1 files changed, 4 insertions, 4 deletions
diff --git a/config/default.rules b/config/default.rules
index 6fac367..f8fb1f8 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -27,10 +27,10 @@ sp.disable_function.function("require").drop()
 sp.disable_function.function("include").drop()
 # Prevent `system`-related injections
-sp.disable_function.function("system").param("command").value_r("[$|;&`\\n]").drop();
+sp.disable_function.function("system").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
-sp.disable_function.function("shell_exec").param("command").value_r("[$|;&`\\n]").drop();
+sp.disable_function.function("shell_exec").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
-sp.disable_function.function("exec").param("command").value_r("[$|;&`\\n]").drop();
+sp.disable_function.function("exec").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
-sp.disable_function.function("proc_open").param("command").value_r("[$|;&`\\n]").drop();
+sp.disable_function.function("proc_open").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
 # Prevent runtime modification of interesting things
 sp.disable_function.function("ini_set").param("var_name").value("assert.active").drop();

diff --git a/config/default.rules b/config/default.rules index 6fac367..f8fb1f8 100644 --- a/config/default.rules +++ b/config/default.rules
@@ -27,10 +27,10 @@ sp.disable_function.function("require").drop()
27	sp.disable_function.function("include").drop()	27	sp.disable_function.function("include").drop()
28		28
29	# Prevent `system`-related injections	29	# Prevent `system`-related injections
30	sp.disable_function.function("system").param("command").value_r("[$\|;&`\\n]").drop();	30	sp.disable_function.function("system").param("command").value_r("[$\|;&`\\n\\(\\)\\\\]").drop();
31	sp.disable_function.function("shell_exec").param("command").value_r("[$\|;&`\\n]").drop();	31	sp.disable_function.function("shell_exec").param("command").value_r("[$\|;&`\\n\\(\\)\\\\]").drop();
32	sp.disable_function.function("exec").param("command").value_r("[$\|;&`\\n]").drop();	32	sp.disable_function.function("exec").param("command").value_r("[$\|;&`\\n\\(\\)\\\\]").drop();
33	sp.disable_function.function("proc_open").param("command").value_r("[$\|;&`\\n]").drop();	33	sp.disable_function.function("proc_open").param("command").value_r("[$\|;&`\\n\\(\\)\\\\]").drop();
34		34
35	# Prevent runtime modification of interesting things	35	# Prevent runtime modification of interesting things
36	sp.disable_function.function("ini_set").param("var_name").value("assert.active").drop();	36	sp.disable_function.function("ini_set").param("var_name").value("assert.active").drop();