function bb2_display_denial($settings, $key, $previous_key = false) { if (!$previous_key) { $previous_key = $key; } if ($key == "e87553e1") { // FIXME: lookup the real key } // Create support key $ip = explode(".", $_SERVER['REMOTE_ADDR']); $ip_hex = ""; foreach ($ip as $octet) { $ip_hex .= str_pad(dechex($octet), 2, 0, STR_PAD_LEFT); } $support_key = implode("-", str_split("{$ip_hex}{$key}", 4)); // Get response data $response = bb2_get_response($previous_key); header("HTTP/1.1 " . $response['response'] . " Bad Behavior"); header("Status: " . $response['response'] . " Bad Behavior"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>HTTP Error <?php echo $response['response']; ?> </title> </head> <body> <h1>Error <?php echo $response['response']; ?> </h1> <p>We're sorry, but we could not fulfill your request for <?php echo htmlspecialchars($_SERVER['REQUEST_URI']); ?> on this server.</p> <p><?php echo $response['explanation']; ?> </p> <p>Your technical support key is: <strong><?php echo $support_key; ?> </strong></p> <p>You can use this key to <a href="http://www.ioerror.us/bb2-support-key?key=<?php echo $support_key; ?> ">fix this problem yourself</a>.</p> <p>If you are unable to fix the problem yourself, please contact <a href="mailto:<?php echo htmlspecialchars(str_replace("@", "+nospam@nospam.", bb2_email())); ?> "><?php echo htmlspecialchars(str_replace("@", " at ", bb2_email())); ?> </a> and be sure to provide the technical support key shown above.</p> <?php }
<?php $title = "Service Abusers"; require 'bad-behavior/responses.inc.php'; if ($loguser['powerlevel'] < 3) { Kill('No.'); } echo "\n\t<table class=\"outline margin width100\">\n\t\t<tr class=\"header0\">\n\t\t\t<th>\n\t\t\t\tDate\n\t\t\t</th>\n\t\t\t<th>\n\t\t\t\tIP\n\t\t\t</th>\n\t\t\t<th>\n\t\t\t\tRequest\n\t\t\t</th>\n\t\t\t<th>\n\t\t\t\tKey\n\t\t\t</th>\n\t\t</tr>\n"; $abusers = query('SELECT * FROM {bad_behavior} ORDER BY `date` DESC'); while ($abuser = fetch($abusers)) { $date = formatdate(strtotime($abuser['date'])); $response = bb2_get_response($abuser['key']); echo "\n\t\t<tr class=\"cell0\">\n\t\t\t<td>\n\t\t\t\t{$date}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t" . formatIP($abuser['ip']) . "\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<pre style='white-space:pre-wrap'>" . htmlspecialchars(preg_replace('/logsession=\\w+/', 'logsession=?????', $abuser['http_headers'])) . "</pre>\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<abbr title=\"" . htmlspecialchars($response['log']) . "\">{$abuser['key']}</abbr>\n\t\t\t</td>\n\t\t</tr>\n"; } echo "\n\t</table>\n";
/** * Gets the badbehavior log entries that match the specified parameters. * * @package BadBehavior * @param int $start * @param int $items_per_page * @param string $sort * @param string|mixed[]|null $filter */ function getBadBehaviorLogEntries($start, $items_per_page, $sort, $filter = '') { global $scripturl; $db = database(); require_once EXTDIR . '/bad-behavior/bad-behavior/responses.inc.php'; $bb_entries = array(); $request = $db->query('', ' SELECT id, ip, date, request_method, request_uri, server_protocol, http_headers, user_agent, request_entity, valid, id_member, session FROM {db_prefix}log_badbehavior' . (!empty($filter) ? ' WHERE ' . $filter['variable'] . ' LIKE {string:filter}' : '') . ' ORDER BY id ' . ($sort === 'down' ? 