[pLog-svn] r5255 -plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior
Oscar Renalias
oscar at renalias.net
Mon Apr 2 13:13:24 EDT 2007
I think that's good enough, thank you. I will give it a try and see
if there's any more notices.
On 2 Apr 2007, at 12:56, Mark Wu wrote:
> Hi Oscar:
>
> I did not apply your patch to function.inc.php. It seems the
> authoer already
> check the $mask exist or not.
>
> You original patch:
>
> // Oscar: FIXED A NOTICE IN PHP5
> $hostInfo = explode('/', $cidr);
> isset( $hostInfo[0] ) ? $ip = $hostInfo[0] : $ip =
> "0.0.0.0";
> isset( $hostInfo[1] ) ? $mask = $hostInfo[1] : $mask = "8";
>
> Mark
>
>> -----Original Message-----
>> From: plog-svn-bounces at devel.lifetype.net
>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
>> mark at devel.lifetype.net
>> Sent: Monday, April 02, 2007 5:55 PM
>> To: plog-svn at devel.lifetype.net
>> Subject: [pLog-svn] r5255
>> -plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior
>>
>> Author: mark
>> Date: 2007-04-02 05:55:16 -0400 (Mon, 02 Apr 2007) New Revision: 5255
>>
>> Modified:
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ad
>> min.inc.php
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/bl
>> acklist.inc.php
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/co
>> mmon_tests.inc.php
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/fu
>> nctions.inc.php
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/po
>> st.inc.php
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ve
>> rsion.inc.php
>>
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/wh
>> itelist.inc.php
>> Log:
>> Upgrade to Bad-Behavior 2.0.10 according Reto's suggestion.
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ad
>> min.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ad
>> min.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ad
>> min.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -48,7 +48,7 @@
>> <div class="wrap">
>> <h2><?php _e("Bad Behavior"); ?></h2>
>> <form method="post" action="<?php echo
>> $_SERVER['REQUEST_URI']; ?>">
>> - <p>For more information please visit the <a
>> href="http://www.homelandstupidity.us/software/bad-behavior/">
>> Bad Behavior</a> homepage.</p>
>> + <p>For more information please visit the <a
>> +href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a>
>> +homepage.</p>
>> <p>If you find Bad Behavior valuable, please consider
>> making a <a
>> href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&busine
>> ss=error%40ioerror%2eus&item_name=Bad%20Behavior%20<?php echo
>> BB2_VERSION;
>> ?>%20%28From%20Admin%29&no_shipping=1&cn=Comments%20about%20Ba
>> d%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&chars
>> et=UTF%2d8">financial contribution</a> to further development
>> of Bad Behavior.</p>
>>
>> <fieldset class="options">
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/bl
>> acklist.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/bl
>> acklist.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/bl
>> acklist.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -31,9 +31,11 @@
>> "Mozilla/4.0(", // from honeypot
>> "Mozilla/4.0+(", // suspicious harvester
>> "MSIE", // malicious software
>> + "NutchCVS", // unidentified robots
>> "OmniExplorer", // spam harvester
>> + "psycheclone", // spam harvester
>> "PussyCat ", // misc comment spam
>> - "psycheclone", // spam harvester
>> + "PycURL", // misc comment spam
>> "Shockwave Flash", // spam harvester
>> "User Agent: ", // spam harvester
>> "User-Agent: ", // spam harvester
>> @@ -59,6 +61,7 @@
>> ".NET CLR 1)", // free poker, etc.
>> "POE-Component-Client", // free poker, etc.
>> "Turing Machine", // www.anonymizer.com abuse
>> + "WebaltBot", // spam harvester
>> "WISEbot", // spam harvester
>> "WISEnutbot", // spam harvester
>> "Windows NT 4.0;)", // wikispam bot
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/co
>> mmon_tests.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/co
>> mmon_tests.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/co
>> mmon_tests.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -28,15 +28,20 @@
>> return "f9f2b8b9";
>> }
>>
>> - if (strpos($package['request_uri'], "#") !== FALSE ||
>> @strpos($package['headers_mixed']['Referer'], "#") !== FALSE) {
>> + // Broken spambots send URLs with various invalid characters
>> + // Some broken browsers send the #vector in the referer field :(
>> + // if (strpos($package['request_uri'], "#") !== FALSE
>> || strpos($package['headers_mixed']['Referer'], "#") !== FALSE) {
>> + if (strpos($package['request_uri'], "#") !== FALSE) {
>> return "dfd9b1ad";
>> }
>>
>> // Range: field exists and begins with 0
>> // Real user-agents do not start ranges at 0
>> // NOTE: this blocks the whois.sc bot. No big loss.
