vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kys9

Browse Source
This commit is contained in:
vasco
2026-06-02 22:16:25 +01:00
parent ad84c1ba29
commit 05cbbfbe18
9 changed files with 3750 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
conf/modsecurity.conf
View File

@@ -8,23 +8,23 @@ SecAuditLogType Serial
SecAuditLog /var/log/modsecurity/audit.log
# sql injection
SecRule ARGS "['\";]|--" \
SecRule REQUEST_URI|ARGS "['\";]|--" \
"id:950001,phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
# xss / html injection
SecRule ARGS "<.*>" \
SecRule REQUEST_URI|ARGS "<.*>" \
"id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
# command injection
SecRule ARGS "(\"role\".*:.*\"admin\")|exec|cat|more|ls|dir|/etc/passwd" \
SecRule REQUEST_URI|ARGS "(\"role\".*:.*\"admin\")|exec|cat|more|ls|dir|/etc/passwd" \
"id:950006,phase:2,deny,status:403,msg:'Command Injection Detected',log"
# path traversal
SecRule ARGS "\%00|\%2500|(\./|\.\./)|ftp|metrics|api-docs" \
"id:950007,phase:2,deny,status:403,msg:'Path Traversal Attempt',log"
SecRule REQUEST_URI|ARGS "\%00|\%2500|(\./|\.\./)|ftp|metrics|api-docs" \
"id:950007,phase:2,deny,status:403,msg:'Path traversal attempt',log"
# exposed stuff
SecRule REQUEST_URI "\%00|\%2500|ftp|metrics|api-docs" \
# exposed stuff (redundante ?)
SecRule REQUEST_URI|ARGS "\%00|\%2500|ftp|metrics|api-docs" \
"id:950008,phase:2,deny,status:500,msg:'Attempt to access ftp, metrics, api-docs',log"
# rate limiting on login endpoint

BIN
entrega.zip Normal file
View File

Binary file not shown.

3680
entrega.zip.asc Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
relatorio.pdf Normal file
View File

Binary file not shown.

6
relatorio/relatorio.aux
View File

@@ -42,11 +42,11 @@
\@writefile{toc}{\contentsline {subsection}{\numberline {4.1}Information Gathering}{12}{subsection.4.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{12}{subsection.4.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{12}{subsection.4.3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.4}Authentication Testing}{12}{subsection.4.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.4}Authentication Testing}{13}{subsection.4.4}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.5}Authorization Testing}{13}{subsection.4.5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.6}Session Management Testing}{13}{subsection.4.6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{13}{subsection.4.7}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{13}{subsection.4.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.9}Client Side Testing}{13}{subsection.4.9}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{14}{subsection.4.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {4.9}Client Side Testing}{14}{subsection.4.9}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {5}Conclusions}{14}{section.5}\protected@file@percent }
\gdef \@abspage@last{14}

25
relatorio/relatorio.listing
View File

@@ -1,3 +1,12 @@
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off
SecDebugLog /var/log/modsecurity/debug.log
SecDebugLogLevel 0
SecAuditLogParts ABIJ
SecAuditLogType Serial
SecAuditLog /var/log/modsecurity/audit.log
# sql injection
SecRule ARGS "['\";]|--" \
"id:950001,phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
@@ -7,9 +16,21 @@ SecRule ARGS "<.*>" \
"id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
# command injection
SecRule ARGS "exec|cat|more|ls|dir|/etc/passwd" \
SecRule ARGS "(\"role\".*:.*\"admin\")|exec|cat|more|ls|dir|/etc/passwd" \
"id:950006,phase:2,deny,status:403,msg:'Command Injection Detected',log"
# path traversal
SecRule ARGS "(\./|\.\./)|ftp|metrics|api-docs" \
SecRule ARGS "\%00|\%2500|(\./|\.\./)|ftp|metrics|api-docs" \
"id:950007,phase:2,deny,status:403,msg:'Path Traversal Attempt',log"
# exposed stuff
SecRule REQUEST_URI "\%00|\%2500|ftp|metrics|api-docs" \
"id:950008,phase:2,deny,status:500,msg:'Attempt to access ftp, metrics, api-docs',log"
# rate limiting on login endpoint (max 5 requests per 30s per IP)
SecAction \
"id:950009,phase:1,initcol:ip=%{REMOTE_ADDR},pass,nolog"
SecRule REQUEST_URI "@streq /rest/user/login" \
"id:950010,phase:2,pass,nolog,setvar:ip.login_count=+1,expirevar:ip.login_count=30"
SecRule IP:LOGIN_COUNT "@gt 5" \
"id:950011,phase:2,deny,status:429,msg:'Rate Limit Exceeded on Login',log"

