public static function load() { require_once dirname(__FILE__) . '/Rules/Bbclone.php'; Bouncer_Rules_Bbclone::load(); require_once dirname(__FILE__) . '/Rules/Basic.php'; Bouncer_Rules_Basic::load(); require_once dirname(__FILE__) . '/Rules/Browser.php'; Bouncer_Rules_Browser::load(); require_once dirname(__FILE__) . '/Rules/Robot.php'; Bouncer_Rules_Robot::load(); require_once dirname(__FILE__) . '/Rules/Request.php'; Bouncer_Rules_Request::load(); require_once dirname(__FILE__) . '/Rules/Fingerprint.php'; Bouncer_Rules_Fingerprint::load(); require_once dirname(__FILE__) . '/Rules/Network.php'; Bouncer_Rules_Network::load(); require_once dirname(__FILE__) . '/Rules/Geoip.php'; Bouncer_Rules_Geoip::load(); }
public static function extract() { require_once dirname(__FILE__) . '/Rules/Fingerprint.php'; $botnets = Bouncer_Rules_Fingerprint::get('botnet'); $agents = Bouncer::getAgentsIndex(self::$_namespace); $fingerprints = array(); // Collect level 1 fingerprints foreach ($agents as $id) { $key = $_GET['extract']; $identity = Bouncer::getIdentity($id); $fg = $identity['fingerprint']; if (strpos($identity['host'], $key) !== false) { $fingerprints[] = $fg; } } $fingerprints = array_unique($fingerprints); $hosts = array(); // Collect level 1 hosts foreach ($agents as $id) { $identity = Bouncer::getIdentity($id); $fg = $identity['fingerprint']; $host = $identity['host']; if (in_array($fg, $fingerprints)) { if (empty($hosts[$host])) { $hosts[$host] = 1; } else { $hosts[$host]++; } } } $fingerprints2 = array(); // Collect level 2 fingerprints foreach ($agents as $id) { $identity = Bouncer::getIdentity($id); $fg = $identity['fingerprint']; $host = $identity['host']; if (isset($hosts[$host])) { if (empty($fingerprints2[$fg])) { $fingerprints2[$fg] = 1; } else { $fingerprints2[$fg]++; } } } $fingerprints3 = array(); // Check Ambigous agents foreach ($agents as $id) { $identity = Bouncer::getIdentity($id); $fg = $identity['fingerprint']; $host = $identity['host']; if (isset($fingerprints2[$fg]) && empty($hosts[$host])) { if (empty($fingerprints3[$fg])) { $fingerprints3[$fg] = 1; } else { $fingerprints3[$fg]++; } } } ksort($fingerprints2); arsort($fingerprints2); foreach ($fingerprints2 as $value => $count) { if (isset($fingerprints3[$value])) { continue; } if (in_array($value, $botnets)) { continue; } echo "\n'{$value}', // {$count}"; } }