Not signed in (Sign In)

  • Subscribe

    • Feed

PHPIDS usage: Cannot post some characters

Bottom of Page

11 to 16 of 16

  1. <
  2. 1
  3. 2
  4. >
    • CommentAuthorayok
    • CommentTimeJul 8th 2010
     
    Hello.. I still have the problem.. Could anyone help me here??
    • CommentAuthorkaspar
    • CommentTimeJul 8th 2010
     
    At the main page you'll find right hand side two files named default_filter.xml and Converter.php.

    Download those and replace the existant files in /path/to/your/phpids/lib/IDS/ with them.

    There you go.
    • CommentAuthorayok
    • CommentTimeJul 8th 2010 edited
     
    Hi thanks kaspar,

    I've tried that, but now I got this error
    alert:
    Total impact: 14
    Affected tags: xss, csrf, id, rfe, lfi

    Variable: REQUEST.subject | Value: No diploma, but looking for a university job? Traineeship Jr Payroll Consultant: Work and learn!
    Impact: 7 | Tags: xss, csrf, id, rfe, lfi
    Description: Detects unknown attack vectors based on PHPIDS Centrifuge detection | Tags: xss, csrf, id, rfe, lfi | ID: 67

    Variable: POST.subject | Value: No diploma, but looking for a university job? Traineeship Jr Payroll Consultant: Work and learn!
    Impact: 7 | Tags: xss, csrf, id, rfe, lfi
    Description: Detects unknown attack vectors based on PHPIDS Centrifuge detection | Tags: xss, csrf, id, rfe, lfi | ID: 67

    Centrifuge detection data
    Threshold: 3.49
    Ratio: 1.2777777777778

    Is this also false alert? And it doesn't apply to all my forms.

    Thank you,
    ayok
    •  
      CommentAuthor.mario
    • CommentTimeJul 9th 2010
     
    Hm - I don't get this effect - check here:

    http://demo.php-ids.org/?test=No%20diploma,%20but%20looking%20for%20a%20university%20job%2f%20Traineeship%20Jr%20Payroll%20Consultant:%20Work%20and%20learn!

    "And it doesn't apply to all my forms." - what exactly do you mean?
    • CommentAuthorayok
    • CommentTimeJul 9th 2010
     
    Well.. there are forms on my website, but not all of them got this error reports. only 2 forms create this error. What could be wrong?
    •  
      CommentAuthor.mario
    • CommentTimeJul 10th 2010
     
    Actually I don't have any idea - please give me some more info - how did the parameter look exactly - was it the one you mentioned of different ones? Is there any extra configuration depending on the parameter name?

11 to 16 of 16

  1. <
  2. 1
  3. 2
  4. >