61
relatorio/relatorio.log
View File

@@ -1,4 +1,4 @@
This is pdfTeX, Version 3.141592653-2.6-1.40.29 (TeX Live 2026/Arch Linux) (preloaded format=pdflatex 2026.5.3) 31 MAY 2026 21:14
This is pdfTeX, Version 3.141592653-2.6-1.40.29 (TeX Live 2026/Arch Linux) (preloaded format=pdflatex 2026.5.3) 31 MAY 2026 22:42
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
@@ -1160,27 +1160,27 @@ LaTeX Font Info: Font shape `T1/Raleway-OsF/b/n' will be
LaTeX Font Info: Font shape `T1/Raleway-OsF/m/it' will be
(Font) scaled to size 10.95pt on input line 28.
LaTeX Font Info: Trying to load font information for TS1+Raleway-OsF on inpu
t line 48.
t line 54.
(/usr/share/texmf-dist/tex/latex/raleway/TS1Raleway-OsF.fd
File: TS1Raleway-OsF.fd 2025/04/09 (autoinst) Font definitions for TS1/Raleway-
OsF.
)
LaTeX Font Info: Font shape `TS1/Raleway-OsF/m/n' will be
(Font) scaled to size 10.95pt on input line 48.
(Font) scaled to size 10.95pt on input line 54.
LaTeX Font Info: Font shape `T1/Raleway-OsF/bold/n' aliased to
(Font) `T1/Raleway-OsF/b/n' on input line 54.
(Font) `T1/Raleway-OsF/b/n' on input line 62.
LaTeX Font Info: Font shape `T1/Raleway-OsF/b/n' will be
(Font) scaled to size 12.0pt on input line 54.
(Font) scaled to size 12.0pt on input line 62.
[3{/usr/share/texmf-dist/fonts/enc/dvips/raleway/a_2drkug.enc}{/usr/share/texm
f-dist/fonts/enc/dvips/cm-super/cm-super-t1.enc}]
\g__tcobox_out_iow=\write6
\openout6 = `relatorio.listing'.
LaTeX Font Info: Font shape `T1/cmtt/bx/n' in size <10.95> not available
(Font) Font shape `T1/cmtt/m/n' tried instead on input line 89.
(Font) Font shape `T1/cmtt/m/n' tried instead on input line 101.
LaTeX Font Info: Font shape `T1/cmtt/bx/n' in size <9> not available
(Font) Font shape `T1/cmtt/m/n' tried instead on input line 89.
(Font) Font shape `T1/cmtt/m/n' tried instead on input line 101.
(./relatorio.listing
LaTeX Font Info: Font shape `T1/Raleway-OsF/m/n' will be
(Font) scaled to size 9.0pt on input line 1.
@@ -1188,12 +1188,12 @@ LaTeX Font Info: Font shape `T1/Raleway-OsF/m/n' will be
<./imgs/ftp.png, id=201, 1587.9325pt x 401.5pt>
File: ./imgs/ftp.png Graphic file (type png)
<use ./imgs/ftp.png>
Package pdftex.def Info: ./imgs/ftp.png used on input line 103.
Package pdftex.def Info: ./imgs/ftp.png used on input line 119.
(pdftex.def) Requested size: 452.9679pt x 114.5267pt.
<./imgs/metrics.png, id=202, 1927.2pt x 1010.77625pt>
File: ./imgs/metrics.png Graphic file (type png)
<use ./imgs/metrics.png>
Package pdftex.def Info: ./imgs/metrics.png used on input line 109.
Package pdftex.def Info: ./imgs/metrics.png used on input line 125.
(pdftex.def) Requested size: 452.9679pt x 237.5633pt.
@@ -1202,7 +1202,7 @@ LaTeX Warning: `!h' float specifier changed to `!ht'.
<./imgs/swagger.png, id=203, 1923.185pt x 995.72pt>
File: ./imgs/swagger.png Graphic file (type png)
<use ./imgs/swagger.png>
Package pdftex.def Info: ./imgs/swagger.png used on input line 115.
Package pdftex.def Info: ./imgs/swagger.png used on input line 131.
(pdftex.def) Requested size: 452.9679pt x 234.5108pt.
LaTeX Warning: `!h' float specifier changed to `!ht'.
@@ -1215,7 +1215,7 @@ ger.png (PNG copy)>]
