diff options
Diffstat (limited to 'doc/source/features.rst')
| -rw-r--r-- | doc/source/features.rst | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst index b06aa98..076e4e4 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst | |||
| @@ -150,6 +150,7 @@ This family of vulnerabilities lead to various CVE, like: | |||
| 150 | - `CVE-2012-5692 <https://www.rapid7.com/db/modules/exploit/unix/webapp/invision_pboard_unserialize_exec>`_: Unauthenticated remote code execution in IP.Board | 150 | - `CVE-2012-5692 <https://www.rapid7.com/db/modules/exploit/unix/webapp/invision_pboard_unserialize_exec>`_: Unauthenticated remote code execution in IP.Board |
| 151 | 151 | ||
| 152 | 152 | ||
| 153 | .. _harden-rand-feature: | ||
| 153 | 154 | ||
| 154 | Weak-PRNG via rand/mt_rand | 155 | Weak-PRNG via rand/mt_rand |
| 155 | ^^^^^^^^^^^^^^^^^^^^^^^^^^ | 156 | ^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| @@ -238,6 +239,9 @@ This behaviour is suggested in the documentation: | |||
| 238 | Exploitation, post-exploitation and general hardening | 239 | Exploitation, post-exploitation and general hardening |
| 239 | ----------------------------------------------------- | 240 | ----------------------------------------------------- |
| 240 | 241 | ||
| 242 | |||
| 243 | .. _virtual-patching-feature: | ||
| 244 | |||
| 241 | Virtual-patching | 245 | Virtual-patching |
| 242 | ^^^^^^^^^^^^^^^^ | 246 | ^^^^^^^^^^^^^^^^ |
| 243 | 247 | ||
| @@ -262,6 +266,8 @@ of dangerous functions, droping them everywhere else: | |||
| 262 | The intent is to make post-exploitation process (such as backdooring of legitimate code, or RAT usage) a lot harder for the attacker. | 266 | The intent is to make post-exploitation process (such as backdooring of legitimate code, or RAT usage) a lot harder for the attacker. |
| 263 | 267 | ||
| 264 | 268 | ||
| 269 | .. _global-strict-feature: | ||
| 270 | |||
| 265 | Global strict mode | 271 | Global strict mode |
| 266 | ^^^^^^^^^^^^^^^^^^ | 272 | ^^^^^^^^^^^^^^^^^^ |
| 267 | 273 | ||
| @@ -300,7 +306,7 @@ and using this feature to lock this up. | |||
| 300 | 306 | ||
| 301 | Dumping capabilities | 307 | Dumping capabilities |
| 302 | ^^^^^^^^^^^^^^^^^^^^ | 308 | ^^^^^^^^^^^^^^^^^^^^ |
| 303 | It's possible to apply the ``dump(:str)`` filter to any virtual-patching rule, | 309 | It's possible to apply the ``dump()`` filter to any virtual-patching rule, |
| 304 | to dump the complete web request, along with the filename and the corresponding | 310 | to dump the complete web request, along with the filename and the corresponding |
| 305 | line number. By using the *right* set of restrictive rules (or by using the | 311 | line number. By using the *right* set of restrictive rules (or by using the |
| 306 | *overly* restrictives ones in ``simulation`` mode), you might be able | 312 | *overly* restrictives ones in ``simulation`` mode), you might be able |
| @@ -335,8 +341,8 @@ Arbitrary file inclusion hardening | |||
| 335 | """""""""""""""""""""""""""""""""" | 341 | """""""""""""""""""""""""""""""""" |
| 336 | 342 | ||
| 337 | Arbitrary file inclusion is a common vulnerability, that might be detected | 343 | Arbitrary file inclusion is a common vulnerability, that might be detected |
| 338 | by preventing the use of anything else than a whitelist of extensions in calls | 344 | by preventing the inclusion of anything that doens't match a strict set |
| 339 | to ``include`` or ``require``. | 345 | of file extensions in calls to ``include`` or ``require``. |
| 340 | 346 | ||
| 341 | *Cheap* SQL injections detection | 347 | *Cheap* SQL injections detection |
| 342 | """""""""""""""""""""""""""""""" | 348 | """""""""""""""""""""""""""""""" |