'DESC' : '') . ' LIMIT ' . $start . ', ' . $items_per_page, array('filter' => !empty($filter) ? $filter['value']['sql'] : '')); for ($i = 0; $row = $db->fetch_assoc($request); $i++) { // Turn the key in to something nice to show $key_response = bb2_get_response($row['valid']); // Prevent undefined errors and log .. if (isset($key_response[0]) && $key_response[0] == '00000000') { $key_response['response'] = ''; $key_response['explanation'] = ''; $key_response['log'] = ''; } $bb_entries[$row['id']] = array('alternate' => $i % 2 == 0, 'ip' => $row['ip'], 'request_method' => $row['request_method'], 'server_protocol' => $row['server_protocol'], 'user_agent' => array('html' => $row['user_agent'], 'href' => base64_encode($db->escape_wildcard_string($row['user_agent']))), 'request_entity' => $row['request_entity'], 'valid' => array('code' => $row['valid'], 'response' => $key_response['response'], 'explanation' => $key_response['explanation'], 'log' => $key_response['log']), 'member' => array('id' => $row['id_member'], 'ip' => $row['ip'], 'session' => $row['session']), 'time' => standardTime($row['date']), 'html_time' => htmlTime($row['date']), 'timestamp' => forum_time(true, $row['date']), 'request_uri' => array('html' => htmlspecialchars((substr($row['request_uri'], 0, 1) === '?' ? $scripturl : '') . $row['request_uri'], ENT_COMPAT, 'UTF-8'), 'href' => base64_encode($db->escape_wildcard_string($row['request_uri']))), 'http_headers' => array('html' => str_replace("\n", '<br />', $row['http_headers']), 'href' => '#'), 'id' => $row['id']); } $db->free_result($request); return $bb_entries; }
function bb2_insert_stats($force = false) { $settings = bb2_read_settings(); global $CONF; if ($force || $settings['display_stats']) { //$blocked = bb2_db_query("SELECT COUNT(*) as blocks FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'"); $blocked = sql_num_rows(sql_query("SELECT id FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'")); if ($blocked !== FALSE) { require_once BB2_CORE . "/responses.inc.php"; echo sprintf('<p><a href="http://www.bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', 'Bad Behavior', 'has blocked', $blocked, 'access attempts in the last 7 days.'); $res = sql_query("SELECT `key`, COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000' GROUP BY `key`"); echo "<table>\n"; echo "<tr><th>Count</th><th>Key</th><th>Response</th><th>Explanation</th><th>Log</th><th>Details</th></tr>\n"; while ($row = sql_fetch_assoc($res)) { $response = bb2_get_response($row['key']); echo "<tr>\n"; echo "<td>" . $row['COUNT(*)'] . "</td>\n"; echo "<td>" . $row['key'] . "</td>\n"; echo "<td>" . $response['response'] . "</td>\n"; echo "<td>" . $response['explanation'] . "</td>\n"; echo "<td>" . $response['log'] . "</td>\n"; echo "<td>\n"; echo '<form method="post" action="' . $CONF['PluginURL'] . 'badbehavior/index.php">' . "\n"; echo '<input type="hidden" name="tname" value="' . sql_table('bad_behavior') . '" />' . "\n"; echo '<input type="hidden" name="showlist" value="logs" />' . "\n"; echo '<input type="hidden" name="fname" value="key" />' . "\n"; echo '<input type="hidden" name="oname" value="like" />' . "\n"; echo '<input type="hidden" name="iname" value="' . $row['key'] . '" />' . "\n"; echo '<input type="submit" value="View" class="formbutton" /></form>' . "\n"; echo "</td>\n"; echo "</tr>\n"; } echo "</table>\n"; } } }