<./imgs/email-unique.png, id=220, 475.7775pt x 361.35pt>
File: ./imgs/email-unique.png Graphic file (type png)
<use ./imgs/email-unique.png>
Package pdftex.def Info: ./imgs/email-unique.png used on input line 172.
Package pdftex.def Info: ./imgs/email-unique.png used on input line 214.
(pdftex.def) Requested size: 317.07614pt x 240.82956pt.
@@ -1225,7 +1225,7 @@ LaTeX Warning: `!h' float specifier changed to `!ht'.
<./imgs/email-invalido.png, id=243, 504.88625pt x 541.02126pt>
File: ./imgs/email-invalido.png Graphic file (type png)
<use ./imgs/email-invalido.png>
Package pdftex.def Info: ./imgs/email-invalido.png used on input line 188.
Package pdftex.def Info: ./imgs/email-invalido.png used on input line 235.
(pdftex.def) Requested size: 317.07614pt x 339.772pt.
@@ -1235,12 +1235,12 @@ LaTeX Warning: `!h' float specifier changed to `!ht'.
<./imgs/suspiciouserrors.png, id=251, 1150.2975pt x 568.1225pt>
File: ./imgs/suspiciouserrors.png Graphic file (type png)
<use ./imgs/suspiciouserrors.png>
Package pdftex.def Info: ./imgs/suspiciouserrors.png used on input line 207.
Package pdftex.def Info: ./imgs/suspiciouserrors.png used on input line 266.
(pdftex.def) Requested size: 317.07614pt x 156.60258pt.
<./imgs/suspiciouserrors2.png, id=252, 900.36375pt x 471.7625pt>
File: ./imgs/suspiciouserrors2.png Graphic file (type png)
<use ./imgs/suspiciouserrors2.png>
Package pdftex.def Info: ./imgs/suspiciouserrors2.png used on input line 213.
Package pdftex.def Info: ./imgs/suspiciouserrors2.png used on input line 272.
(pdftex.def) Requested size: 317.07614pt x 166.13432pt.
@@ -1248,7 +1248,7 @@ LaTeX Warning: `!h' float specifier changed to `!ht'.
[8 <./imgs/email-invalido.png (PNG copy)> <./imgs/suspiciouserrors.png (PNG cop
y)>]
Overfull \hbox (6.24345pt too wide) in paragraph at lines 230--231
Overfull \hbox (6.24345pt too wide) in paragraph at lines 297--298
[]\T1/Raleway-OsF/b/n/10.95 Tentativa com Script Di-reto: \T1/Raleway-OsF/m/n/1
0.95 In-se-ri-mos o pay-load tra-di-ci-o-nal \T1/cmtt/m/n/10.95 <script>alert("
someones
@@ -1264,7 +1264,7 @@ someones
<./imgs/stack-trace.png, id=270, 643.90562pt x 378.91562pt>
File: ./imgs/stack-trace.png Graphic file (type png)
<use ./imgs/stack-trace.png>
Package pdftex.def Info: ./imgs/stack-trace.png used on input line 282.
Package pdftex.def Info: ./imgs/stack-trace.png used on input line 361.
(pdftex.def) Requested size: 317.07614pt x 186.59535pt.
@@ -1277,20 +1277,27 @@ LaTeX Warning: `!h' float specifier changed to `!ht'.
\openout6 = `relatorio.listing'.
(./relatorio.listing) [11 <./imgs/stack-trace.png>]
Overfull \hbox (2.16914pt too wide) in paragraph at lines 339--340
Overfull \hbox (2.16914pt too wide) in paragraph at lines 444--447
\T1/Raleway-OsF/m/n/10.95 com tags HTML nos cam-pos de \T1/Raleway-OsF/m/it/10.
95 in-put\T1/Raleway-OsF/m/n/10.95 , como \T1/cmtt/m/n/10.95 <h1>STRONG\T1/Rale
way-OsF/m/n/10.95 , de-vol-vendo um erro \T1/cmtt/m/n/10.95 403 Forbidden
[]
[12]
Overfull \hbox (111.73438pt too wide) in paragraph at lines 363--364
Overfull \hbox (51.12938pt too wide) in paragraph at lines 448--454
\T1/Raleway-OsF/m/n/10.95 corpo JSON do re-gisto) \T1/Raleway-OsF/b/n/10.95 é m
