Re: [mod-security-users] Protection against Bash injection
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Protection against Bash injection
|
From: Christian F. <chr...@ne...> - 2018-11-09 08:29:48
|
+1 On Fri, Nov 09, 2018 at 07:27:58AM +0000, Marc Stern wrote: > Hi Christian, > > It can be compiled and used as a stand-alone module. > If you want to integrate it into 2.9.3, you're obviously welcome. > > *Marc Stern > Cyber-Security Consulting Director* > Approach Belgium <https://www.approach.be> > Axis Park - Rue Edouard Belin 7 - 1435 Mont-Saint-Guibert - Belgium/* > Inspiring the cyber-security community > > */ > On 09-11-18 07:59, Christian Folini wrote: > > Hey Marc, > > > > Wow. This is very cool. Just to be clear. You published this as an add-on > > module for Apache that will integrate with ModSec 2.x on Apache. > > > > Ideally your code contribution will be taken and integrated into the > > upcoming (and final) 2.9.3 and hopefully into the libModSecurity 3.x release > > line. > > > > Am I correct? > > > > Cheers, > > > > Christian > > > > On Thu, Nov 08, 2018 at 02:13:57PM +0000, Marc Stern wrote: > >> For those who remember, we (Approach Belgium) published in 2011 the > >> "cmdLine" transformation that handles most Windows cmd injections (and > >> some basic bash injections). The "cmdLine" transformation is now > >> officially part of ModSecurity for years. > >> > >> We were also using, to protect our customers for some years, an > >> additional transformation blocking several other bash injections. > >> We decided to also give it to the community. > >> The source code and the explanations are available on > >> https://www.approach.be/en/modsecurity.html > >> > >> Enjoy > >> > >> > >> *Marc Stern > >> Cyber-Security Consulting Director* > >> Approach Belgium <https://www.approach.be> > >> Axis Park - Rue Edouard Belin 7 - 1435 Mont-Saint-Guibert - Belgium > >> Follow us: <https://www.linkedin.com/company/16513/> > >> <https://twitter.com/ApproachBe> > >> /*Inspiring the cyber-security community*/ > >> > >> > >> This e-mail and any attachment are confidential and intended solely for > >> the use of the individual to whom it is addressed. If you are not the > >> intended recipient, please contact the sender and delete this message > >> and any attachment from your system. Unauthorised publication, use, > >> dissemination, forwarding, printing or copying of this e-mail and its > >> associated attachments is strictly prohibited. > >> > >> _______________________________________________ > >> mod-security-users mailing list > >> mod...@li... > >> https://lists.sourceforge.net/lists/listinfo/mod-security-users > >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > >> http://www.modsecurity.org/projects/commercial/rules/ > >> http://www.modsecurity.org/projects/commercial/support/ > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
