Skip to content

Commit

Permalink
feat: add more functions to blacklist
Browse files Browse the repository at this point in the history
  • Loading branch information
@leohearts
leohearts committed Nov 12, 2022
1 parent 8749b2e commit 293ed59
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion watchbird-source.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ class configmanager
//名单配置
public $upload_whitelist = "/jpg|png|gif|txt/i"; // upload白名单
public $sql_blacklist = "/drop |dumpfile\b|INTO FILE|union select|outfile\b|load_file\b|multipoint\(/i";
public $rce_blacklist = "/`|var_dump|str_rot13|serialize|base64_encode|base64_decode|strrev|eval\(|assert|file_put_contents|fwrite|curl_exec\(|dl\(|readlink|popepassthru|preg_replace|create_function|array_map|call_user_func|array_filter|usort|stream_socket_server|pcntl_exec|passthru|exec\(|system\(|chroot\(|scandir\(|chgrp\(|chown|shell_exec|proc_open|proc_get_status|popen\(|ini_alter|ini_restore|ini_set|LD_PRELOAD|ini_alter|ini_restore|ini_set|base64 -d/i";
public $rce_blacklist = "/`|var_dump|str_rot13|serialize|base64_encode|base64_decode|strrev|eval\(|assert|file_put_contents|fwrite|curl_exec\(|dl\(|readlink|popepassthru|preg_replace|preg_filter|mb_ereg_replace|register_shutdown_function|register_tick_function|create_function|array_map|array_reduce|uasort|uksort|array_udiff|array_walk|call_user_func|array_filter|usort|stream_socket_server|pcntl_exec|passthru|exec\(|system\(|chroot\(|scandir\(|chgrp\(|chown|shell_exec|proc_open|proc_get_status|popen\(|ini_alter|ini_restore|ini_set|LD_PRELOAD|ini_alter|ini_restore|ini_set|base64 -d/i";
function change($key, $val)
{
global $config_path;
Expand Down

0 comments on commit 293ed59

Please sign in to comment.