Re: [Mod-security-rules] mod sec rule to execute lua script
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-rules] mod sec rule to execute lua script
|
From: Ryan B. <RBa...@tr...> - 2014-10-10 12:57:47
|
You can have a look at some other existing Lua scripts that interact with OS commands and use the REMOTE_ADDR data. https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/master/lua/gather_ip_data.lua Ryan Barnett Senior Lead Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com<http://www.trustwave.com/> From: kinomakino <kin...@ho...<mailto:kin...@ho...>> Date: Friday, October 10, 2014 7:33 AM To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>> Subject: [Mod-security-rules] mod sec rule to execute lua script As always,thanks for the help. I'm playing with a lua script from mod security (exec: /var/scripts/script.lua) the target is ip ban in iptables source that triggers the rule. I get receive the REMOTE_ADDR variable,but I mod_secalert appears: Message: Lua: Script execution failed: attempt to call anil value The variable takes the script, because towrite a testlog. The lua scriptis as follows: Local remote_addr = m.getvar ("REMOTE_ADDR"); Local log_file = "/tmp/lua_tmp.log" file = io.open (log_file, "a") file: write (remote_addr) file: write ("\ n") file: close () print ("0") you have information about thiserror? Thank you !!! ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |
