vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-06 03:45:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Added detection of URLs starting with a dot (.)

Browse source
This commit is contained in:
Luca Deri 2022-10-10 22:34:26 +02:00
parent 1796a1d814
commit cd76bacd4a
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/lib/protocols/http.c
View file

@ -632,6 +632,8 @@ static void ndpi_check_http_url(struct ndpi_detection_module_struct *ndpi_struct
ndpi_set_risk(ndpi_struct, flow, NDPI_URL_POSSIBLE_RCE_INJECTION, "PHP code in URL");
else if(strncmp(url, "/shell?", 7) == 0)
ndpi_set_risk(ndpi_struct, flow, NDPI_URL_POSSIBLE_RCE_INJECTION, "Possible WebShell detected");
else if(strncmp(url, "/.", 2) == 0)
ndpi_set_risk(ndpi_struct, flow, NDPI_POSSIBLE_EXPLOIT, "URL starting with dot");
}
/* ************************************************************* */