function _lookup($key) { global $ID; global $conf; global $lang; print $this->locale_xhtml('lookup'); $code = str_replace('-', '', $key); $ip = hexdec(substr($code, 0, 2)) . '.' . hexdec(substr($code, 2, 2)) . '.' . hexdec(substr($code, 4, 2)) . '.' . hexdec(substr($code, 6, 2)); $code = substr($code, 8); $resp = bb2_get_response($code); printf('<p>' . $this->getLang('lkpresult') . '</p>', $ip, $resp['log'], $resp['explanation'], hsc($key)); printf('<p>' . $this->getLang('lkplist') . '</p>', 7); $lines = preg_grep('/' . preg_quote($ip) . '/', $this->_readlines()); if (count($lines)) { echo '<table class="inline">'; foreach ($lines as $line) { $fields = explode("\t", $line); $resp = bb2_get_response($fields[6]); echo '<tr>'; echo '<td>' . strftime($conf['dformat'], $fields[0]) . '</td>'; echo '<td>' . hsc($fields[1]) . '</td>'; echo '<td>' . hsc($fields[2]) . '</td>'; echo '<td>' . hsc($fields[3]) . '</td>'; echo '<td>' . hsc($fields[4]) . '</td>'; echo '<td>' . hsc($fields[5]) . '</td>'; echo '<td>' . $resp['log'] . '</td>'; echo '</tr>'; } echo '</table>'; } else { echo '<p><i>' . $lang['nothingfound'] . '</i></p>'; } }
function bb2_manage() { global $wpdb; $request_uri = $_SERVER["REQUEST_URI"]; if (!$request_uri) { $request_uri = $_SERVER['SCRIPT_NAME']; } # IIS $settings = bb2_read_settings(); $rows_per_page = 100; $where = ""; // Get query variables desired by the user with input validation $paged = 0 + $_GET['paged']; if (!$paged) { $paged = 1; } if ($_GET['key']) { $where .= "AND `key` = '" . $wpdb->escape($_GET['key']) . "' "; } if ($_GET['blocked']) { $where .= "AND `key` != '00000000' "; } else { if ($_GET['permitted']) { $where .= "AND `key` = '00000000' "; } } if ($_GET['ip']) { $where .= "AND `ip` = '" . $wpdb->escape($_GET['ip']) . "' "; } if ($_GET['user_agent']) { $where .= "AND `user_agent` = '" . $wpdb->escape($_GET['user_agent']) . "' "; } if ($_GET['request_method']) { $where .= "AND `request_method` = '" . $wpdb->escape($_GET['request_method']) . "' "; } // Query the DB based on variables selected $r = bb2_db_query("SELECT COUNT(id) FROM `" . $settings['log_table']); $results = bb2_db_rows($r); $totalcount = $results[0]["COUNT(id)"]; $r = bb2_db_query("SELECT COUNT(id) FROM `" . $settings['log_table'] . "` WHERE 1=1 " . $where); $results = bb2_db_rows($r); $count = $results[0]["COUNT(id)"]; $pages = ceil($count / 100); $r = bb2_db_query("SELECT * FROM `" . $settings['log_table'] . "` WHERE 1=1 " . $where . "ORDER BY `date` DESC LIMIT " . ($paged - 1) * $rows_per_page . "," . $rows_per_page); $results = bb2_db_rows($r); // Display rows to the user ?> <div class="wrap"> <?php echo bb2_donate_button(admin_url("tools.php?page=bb2_manage")); ?> <h2><?php _e("Bad Behavior Log"); ?> </h2> <form method="post" action="<?php echo admin_url("tools.php?page=bb2_manage"); ?> "> <p>For more information please visit the <a href="http://bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p> <p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options"); ?> ">Settings</a> | <a href="<?php echo admin_url("options-general.php?page=bb2_whitelist"); ?> ">Whitelist</a></p> <div class="tablenav"> <?php $page_links = paginate_links(array('base' => add_query_arg("paged", "%#%"), 'format' => '', 'total' => $pages, 'current' => $paged)); if ($page_links) { echo "<div class=\"tablenav-pages\">{$page_links}</div>\n"; } ?> <div class="alignleft"> <?php if ($count < $totalcount) { ?> Displaying <strong><?php echo $count; ?> </strong> of <strong><?php echo $totalcount; ?> </strong> records filtered by:<br/> <?php if ($_GET['key']) { echo "Status [<a href=\"" . esc_url(remove_query_arg(array("paged", "key"), $request_uri)) . "\">X</a>] "; } if ($_GET['blocked']) { echo "Blocked [<a href=\"" . esc_url(remove_query_arg(array("paged", "blocked", "permitted"), $request_uri)) . "\">X</a>] "; } if ($_GET['permitted']) { echo "Permitted [<a href=\"" . esc_url(remove_query_arg(array("paged", "blocked", "permitted"), $request_uri)) . "\">X</a>] "; } if ($_GET['ip']) { echo "IP [<a href=\"" . esc_url(remove_query_arg(array("paged", "ip"), $request_uri)) . "\">X</a>] "; } if ($_GET['user_agent']) { echo "User Agent [<a href=\"" . esc_url(remove_query_arg(array("paged", "user_agent"), $request_uri)) . "\">X</a>] "; } if ($_GET['request_method']) { echo "GET/POST [<a href=\"" . esc_url(remove_query_arg(array("paged", "request_method"), $request_uri)) . "\">X</a>] "; } } else { ?