51 lines
No EOL
1.2 KiB
JSON
51 lines
No EOL
1.2 KiB
JSON
{
|
|
"debounce_ms": 3000,
|
|
"max_payload_peek": 256,
|
|
"broadcast_action": "com.adbguard.ALERT",
|
|
"rules": [
|
|
{
|
|
"name": "exec_any",
|
|
"when": "service",
|
|
"contains": [
|
|
"exec:"
|
|
]
|
|
},
|
|
{
|
|
"name": "danger_shell",
|
|
"when": "service",
|
|
"contains": [
|
|
"shell:"
|
|
],
|
|
"patterns": "(su|setenforce|mount|dd|pm\\s+grant|appops|iptables|chcon)\\b"
|
|
},
|
|
{
|
|
"name":"abb_pm",
|
|
"when": "service",
|
|
"contains": [
|
|
"abb_exec:pm "
|
|
]
|
|
},
|
|
{
|
|
"name": "sync_sensitive",
|
|
"when": "service",
|
|
"contains": [
|
|
"sync:"
|
|
],
|
|
"patterns": "/(system|vendor|data/system|data/adb)/"
|
|
},
|
|
{
|
|
"name": "remount",
|
|
"when": "service",
|
|
"contains": [
|
|
"remount"
|
|
]
|
|
},
|
|
{
|
|
"name": "tcpip",
|
|
"when":"service",
|
|
"contains": [
|
|
"tcpip:"
|
|
]
|
|
}
|
|
]
|
|
} |