From 4fb28f6e2ee61a3079bdf1e84c8195630106cca4 Mon Sep 17 00:00:00 2001 From: "Matteo Nastasi (mop)" Date: Wed, 11 Feb 2015 08:15:03 +0100 Subject: [PATCH] proxyscan.phh moved from curl-de-sac to brisk --- web/Obj/proxyscan.phh | 218 +++++++++--------------------------------- 1 file changed, 44 insertions(+), 174 deletions(-) diff --git a/web/Obj/proxyscan.phh b/web/Obj/proxyscan.phh index 8d78a6a..0124db7 100644 --- a/web/Obj/proxyscan.phh +++ b/web/Obj/proxyscan.phh @@ -1,6 +1,6 @@ config = array(); - $this->lastLog = ""; - - //set default headers - $this->scan_headers = array( - 'HTTP_VIA', - 'HTTP_X_FORWARDED_FOR', - 'HTTP_FORWARDED_FOR', - 'HTTP_X_FORWARDED', - 'HTTP_FORWARDED', - 'HTTP_CLIENT_IP', - 'HTTP_FORWARDED_FOR_IP', - 'VIA', - 'X_FORWARDED_FOR', - 'FORWARDED_FOR', - 'X_FORWARDED', - 'FORWARDED', - 'CLIENT_IP', - 'FORWARDED_FOR_IP', - 'HTTP_PROXY_CONNECTION' - ); - } + /** + * CONSTRUCTOR + * Set defaults... + */ + function proxy_detector(){ + } - /* - function exists_in_rbl($remote) - verify if an host is into a proxy black list or not - */ - function exists_in_rbl($remote) { - $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net'); - // $remote = $_SERVER['REMOTE_ADDR']; - // $remote = '213.134.170.206'; - // $remote = '64.34.166.71'; + /* + function exists_in_rbl($remote) + verify if an host is into a proxy black list or not + */ + function exists_in_rbl($remote) { + $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net'); - if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/", - $remote, $matches)) { - foreach ($rbls as $rbl) { - $rblhost = $matches[4] . "." . $matches[3] . "." . - $matches[2] . "." . $matches[1] . "." . $rbl; + if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/", + $remote, $matches)) { + foreach ($rbls as $rbl) { + $rblhost = $matches[4] . "." . $matches[3] . "." . + $matches[2] . "." . $matches[1] . "." . $rbl; - $resolved = gethostbyname($rblhost); - // echo "RBL ".$rblhost."
"; - if ($resolved != $rblhost) { - return TRUE; - } - } - } - return FALSE; - } - - /** - * VOID setHeader( STRING $trigger ) - * Set new header trigger... - */ - function setHeader($trigger){ - $this->scan_headers[] = $trigger; - } - - - /** - * ARRAY $triggers = getHeaders( VOID ) - * Get all triggers in one array - */ - function getHeaders(){ - return $this->scan_headers; - } - - - /** - * VOID setConfig( STRING $key, STRING $value) - * Set config line... - */ - function setConfig($key,$value){ - $this->config[$key] = $value; - } - - - /** - * MIXED $config = getConfig( [STRING $key] ) - * Get all config in one array, or only one config value as a string. - */ - function getConfig($key=''){ - if($key) - return $this->config[$key]; - else - return $this->config; - } - - - /** - * STRING $log = getLog( VOID ) - * Get last logged information. Only works AFTER calling detect()! - */ - function getLog(){ - return $this->lastLog; - } - - - /** - * BOOL $proxy = detect( $addr ) - * Start detection and return TRUE if a proxy server is detected... - */ - function detect($addr){ - GLOBAL $G_proxy_white_list; - $log = ""; - - foreach($G_proxy_white_list as $authproxy) { - if ($addr == $authproxy) - return (FALSE); + $resolved = gethostbyname($rblhost); + // echo "RBL ".$rblhost."
"; + if ($resolved != $rblhost) { + return TRUE; + } + } + } + return FALSE; } - if ($this->exists_in_rbl($addr) == TRUE) - return (TRUE); - -// //scan all headers -// foreach($this->scan_headers as $i){ -// //proxy detected? lets log... -// if($_SERVER[$i]) -// $log.= "trigger $i: ".$_SERVER[$i]."\n"; -// } + /** + * BOOL $proxy = detect( $addr ) + * Start detection and return TRUE if a proxy server is detected... + */ + function detect($addr){ + GLOBAL $G_proxy_white_list; - //let's do something... - if($log){ - $log = $this->lastLog = date("Y-m-d H:i:s")."\nDetected proxy server: ".gethostbyaddr($addr)." ({$addr})\n".$log; + foreach($G_proxy_white_list as $authproxy) { + if ($addr == $authproxy) + return (FALSE); + } - //mail message - if($this->getConfig('MAIL_ALERT_TO')) - mail($this->getConfig('MAIL_ALERT_TO'),"Proxy detected at {$addr}",$log); + if ($this->exists_in_rbl($addr) == TRUE) + return (TRUE); - //write to file - $f = $this->getConfig('LOG_FILE'); - if($f){ - if(is_writable($f)){ - $fp = fopen($f,'a'); - fwrite($fp,"$log\n"); - fclose($fp); - }else{ - die("Fatal Error: Couldn't write to file: '$f'
Please check if the path exists and is writable for the webserver or php..."); - } - } - - //done - return TRUE; + //nope, no proxy was logged... + return FALSE; } - - //nope, no proxy was logged... - return FALSE; - } } //init class function is_proxy($addr) { - /* FIXME: test to verify reasons of poor multitasking performances */ - return (FALSE); - /* FIXME: end */ - - $proxy = new proxy_detector(); + $proxy = new proxy_detector(); - //start detect - if($proxy->detect($addr)) { - //returned TRUE, lets die... - echo "

Accesso attaverso proxy non consentito.



"; - echo "Se state utilizzando un proxy privato e volete che sia autorizzato mandate il suo indirizzo IP (".$addr.") e il suo proprietario all'indirizzo di posta elettronica brisk@alternativeoutput.it

"; - - //parse logged info - echo nl2br($proxy->getLog()); - - //some credits... - // echo "
proxy detector v0.1 - ©2006 daantje.nl"; - - //and do nothing anymore! (but not in my example) - return (TRUE); - } - else - return (FALSE); + //start detect + return ($proxy->detect($addr)); } ?> -- 2.17.1