uuWAF
uuWAF copied to clipboard
Safe3
Error 1054 (42S22) when create a new rule into the WAF
I want to add a new rule into the waf. But I got an error:
"Error 1054 (42S22): Unknown column 'uid' in 'field list'"
But I don't see any uid in the payload, so I don't know what's going on.
My UUWAF version is : v6.7.0
Here is the rule that I want to create.
local ct = waf.reqContentType
local rurl = waf.reqUri
local fd = waf.form["FORM"]
if rurl and fd then
if waf.reqUri == "blog/admin_action.php" and fd["submit"] == "xxxxxxxxx" then
return false
end
end
if ct then
if type(ct) ~= "string" then
return true, "Malform Content-Type", true
elseif waf.contains(ct, "boundary") and (waf.strCounter(ct, "boundary") > 1 or not waf.rgxMatch(ct, "boundary=[\\w\\-]+$", "jo")) then
return true, ct, true
end
end
return false
This is the payload submitted from the frontend to the backend.
{
"id": 0,
"name": "xxxxxxxxx - boundary异常拦截",
"type": "0",
"level": "3",
"description": "1.拦截请求content type头中multipart/form-data的异常boundary,如php在上传解析boundary时没有符合rfc规范,对逗号产生了错误解析。2. This rule will be skip the checking on the admin page api of the xxxxxxxxx.",
"content": "local ct = waf.reqContentType\nlocal rurl = waf.reqUri\nlocal fd = waf.form[\"FORM\"]\n\nif rurl and fd then\n if waf.reqUri == \"blog/admin_action.php\" and fd[\"submit\"] == \"xxxxxxxxx\" then\n return false\n end\nend \n\nif ct then\n if type(ct) ~= \"string\" then\n return true, \"Malform Content-Type\", true\n elseif waf.contains(ct, \"boundary\") and (waf.strCounter(ct, \"boundary\") > 1 or not waf.rgxMatch(ct, \"boundary=[\\\\w\\\\-]+$\", \"jo\")) then\n return true, ct, true\n end\nend\n\nreturn false",
"update_time": "",
"deny": true,
"dsl_logic": "&",
"dsl": [ {"key": "", "op": "", "val": ""} ]
}
Also, there is a .har file but Github is not allow to upload this extension. So I changed the extension type of the file. If you need you can download it and change it back. uuwaf.har.log
