
89
+ '/varien/js.js',
90
+ '/VisionHubWebApi/',
91
+ '/WEB-INF/',
92
+ '/WEB-INF/',
93
+ '/_wpeprivate/',
94
+ '/ws_utc/',
95
+ /\/wp-(includes|content|admin|json|config)/,
96
+ /\.(php\d?|cgi|asp|aspx|env|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|cmd|py|lasso|e?rb|pl|jsp|do|action|sh|dll|lsp|ehp)\z/i,
97
+ /\A\/"/,
98
+ /\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
99
+ /(my)?sql-backup/,
100
+ /\/old\/?\z/,
101
+ /\A\/old-wp/,
102
+ /\A\/(wordpress|wp)(\/|\z)/,
103
+ /Open-Xchange/i]
82
104
 
83
- DEFAULT_QUERIES = [/SELECT.+FROM.+/i,
84
- /SELECT.+COUNT/i,
85
- /SELECT.+UNION/i,
86
- /UNION.+SELECT/i,
87
- /INFORMATION_SCHEMA/i,
88
- '--%20',
89
- '-- ',
90
- '%2Fscript%3E',
91
- '<script>', '</script>',
92
- '<php>', '</php>',
93
- 'XDEBUG_SESSION_START',
94
- 'phpstorm',
95
- '<php>',
96
- 'onload=confirm',
97
- 'HelloThinkCMF',
98
- 'XDEBUG_SESSION_START']
105
+ DEFAULT_QUERIES = [
106
+ /SELECT.+FROM.+/i,
107
+ /SELECT.+COUNT/i,
108
+ /SELECT.+UNION/i,
109
+ /UNION.+SELECT/i,
110
+ /INFORMATION_SCHEMA/i,
111
+ '--%20',
112
+ '-- ',
113
+ '%2Fscript%3E',
114
+ '<script>', '</script>',
115
+ '<php>', '</php>',
116
+ 'XDEBUG_SESSION_START',
117
+ 'phpstorm',
118
+ '<php>',
119
+ 'onload=confirm',
120
+ 'HelloThinkCMF',
121
+ 'XDEBUG_SESSION_START'
122
+ ]
99
123
 
100
- DEFAULT_BODIES = ['OKMLlKlV']
124
+ DEFAULT_BODIES = [
125
+ 'OKMLlKlV',
126
+ 'DBMS_PIPE.RECEIVE_MESSAGE',
127
+ /eth_getWork/,
128
+ /SELECT.+FROM.+/i,
129
+ /SELECT.+COUNT/i,
130
+ /SELECT.+UNION/i,
131
+ /UNION.+SELECT/i,
132
+ /INFORMATION_SCHEMA/i,
133
+ /WAITFOR DELAY/i,
134
+ /FROM PG_SLEEP/i,
135
+ /CHR\(\d+\)/i,
136
+ /UNION.+SELECT/i
137
+ ]
101
138
 
102
139
  class << self
103
140
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-shield
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.2
4
+ version: 1.2.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matthias Grosser
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-15 00:00:00.000000000 Z
11
+ date: 2024-08-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-attack
@@ -44,7 +44,7 @@ homepage: https://github.com/mtgrosser/rack-shield
44
44
  licenses:
45
45
  - MIT
46
46
  metadata: {}
47
- post_install_message:
47
+ post_install_message:
48
48
  rdoc_options: []
49
49
  require_paths:
50
50
  - lib
@@ -59,8 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
59
59
  - !ruby/object:Gem::Version
60
60
  version: '0'
61
61
  requirements: []
62
- rubygems_version: 3.1.4
63
- signing_key:
62
+ rubygems_version: 3.5.9
63
+ signing_key:
64
64
  specification_version: 4
65
65
  summary: Block and unblock evil requests
66
66
  test_files: []