function dvwaPhpIdsTrap()
{
try {
$request = array('REQUEST' => $_REQUEST, 'GET' => $_GET, 'POST' => $_POST, 'COOKIE' => $_COOKIE);
$init = IDS_Init::init(DVWA_WEB_PAGE_TO_PHPIDS . 'lib/IDS/Config/Config.ini');
$init->config['General']['base_path'] = DVWA_WEB_PAGE_TO_PHPIDS . 'lib/IDS/';
$init->config['General']['use_base_path'] = true;
$init->config['Caching']['caching'] = 'none';
// 2. Initiate the PHPIDS and fetch the results
$ids = new IDS_Monitor($request, $init);
$result = $ids->run();
if (!$result->isEmpty()) {
require_once 'IDS/Log/File.php';
require_once 'IDS/Log/Composite.php';
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($init));
$compositeLog->execute($result);
echo 'Hacking attempt detected and logged.';
//echo $result;
exit;
}
} catch (Exception $e) {
/*
* something went terribly wrong - maybe the
* filter rules weren't found?
*/
printf('An error occured: %s', $e->getMessage());
}
}
function dvwaPhpIdsTrap()
{
global $_DVWA;
try {
/*
* 1. Define what to scan
* Please keep in mind what array_merge does and how this might interfer
* with your variables_order settings
*/
$request = array('REQUEST' => $_REQUEST, 'GET' => $_GET, 'POST' => $_POST, 'COOKIE' => $_COOKIE);
$init = IDS_Init::init(DVWA_WEB_PAGE_TO_PHPIDS . 'lib/IDS/Config/Config.ini');
$init->config['General']['base_path'] = DVWA_WEB_PAGE_TO_PHPIDS . 'lib/IDS/';
$init->config['General']['use_base_path'] = true;
$init->config['Caching']['caching'] = 'none';
// 2. Initiate the PHPIDS and fetch the results
$ids = new IDS_Monitor($request, $init);
$result = $ids->run();
if (!$result->isEmpty()) {
require_once 'IDS/Log/File.php';
require_once 'IDS/Log/Composite.php';
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($init));
$compositeLog->execute($result);
echo 'Hacking attempt detected and logged.<br />Have a nice day.';
if ($_DVWA['default_phpids_verbose'] == 'true') {
echo $result;
}
exit;
}
} catch (Exception $e) {
// Something went terribly wrong - maybe the filter rules weren't found?
printf('An error occured: %s', $e->getMessage());
}
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$req = array('GET' => $request->getQuery(), 'POST' => $request->getPost(), 'COOKIE' => $request->getCookie(), 'PARAMS' => $request->getUserParams());
$init = IDS_Init::init(APPLICATION_PATH . '/configs/phpids.ini');
$ids = new IDS_Monitor($req, $init);
$result = $ids->run();
if (!$result->isEmpty()) {
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($init));
$compositeLog->execute($result);
}
}
* In the result object you will find any suspicious
* fields of the passed array enriched with additional info
*
* Note: it is moreover possible to dump this information by
* simply echoing the result object, since IDS_Report implemented
* a __toString method.
*/
if (!$result->isEmpty()) {
// echo $result;
/*
* The following steps are optional to log the results
*/
require_once 'IDS/Log/File.php';
require_once 'IDS/Log/Composite.php';
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($init));
/*
* Note that you might also use different logging facilities
* such as IDS_Log_Email or IDS_Log_Database
*
* Just uncomment the following lines to test the wrappers
*/
/*
*
require_once 'IDS/Log/Email.php';
require_once 'IDS/Log/Database.php';
$compositeLog->addLogger(
IDS_Log_Email::getInstance($init),
IDS_Log_Database::getInstance($init)
);
$ids_init->config['General']['base_path'] = TM_INCLUDEPATH . '/phpids/lib/IDS/';
$ids_init->config['General']['use_base_path'] = true;
#$ids_init->config['General']['use_base_path'] = false;
$ids_init->config['General']['html'] = array("POST.summary", "POST.body", "POST.body_text", "POST.subject", "POST.message_doptin", "POST.message_greeting", "POST.message_update", "POST.content");
$ids_init->config['General']['exceptions'] = array("POST.summary", "POST.body", "POST.body_text", "POST.subject", "POST.message_doptin", "POST.message_greeting", "POST.message_update", "POST.content", "REQUEST.summary", "REQUEST.body", "REQUEST.body_text", "REQUEST.subject", "REQUEST.message_doptin", "REQUEST.message_greeting", "REQUEST.message_update", "REQUEST.content");
$ids_init->config['Caching']['caching'] = 'file';
