X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=libs%2Flib_detector.php;h=a62ea4b20f48e04995e0cf169300cd795f3915ea;hb=2911b561eea7f048bc723627a3bb124b328802c9;hp=0ebdf4dcc7e5a681749f44a52690676ea41b67e5;hpb=c4d703772169c4d0de240db6aa94d05b18d49075;p=ctracker.git diff --git a/libs/lib_detector.php b/libs/lib_detector.php index 0ebdf4d..a62ea4b 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -4,7 +4,7 @@ * * @author Roland Haeder * @version 3.0.0 - * @copyright Copyright (c) 2009 Cracker Tracker Team + * @copyright Copyright (c) 2009 - 2017 Cracker Tracker Team * @license GNU GPL 3.0 or any newer version * @link http://www.shipsimu.org * @@ -41,6 +41,9 @@ function initCrackerTrackerArrays () { 'cmd=new', // LinPHA 'cmd=edit', // LinPHA 'cmd=lostpw', // LinPHA + '/css/status_config.php', // MantisBT + '/css/common_config.php', // MantisBT + '/javascript_config.php', // MantisBT ); // Attacks we should detect and block @@ -93,6 +96,7 @@ function initCrackerTrackerArrays () { // php.ini settings 'allow_url_fopen', 'allow_url_include', 'auto_prepend_file', 'disable_functions', 'safe_mode', + 'open_basedir', // PHP commands/scripts 'fopen', 'fwrite', 'phpinfo()', '\', 'base64_decode', 'file_put_contents', @@ -106,7 +110,7 @@ function initCrackerTrackerArrays () { '_phplib', '__callbackparam', // Generic remote inclusion - '=http://', '=https://', + '=http://', '=https://', '=php://', 'path=', 'sql=', '=%7BQUOT%7D', '=%5C', '=%22http','=%22ftp','=%22file','=%27http','=%27ftp', '=%27file', @@ -147,11 +151,10 @@ function initCrackerTrackerArrays () { // @TODO Misc/unsorted 'cgi-', '.eml', '$_request', '$_get', '$request', '$get', '.system', '&aim', 'new_password', '&icq', '.conf', 'motd ', 'HTTP/1.', - 'window.open', 'img src', 'img src', '.jsp', 'servlet', - 'wwwacl', '.js', '.jsp', 'server-info', 'server-status', - 'secure_site, ok', 'chunked', 'org.apache', '/servlet/con', - '