i-ti-gada pela re-gra id:950006\T1/Raleway-OsF/m/n/10.95 , que de-teta a se-quê
n-cia \T1/cmtt/m/n/10.95 "role".*:.*"admin"
[]
[12] [13]
Overfull \hbox (111.73438pt too wide) in paragraph at lines 507--511
\T1/Raleway-OsF/m/n/10.95 O pay-load de ex-fil-tra-ção do to-ken JWT via XSS (\
T1/cmtt/m/n/10.95 <img src="x"onerror="alert(localStorage.getItem('token'))^^T\
T1/Raleway-OsF/m/n/10.95 )
[]
[13] [14] (./relatorio.aux)
[14] (./relatorio.aux)
***********
LaTeX2e <2025-11-01>
L3 programming layer <2026-01-19>
@@ -1299,10 +1306,10 @@ Package rerunfilecheck Info: File `relatorio.out' has not changed.
(rerunfilecheck) Checksum: 71F23F30E8D22A202B518A954FE83332;4897.
)
Here is how much of TeX's memory you used:
31790 strings out of 469495
627577 string characters out of 5470099
31810 strings out of 469495
627873 string characters out of 5470099
1238894 words of memory out of 5000000
59761 multiletter control sequences out of 15000+600000
59760 multiletter control sequences out of 15000+600000
791342 words of font info for 89 fonts, out of 8000000 for 9000
16 hyphenation exceptions out of 8191
113i,8n,122p,697b,1727s stack positions out of 10000i,1000n,20000p,200000b,200000s
@@ -1311,10 +1318,10 @@ hare/texmf-dist/fonts/type1/impallari/raleway/Raleway-Italic.pfb></usr/share/te
xmf-dist/fonts/type1/impallari/raleway/Raleway-Regular.pfb></usr/share/texmf-di
st/fonts/type1/public/cm-super/sftt0900.pfb></usr/share/texmf-dist/fonts/type1/
public/cm-super/sftt1095.pfb>
Output written on relatorio.pdf (14 pages, 879988 bytes).
Output written on relatorio.pdf (14 pages, 882504 bytes).
PDF statistics:
399 PDF objects out of 1000 (max. 8388607)
335 compressed objects within 4 object streams
126 named destinations out of 1000 (max. 500000)
425 PDF objects out of 1000 (max. 8388607)
361 compressed objects within 4 object streams
147 named destinations out of 1000 (max. 500000)
413 words of extra memory for PDF output out of 10000 (max. 10000000)

BIN
relatorio/relatorio.pdf
View File

Binary file not shown.

6
relatorio/relatorio.toc
View File

@@ -19,10 +19,10 @@
\contentsline {subsection}{\numberline {4.1}Information Gathering}{12}{subsection.4.1}%
\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{12}{subsection.4.2}%
\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{12}{subsection.4.3}%
\contentsline {subsection}{\numberline {4.4}Authentication Testing}{12}{subsection.4.4}%
\contentsline {subsection}{\numberline {4.4}Authentication Testing}{13}{subsection.4.4}%
\contentsline {subsection}{\numberline {4.5}Authorization Testing}{13}{subsection.4.5}%
\contentsline {subsection}{\numberline {4.6}Session Management Testing}{13}{subsection.4.6}%
\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{13}{subsection.4.7}%
\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{13}{subsection.4.8}%
\contentsline {subsection}{\numberline {4.9}Client Side Testing}{13}{subsection.4.9}%
\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{14}{subsection.4.8}%
\contentsline {subsection}{\numberline {4.9}Client Side Testing}{14}{subsection.4.9}%
\contentsline {section}{\numberline {5}Conclusions}{14}{section.5}%