针对sql注入特征编写的sql防注入脚本
vi sql.sh
#!/bin/bash
select_union(){
date=`date +%F\(%H:%M:%S\)`
keyword=`grep -E ‘select‘ ./access.log | grep -E ‘union‘ | awk ‘{print $1}‘|sort | uniq`
for i in $keyword
do
grep ‘\<‘$i‘\>‘ ip.list &>/dev/null ###白名单列表
if [ $? -eq 0 ]
then
continue
else
iptables -L -n | grep $i &>/dev/null
if [ $? -ne 0 ]
then
iptables -I INPUT -s $i -j DROP ###加入防火墙
echo "" >> /var/log/record.sh
echo "-------------------------" >> /var/log/record.sh
echo "--$date-$i-iptable_drop--" >> /var/log/record.sh###写日志
echo "-------------------------" >> /var/log/record.sh
echo "" >> /var/log/record.sh
fi
fi
done
}
while true
do
select_union
sleep 1s
done
后台执行就可以了
本文出自 “信不信由你” 博客,请务必保留此出处http://312461613.blog.51cto.com/965442/1565230
原文地址:http://312461613.blog.51cto.com/965442/1565230