From cbcd13e53796e8ee7d797d7faeeaee046a70bbda Mon Sep 17 00:00:00 2001 From: Wireghoul Date: Thu, 20 Jan 2022 17:46:26 +1100 Subject: [PATCH] Updated fruit rules --- signatures/fruit.db | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/signatures/fruit.db b/signatures/fruit.db index 9496af0..b508df0 100644 --- a/signatures/fruit.db +++ b/signatures/fruit.db @@ -21,7 +21,7 @@ strnc(at|py)[[:space:]]*\([^,]+,[^,]+,[[:space:]]*strlen[[:space:]]*\([^\)]+\)[[ [\'\" ]+AND[[:space:]]+.*=.*\+[[:space:]]*[Rr]equest\..* (LIKE|like)[[:space:]]+[^\;]+\+[[:space:]]*[Rr]equest\..* (ORDER[[:space:]]+BY|order[[:space:]]+by)[[:space:]]+.*\+[[:space:]]*[Rr]equest -(LIMIT|limit)[[:space:]]+.*\+[[:space:]]*[Rr]equest\..* +(LIMIT|limit)[[:space:]]+([0-9]+,[[:space:]]*[Rr]equest\..*|[Rr]request\..*) Process.Start[[:space:]]*\(.*\+ \.Arguments[[:space:]]*=(.*[\'\"][[:space:]]*\+[[:space:]]*[^\'\"]+|.*[^\'\"]+[[:space:]]*\+[[:space:]]*[\'\"]) \.SelectNodes[[:space:]]*\(.*[\'\"][[:space:]]*\+[[:space:]]*[^\'\"]+ @@ -40,16 +40,16 @@ ReadAllBytes[[:space:]]*\(.*[Rr]equest response.sendRedirect[[:space:]]*\(.*([Rr]eq(uest)?|\.[Gg]et[Pp]aram).*\) out\.print(ln)?.*([Rr]eq(uest)?|\.[Gg]et[Pp]aram) <%=([Rr]equest|\.[Gg]et[Pp]aram) -\.exec[[:space:]]*\([^\;]+[\'\"][[:space:]]*\+.* +\.exec[[:space:]]*\([^\)\;]+[\'\"][[:space:]]*\+.* (execute|create|new)Query[[:space:]]*\(.*[\"\'][[:space:]]*\+[[:space:]]*[^\"\']+ queryforObject[[:space:]]*\(.*[\"\'][[:space:]]*\+[[:space:]]*[^\"\']+ -eval[[:space:]]*\(.*([Rr]eq(uest)?|\.[Gg]et[Pp]aram).*\) -\.getDocument[[:space:]]*\(.*([Rr]eq(uest)?|\.g[Gg]et[Pp]aram).*\) +eval[[:space:]]*\([^\)\;]*([Rr]eq(uest)?|\.[Gg]et[Pp]aram).*\) +\.getDocument[[:space:]]*\([^\)\;]+([Rr]eq(uest)?|\.g[Gg]et[Pp]aram).*\) (WHERE|where)[[:space:]]+.*=[[:space:]]*[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\']+ [\'\" ]+AND[[:space:]]+.*=[[:space:]]*[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\'] -(LIKE|like)[[:space:]]+.*[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\'] +(LIKE|like)[[:space:]]+[\'\"A-Za-z0-9%]+[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\'] (ORDER[[:space:]]+BY|order[[:space:]]+by)[[:space:]]+.*[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\'] -(LIMIT|limit)[[:space:]]+.*[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\'] +(LIMIT|limit)[[:space:]]+([0-9,]+)?[;:space:]]*[\'\"][\'\"]?[[:space:]]*\+[[:space:]]*[^\"\'] \.query\(.*[\'\"][[:space:]]*\+.* eval[[:space:]]*\([^\)\;]+[\'\"][[:space:]]*\+[[:space:]]*[^\'\"]+ <%-[[:space:]]+.*%>