> Displaying all <strong><?php echo $totalcount; ?> </strong> records<br/> <?php } if (!$_GET['key'] && !$_GET['blocked']) { ?> <a href="<?php echo esc_url(add_query_arg(array("blocked" => "1", "permitted" => "0", "paged" => false), $request_uri)); ?> ">Show Blocked</a> <?php } if (!$_GET['key'] && !$_GET['permitted']) { ?> <a href="<?php echo esc_url(add_query_arg(array("permitted" => "1", "blocked" => "0", "paged" => false), $request_uri)); ?> ">Show Permitted</a> <?php } ?> </div> </div> <table class="widefat"> <thead> <tr> <th scope="col" class="check-column"><input type="checkbox" onclick="checkAll(document.getElementById('request-filter'));" /></th> <th scope="col"><?php _e("IP/Date/Status"); ?> </th> <th scope="col"><?php _e("Headers"); ?> </th> <th scope="col"><?php _e("Entity"); ?> </th> </tr> </thead> <tbody> <?php $alternate = 0; if ($results) { foreach ($results as $result) { $key = bb2_get_response($result["key"]); $alternate++; if ($alternate % 2) { echo "<tr id=\"request-" . $result["id"] . "\" valign=\"top\">\n"; } else { echo "<tr id=\"request-" . $result["id"] . "\" class=\"alternate\" valign=\"top\">\n"; } echo "<th scope=\"row\" class=\"check-column\"><input type=\"checkbox\" name=\"submit[]\" value=\"" . $result["id"] . "\" /></th>\n"; $httpbl = bb2_httpbl_lookup($result["ip"]); $host = @gethostbyaddr($result["ip"]); if (!strcmp($host, $result["ip"])) { $host = ""; } else { $host .= "<br/>\n"; } echo "<td><a href=\"" . esc_url(add_query_arg("ip", $result["ip"], remove_query_arg("paged", $request_uri))) . "\">" . $result["ip"] . "</a><br/>{$host}<br/>\n" . $result["date"] . "<br/><br/><a href=\"" . esc_url(add_query_arg("key", $result["key"], remove_query_arg(array("paged", "blocked", "permitted"), $request_uri))) . "\">" . $key["log"] . "</a>\n"; if ($httpbl) { echo "<br/><br/><a href=\"http://www.projecthoneypot.org/ip_{$result['ip']}\">http:BL</a>:<br/>{$httpbl}\n"; } echo "</td>\n"; $headers = str_replace("\n", "<br/>\n", htmlspecialchars($result['http_headers'])); if (@strpos($headers, $result['user_agent']) !== FALSE) { $headers = substr_replace($headers, "<a href=\"" . esc_url(add_query_arg("user_agent", rawurlencode($result["user_agent"]), remove_query_arg("paged", $request_uri))) . "\">" . $result['user_agent'] . "</a>", strpos($headers, $result['user_agent']), strlen($result['user_agent'])); } if (@strpos($headers, $result['request_method']) !== FALSE) { $headers = substr_replace($headers, "<a href=\"" . esc_url(add_query_arg("request_method", rawurlencode($result["request_method"]), remove_query_arg("paged", $request_uri))) . "\">" . $result['request_method'] . "</a>", strpos($headers, $result['request_method']), strlen($result['request_method'])); } echo "<td>{$headers}</td>\n"; echo "<td>" . str_replace("\n", "<br/>\n", htmlspecialchars($result["request_entity"])) . "</td>\n"; echo "</tr>\n"; } } ?> </tbody> </table> <div class="tablenav"> <?php $page_links = paginate_links(array('base' => add_query_arg("paged", "%#%"), 'format' => '', 'total' => $pages, 'current' => $paged)); if ($page_links) { echo "<div class=\"tablenav-pages\">{$page_links}</div>\n"; } ?> <div class="alignleft"> </div> </div> </form> </div> <?php }