|
From: Jose P. V. L. <pab...@gm...> - 2014-01-29 09:50:08
|
Good morning. I was wondering if someone could advice me how to convert regular expression as /<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*E2883E8F-472F-4fb0-9522-AC9BF37916A7.+offer-(ineligible|preinstalled|declined|accepted)/si into mod_security compatible regular expression. Looking at the exploit exploit <http://www.exploit-db.com/exploits/11172/> vulnerability string is <object id=TestObj classid="CLSID:{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" So I understand that using the pcre you should be able to stop any variation of the exploit? Kind regards, |