>> + // Exceptions: MT (not fixable); LJ (refuses to fix; may be
>> + // blocked again in the future)
>> if (array_key_exists('Range',
>> $package['headers_mixed']) &&
>> strpos($package['headers_mixed']['Range'], "=0-") !== FALSE) {
>> - if (strncmp($ua, "MovableType", 11)) {
>> + if (strncmp($ua, "MovableType", 11) &&
>> strncmp($ua, "URI::Fetch",
>> +10)) {
>> return "7ad04a8a";
>> }
>> }
>> @@ -47,7 +52,10 @@
>> }
>>
>> // Lowercase via is used by open proxies/referrer spammers
>> - if (array_key_exists('via', $package['headers'])) {
>> + // Exceptions: Clearswift uses lowercase via (refuses to fix;
>> + // may be blocked again in the future)
>> + if (array_key_exists('via', $package['headers']) &&
>> + !strstr($package['headers']['via'],'Clearswift
>> Web Policy Engine')) {
>> return "9c9e4979";
>> }
>>
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/fu
>> nctions.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/fu
>> nctions.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/fu
>> nctions.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -44,12 +44,9 @@
>> }
>> }
>> } else {
>> - // Oscar: FIXED A NOTICE IN PHP5
>> - $hostInfo = explode('/', $cidr);
>> - isset( $hostInfo[0] ) ? $ip = $hostInfo[0] :
>> $ip = "0.0.0.0";
>> - isset( $hostInfo[1] ) ? $mask = $hostInfo[1] :
>> $mask = "8";
>> - //list($ip, $mask) = explode('/', $cidr);
>> - $mask = 0xffffffff << (32 - $mask);
>> + list($ip, $mask) = explode('/', $cidr);
>> + if (!$mask) $mask = 32;
>> + $mask = pow(2,32) - pow(2, (32 - $mask));
>> $output = ((ip2long($addr) & $mask) ==
>> (ip2long($ip) & $mask));
>> }
>> return $output;
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/po
>> st.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/po
>> st.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/po
>> st.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -5,10 +5,10 @@
>> {
>> // LifeType mod by pwestbro: dns blacklist checks can be
>> done in the
>> // dnsantispam plugin.
>> -// // Check blackhole lists for known spam/malicious activity
>> -// require_once(BB2_CORE . "/blackhole.inc.php");
>> -// bb2_test($settings, $package, bb2_blackhole($package));
>>
>> + // Check blackhole lists for known spam/malicious activity
>> + // require_once(BB2_CORE . "/blackhole.inc.php");
>> + // bb2_test($settings, $package, bb2_blackhole($package));
>> // MovableType needs specialized screening
>> if (stripos($package['headers_mixed']['User-Agent'],
>> "MovableType") !== FALSE) {
>> if (strcmp($package['headers_mixed']['Range'],
>> "bytes=0-99999")) { @@ -48,8 +48,8 @@
>> // Posting too slow? 48 hr
>> // LifeType mod by jondaley: since pages can be
>> cached, the cookie might not be updated
>> // and this can get tripped incorrectly
>> -// if ($screener + 172800 < time())
>> -// return "b40c8ddc";
>> + // if ($screener + 172800 < time())
>> + // return "b40c8ddc";
>>
>> // Screen by IP address
>> $ip = ip2long($package['ip']);
>> @@ -60,10 +60,10 @@
>>
>> // Screen for user agent changes
>> // User connected previously with blank user agent
>> - $q = bb2_db_query("SELECT `ip` FROM " .
>> $settings['log_table'] . " WHERE (`ip` = '" . $package['ip']
>> . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '"
>> . $package['user_agent'] . "' AND `date` > DATE_SUB('" .
>> bb2_db_date() . "', INTERVAL 5 MINUTE)");
>> +// $q = bb2_db_query("SELECT `ip` FROM " .
>> $settings['log_table'] . " WHERE (`ip` = '" . $package['ip']
>> . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '"
>> . $package['user_agent'] . "' AND `date` > DATE_SUB('" .
>> bb2_db_date() . "', INTERVAL 5 MINUTE)");
>> // Damnit, too many ways for this to fail :(
>> - if ($q !== FALSE && $q != NULL &&
>> bb2_db_num_rows($q) > 0)
>> - return "799165c2";
>> +// if ($q !== FALSE && $q != NULL &&
>> bb2_db_num_rows($q) > 0)
>> +// return "799165c2";
>> }
>>
>> return false;
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ve
>> rsion.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ve
>> rsion.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/ve
>> rsion.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -1,3 +1,3 @@
>> <?php if (!defined('BB2_CWD')) die("I said no cheating!");
>> -define('BB2_VERSION', "2.0.8");
>> +define('BB2_VERSION', "2.0.10");
>> ?>
>>
>> Modified:
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/wh
>> itelist.inc.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/wh
>> itelist.inc.php 2007-04-01 13:08:16 UTC (rev 5254)
>> +++
>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/wh
>> itelist.inc.php 2007-04-02 09:55:16 UTC (rev 5255)
>> @@ -16,7 +16,6 @@
>> "172.16.0.0/12",
>> "192.168.0.0/16",
>> // "127.0.0.1",
>> - "208.54.95.129",
>> );
>>
>> // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER! DANGER!
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
More information about the pLog-svn
mailing list