Light

leohearts / awd-watchbird Goto Github PK

View Code? Open in Web Editor NEW

612.0 8.0 91.0 372 KB

A powerful PHP WAF for AWD

License: GNU Affero General Public License v3.0

C 2.80% PHP 96.38% Python 0.82%

php awd awd-framework web-application-firewall ctf waf

awd-watchbird's Introduction

Hi, I'm Leohearts 🥔

💼 I'm a freelancer!

🎈 CTFer, ex OIer, Not always focusing on cyber security 🐟
🥔 Non binary, or potato ?
🐧 OpenSuSe Tumbleweed ~2024 ~~Uboomtu devel ~2016~~
🌐 Node, PHP, JavaScript, Python, Java, Kotlin, or Golang ?
☁️ Think in Cloud Native
🏡 Prefer freelancing or work from home
🤤 Love catgirls and 💸(?, gimmy projects !

Homepage Blog About GPG Pubkey
请我吃草莓 / Buy me some strawberry🍓

awd-watchbird's People

Contributors

Stargazers

Watchers

Forkers

lola39 igloog cs4745 zmdprogrom secsystem akpotter netsecli lotfocus 851579181 iiiusky d4rker kee1ongz secgoblin uncia laowang1026 ynjw nessastein skyroot 0x7f74 dycsy wanglibin1314 arenaswan lightning-zb oceanlotus xuehua312741499 sevenplusjun way29 hypery11 ret2basic crisprss mitooooo sw-back mstheholy meowwbox lollipopup asweepingmonk murkuo akwood tomapu yangshuangfu cream-sec burpheart marszone test111-crypto lwj-xfz w4tchd09 jxxhwy missxq131 polarpeak kstrowski ctforg anzu-proj gy4n viracall moebackup loopendloop lihu2018 77-0 liudeguang liehu tga0 devil8123665 yzy2019 j4ckzh0u fxizenta shenqierbufan key1624 crypt0nx cyrilxu 5l1v3r1 jinnywc behing viki1998 r1ng13 tang51678 forgetoe tchzy666 kelly778956 an9unie chain312 diymonster n-wn spring051 jiliu233 wnsfjucl88533 wouijvziqy weathering0216 savli lonewolf1927

awd-watchbird's Issues

本地发包问题

大佬好，我使用了本地发包，但是抓包发现并没有从本地发包，求大佬指点。

Watchbird后台RCE

用户配置更改没有做校验，同时变量覆盖可直接导致配置文件路径被任意修改，从而实现rce
https://www.yuque.com/sickle-ffnce/fow8kh/ngl6k9dsv8ue93nk

最新版本地发包问题

大佬，编译并使用了最新的程序，发现本地flag自动提交没有包发出去，请大佬指点~

控制台没有日志

部署后，能够成功拦截，日志txt文件在/tmp/systemd-private-a4a7987b08fe4cdfa2ac38de34acd45d-php-fpm.service-GoFPNh/tmp/watchbird/log路径下，但是控制台的日志标签内刷新不出来日志，请问是什么原因呢？

resonse_content防护时的flag

开启response_content_match时，页面返回假flag，如flag{5hM4x6YBlCRfTZ2edqvNrLgFmD}，虽然在配置页面下已设置了预定flag内容，但此处仍动态显示上面的flag，不知在哪里设置？

页面4个框架能否自定义位置

页面上的“flag_eye_to_eye、flag_log、under_attack_log、web_log”4个框架位置是固定显示的，能否根据各自需要自定义调整？比如，任意拖动位置。

部署waf后对一句话shell可以拦截，但过一会儿就无效了

通过php watchbird.php --install /var/www/html 可以成功部署waf
利用一句话shell来测试waf，访问shell.php并执行system命令可以被waf拦截，且同时在waf log中可以看到执行的指令
但对shell执行几次命令后，再去访问shell，发现不再拦截，且之前写入shell的已经没有了
连续试了多次都这样，不知什么原因？

反复出现设置初始密码

无法正常登录，一直卡在设置初始密码处。
nginx/1.18.0 PHP 5.6.40

如何能显示fake_flag？

已设置fake_flag，但通过shell执行cat /flag时，仅显示watchbird，没出现fake_flag，不知哪里配置的问题，还是某个开关未打开。
配置如下：

shell rce显示：

php不支持

参考：https://www.cnblogs.com/yimingwang/p/13279706.html

像phpmyadmin5.0.2要求php7，而且第一行都是declare(strict_types=1);，如果waf引用加在第一行就报错了，建议判断有无declare(strict_types=1);，有的话就加在下面

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.