//none
$ids_init->config['Caching']['expiration_time'] = 600;
$ids_init->config['Caching']['path'] = "../../../../admin/tmp/phpids.cache";
$ids_init->config['Logging']['path'] = "../../../../admin/tmp/phpids.log";
#$ids_init->config['Caching']['path'] =TM_INCLUDEPATH."/../admin/tmp/phpids.cache";
#$ids_init->config['Logging']['path'] =TM_INCLUDEPATH."/../admin/tmp/phpids.log";
$ids = new IDS_Monitor($ids_request, $ids_init);
$ids_result = $ids->run();
if (!$ids_result->isEmpty()) {
/*
* The following steps are optional to log the results
*/
require_once 'IDS/Log/File.php';
require_once 'IDS/Log/Email.php';
require_once 'IDS/Log/Composite.php';
#require_once (TM_INCLUDEPATH.'/phpids/lib/IDS/Log/File.php');
#require_once (TM_INCLUDEPATH.'/phpids/lib/IDS/Log/Email.php');
#require_once (TM_INCLUDEPATH.'/phpids/lib/IDS/Log/Comopsite.php');
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($ids_init), IDS_Log_Email::getInstance($ids_init));
$compositeLog->execute($ids_result);
#if (DEBUG) echo $ids_result;
$_MAIN_MESSAGE .= "<h1>PHPIDS Intrusion detection:</h1>";
$_MAIN_MESSAGE .= "<pre><font size=1 color=\"red\">" . $ids_result . "</font></pre>";
}
public function processIDS()
{
/**
* PHPIDS
* Requirements: PHP5, SimpleXML
*
* Copyright (c) 2010 PHPIDS group (http://php-ids.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 2 of the license.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
// set the include path properly for PHPIDS
set_include_path(get_include_path() . PATH_SEPARATOR . 'IDS/lib/');
if (!session_id()) {
session_start();
}
require_once 'IDS/Init.php';
try {
/*
* It's pretty easy to get the PHPIDS running
* 1. Define what to scan
*
* Please keep in mind what array_merge does and how this might interfer
* with your variables_order settings
*/
$request = array('REQUEST' => $_REQUEST, 'GET' => $_GET, 'POST' => $_POST, 'COOKIE' => $_COOKIE);
$init = IDS_Init::init(dirname(__FILE__) . '/IDS/Config/Config.ini.php');
/**
* You can also reset the whole configuration
* array or merge in own data
*
* This usage doesn't overwrite already existing values
* $config->setConfig(array('General' => array('filter_type' => 'xml')));
*
* This does (see 2nd parameter)
* $config->setConfig(array('General' => array('filter_type' => 'xml')), true);
*
* or you can access the config directly like here:
*/
$init->config['General']['base_path'] = dirname(__FILE__) . '/IDS/';
$init->config['General']['use_base_path'] = true;
$init->config['Caching']['caching'] = 'none';
// 2. Initiate the PHPIDS and fetch the results
$ids = new IDS_Monitor($request, $init);
$result = $ids->run();
/*
* That's it - now you can analyze the results:
*
* In the result object you will find any suspicious
* fields of the passed array enriched with additional info
*
* Note: it is moreover possible to dump this information by
* simply echoing the result object, since IDS_Report implemented
* a __toString method.
*/
if (!$result->isEmpty()) {
// echo $result;
Yii::log($result, 'warning', 'application.components.ids');
/*
* The following steps are optional to log the results
*/
require_once 'IDS/Log/File.php';
require_once 'IDS/Log/Composite.php';
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($init));
/*
* Note that you might also use different logging facilities
* such as IDS_Log_Email or IDS_Log_Database
*
* Just uncomment the following lines to test the wrappers
*/
/*
*
require_once 'IDS/Log/Email.php';
require_once 'IDS/Log/Database.php';
$compositeLog->addLogger(
IDS_Log_Email::getInstance($init),
IDS_Log_Database::getInstance($init)
);
*/
$compositeLog->execute($result);
if ($this->callback !== NULL) {
call_user_func($this->callback);
} else {
throw new CHttpException(500, $this->genericMessage);
}
} else {
// echo '<a href="?test=%22><script>eval(window.name)</script>">No attack detected - click for an example attack</a>';
}
} catch (Exception $e) {
/*
* sth went terribly wrong - maybe the
* filter rules weren't found?
*/
/*printf(
'An error occured: %s',
$e->getMessage()
);*/
Yii::log($e->getMessage(), 'warning', 'application.components.ids');
throw new CHttpException(500, $this->genericMessage);
}
}
