uawdijnntqw1x1x1
IP : 216.73.216.180
Hostname : xhost1.intravision.ru
Kernel : Linux xhost1.intravision.ru 3.16.0-7-amd64 #1 SMP Debian 3.16.59-1 (2018-10-03) x86_64
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
OS : Linux
PATH:
/
var
/
.
/
files
/
need-2-delete
/
mini-borishof.ru1
/
bitrix
/
modules
/
.
/
security
/
lib
/
filter
/
auditor
/
sql.php
/
/
<?php /** * Bitrix Security Module * @package Bitrix * @subpackage Security * @copyright 2001-2013 Bitrix * @since File available since 14.0.0 */ namespace Bitrix\Security\Filter\Auditor; /** * Sql security auditor * Searching SQLi like strings, for example: union select money,1,2,3 from big_guy; * * @package Bitrix\Security\Filter\Auditor * @since 14.0.0 */ class Sql extends Base { protected $name = 'SQL'; protected function getFilters() { $sqlStart = '(?:(?<![a-z0-9_-])|\/\*M?!\d+?)\K'; $sqlEnd = '(?![a-z_])'; $sqlSpace = "(?:[\\x00-\\x20\(\)\'\"\`*@\+\-\.~\\\ed!\d{}]|(?:\\/\\*.*?\\*\\/)|(?:\\/\\*M?!\d*)|(?:\\*\\/)|(?:#[^\\n]*[\\n]+))+"; $sqlExpEnd = "[\\x00-\\x20\(\)\'\"\`*@\+\-\.~\\\ed!\d{}\\/]"; $sqlFunctionsSpace="[\\x00-\\x20]*"; $sqlSplitTo2 = $this->getSplittingString(2); $sqlSplitTo3 = $this->getSplittingString(3); $sqlSplitTo4 = $this->getSplittingString(4); global $DBType; $filters = array( "/{$sqlStart}(uni)(on{$sqlSpace}.+{$sqlExpEnd}sel)(ect){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(uni)(on{$sqlSpace}sel)(ect){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(sel)(ect{$sqlSpace}.+{$sqlExpEnd}fr)(om){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(sel)(ect{$sqlSpace}fr)(om){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(fr)(om{$sqlSpace}.+{$sqlExpEnd}wh)(ere){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(alt)(er)({$sqlSpace})(database|table|function|procedure|server|event|view|index){$sqlEnd}/is" => $sqlSplitTo4, "/{$sqlStart}(cre)(ate)({$sqlSpace})(database|table|function|procedure|server|event|view|index){$sqlEnd}/is" => $sqlSplitTo4, "/{$sqlStart}(dr)(op)({$sqlSpace})(database|table|function|procedure|server|event|view|index){$sqlEnd}/is" => $sqlSplitTo4, "/{$sqlStart}(upd)(ate{$sqlSpace}.+{$sqlExpEnd}se)(t){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(ins)(ert{$sqlSpace}.+{$sqlExpEnd}val)(ue){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(ins)(ert{$sqlSpace}.+{$sqlExpEnd}se)(t){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(i)(nto{$sqlSpace}out)(file){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(i)(nto{$sqlSpace}dump)(file){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(ins)(ert{$sqlSpace}.+{$sqlSpace}sele)(ct){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(ins)(ert{$sqlSpace}in)(to){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(ins)(ert{$sqlSpace}.+{$sqlSpace}in)(to){$sqlEnd}/is" => $sqlSplitTo3, "/{$sqlStart}(load_)(file{$sqlFunctionsSpace}\()/is" => $sqlSplitTo2, "/{$sqlStart}(fr)(om{$sqlSpace}.+{$sqlExpEnd}lim)(it){$sqlEnd}/is" => $sqlSplitTo3, ); $dbt = strtolower($DBType); if ($dbt === 'mssql') { $filters += array( "/({$sqlSpace}[sx]p)(_\w+{$sqlFunctionsSpace}[\(\[])/" => $sqlSplitTo2, "/(ex)(ec{$sqlFunctionsSpace}\()/is"=>$sqlSplitTo2, "/(ex)(ecute{$sqlFunctionsSpace}\()/is"=>$sqlSplitTo2, "/([\\x00-\\x20;]ex)(ec.+[sx]p)(_\w+)/is" => $sqlSplitTo3, ); } elseif ($dbt === 'oracle') { $filters += array( "/(ex)(ecute{$sqlSpace}.+{$sqlExpEnd}imme)(diate)/is" => $sqlSplitTo3, "/(ex)(ecute{$sqlSpace}imme)(diate)/is" => $sqlSplitTo3, ); } $result = array( 'search' => array_keys($filters), 'replace' => $filters ); return $result; } }
/var/./files/need-2-delete/mini-borishof.ru1/bitrix/modules/./security/lib/filter/auditor/sql.php