gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix the scanning interface for UUID objects and adapt to changes in the APP_ID_DICT dictionary table.

Browse Source
This commit is contained in:
fengweihao
2024-10-12 11:20:39 +08:00
parent c9ae13042d
commit b7fb2d8a42
4 changed files with 151 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
resource/pangu/pangu_http.json
View File

@@ -3,7 +3,7 @@
"object2object_table": "OBJECT_GROUP",
"rules": [
{
"uuid": "40c9c6a7-70a9-48ae-9fba-ec7966edd3c6",
"uuid": "00001021-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
@@ -20,7 +20,115 @@
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "test123456",
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_APP_ID",
"negate_option": false,
"object_uuids": [
"00000201-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00001023-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"replace","rules":[{"search_in":"http_resp_body","find":"<22><><EFBFBD><EFBFBD>","replace_with":"test"}]},
"is_valid": "yes",
"conditions": [
{
"attribute_name": "ATTR_SERVER_FQDN",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"uuid": "00001026-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"block","code":403,"message":"error"},
"is_valid": "yes",
"conditions": [
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_KEYWORD",
"table_type": "expr",
"table_content": {
"expression": "Chrome",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_KEYWORD",
"table_type": "expr",
"table_content": {
"expression": "uid=12345678",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"uuid": "00001028-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"block","code":403,"message":"error"},
"is_valid": "yes",
"conditions": [
{
"attribute_name": "ATTR_HTTP_URL",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"expression": "bing.com",
"expr_type": "and"
}
}
@@ -41,19 +149,19 @@
{
"table_name": "TSG_PROFILE_RESPONSE_PAGES",
"table_content": [
{"uuid":"RESPONSE-PAGES-0000-0000-000000000001","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"}
{"uuid":"00000101-0000-0000-0000-000000000000","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PXY_PROFILE_HIJACK_FILES",
"table_content": [
{"uuid":"HIJACK-FILES-0000-0000-000000000001","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"}
{"uuid":"00000201-0000-0000-0000-000000000000","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PXY_PROFILE_INSERT_SCRIPTS",
"table_content": [
{"uuid":"INSERT-SCRIPTS-0000-0000-000000000001","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"}
{"uuid":"00000301-0000-0000-0000-000000000000","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
@@ -95,8 +203,8 @@
{
"table_name": "APP_ID_DICT",
"table_content": [
{"app_id":67,"object_id":201,"app_name":"http","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"},
{"app_id":68,"object_id":68000,"app_name":"https","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"}
{"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"},
{"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"}
]
}
]