Continued:

- added INSERT_RANDOM_NUMBER_HERE, typical for incompletely configured OpenX/revive Ad Server
- changed to "new" array style
- renamed ctracker_blocked_requests -> ctracker_blocked_methods as they are the
  request methods that should always be blocked
- updated .gitattributes

diff --git a/.gitattributes b/.gitattributes
index dfe0770424b2a19faf507a501ebfc23be8f54e7b..72184ce6eaa2f5cfb1e2d183953105fb520308bd 100644 (file)
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1,33 @@
-# Auto detect text files and perform LF normalization
+#
+### Distribute this file on all GIT projects!
+#
+# Autodetect text files
 * text=auto
+
+# Force the following filetypes to have unix eols, so Windows does not break them
+*.* text eol=lf
+
+# Force images/fonts to be handled as binaries
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.png binary
+*.t3x binary
+*.t3d binary
+*.exe binary
+*.data binary
+*.ttf binary
+*.eof binary
+*.eot binary
+*.swf binary
+*.mov binary
+*.mp4 binary
+*.mp3 binary
+*.ogg binary
+*.flv binary
+*.jar binary
+*.pdf binary
+*.woff* binary
+*.otf binary
+*.z binary
+*.docx binary

diff --git a/libs/lib_connect.php b/libs/lib_connect.php
index 4885b2fac3757c7111fc8e31d4338e9f8cd96e9f..e21af93b19c58c802414bb6e2bd2d12998ac0041 100644 (file)
--- a/libs/lib_connect.php
+++ b/libs/lib_connect.php
@@ -46,9 +46,9 @@ function aquireCrackerTrackerDatabaseLink () {
 // Inits a fake configurtation
 function crackerTrackerInitFakeConfig () {
        // Set the array
-       $GLOBALS['ctracker_config'] = array(
+       $GLOBALS['ctracker_config'] = [
                'ctracker_alert_user' => 'Y',
-       );
+       ];
 }
 
 // Checks if the link is up
@@ -367,14 +367,14 @@ function ifCrackerTrackerIpHasTicket () {
 // Adds a ticket based on given (mostly $_POST) data
 function addCrackerTrackerTicket (array $data) {
        // Prepare the array
-       $GLOBALS['ctracker_last_ticket'] = array(
+       $GLOBALS['ctracker_last_ticket'] = [
                'ctracker_ticket_remote_addr' => determineCrackerTrackerRealRemoteAddress(),
                'ctracker_ticket_proxy_addr'  => getenv('REMOTE_ADDR'),
                'ctracker_ticket_user_agent'  => crackerTrackerUserAgent(),
                'ctracker_ticket_name'        => crackerTrackerSecureString($data['name']),
                'ctracker_ticket_email'       => crackerTrackerSecureString($data['email']),
                'ctracker_ticket_comment'     => crackerTrackerSecureString($data['comment'])
-       );
+       ];
 
        // Insert it
        crackerTrackerInsertArray('ctracker_ticket', $GLOBALS['ctracker_last_ticket']);
@@ -382,10 +382,10 @@ function addCrackerTrackerTicket (array $data) {
        // Is there an entry?
        if ((isset($GLOBALS['ctracker_last_insert_id'])) && ($GLOBALS['ctracker_last_insert_id'] > 0)) {
                // All fine, so prepare the link between ticket<->data
-               $data = array(
+               $data = [
                        'ctracker_ticket_id' => $GLOBALS['ctracker_last_insert_id'],
                        'ctracker_data_id'   => $GLOBALS['ctracker_last_suspicious_entry']['id']
-               );
+               ];
 
                // And insert it as well
                crackerTrackerInsertArray('ctracker_ticket_data', $data);

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index c008a2faa1a80c36bd96a8bf3800deeb945a43d5..21a15d8e5e54d808a7a15bf744ba403da5120e49 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -37,17 +37,17 @@ function initCrackerTrackerArrays () {
        $GLOBALS['ctracker_base_path'] = dirname(dirname(__FILE__));
 
        // Whitelist some absolute query strings (see below)
-       $GLOBALS['ctracker_whitelist'] = array(
+       $GLOBALS['ctracker_whitelist'] = [
                'cmd=new',    // LinPHA
                'cmd=edit',   // LinPHA
                'cmd=lostpw', // LinPHA
                '/css/status_config.php', // MantisBT
                '/css/common_config.php', // MantisBT
                '/javascript_config.php', // MantisBT
-       );
+       ];
 
        // Attacks we should detect and block
-       $GLOBALS['ctracker_get_blacklist'] = array(
+       $GLOBALS['ctracker_get_blacklist'] = [
                // SQL injections
                'union ', ' union', 'insert ',
                'select ', ' like', 'like ', 'drop ', 'update ',
@@ -154,11 +154,11 @@ function initCrackerTrackerArrays () {
                'window.open', 'img src', 'img src', '.jsp', 'servlet', 'org.apache',
                'wwwacl', 'server-info', 'server-status', '/servlet/con', 'http_',
                'secure_site, ok', 'chunked', '<script', 'mod_gzip_status', '.system',
-               'uol.com', ',0x', '(0x',
-       );
+               'uol.com', ',0x', '(0x', 'INSERT_RANDOM_NUMBER_HERE',
+       ];
 
        // BLock these words found in User-Agent
-       $GLOBALS['ctracker_ua_blacklist'] = array(
+       $GLOBALS['ctracker_ua_blacklist'] = [
                // Compiler/interpreter
                'bin/g++ ', 'bin/c++ ', 'cc ', 'bin/python', 'bin/python', 'bin/tclsh',
                'bin/tclsh', 'bin/nasm', '/perl', 'cmd.exe',
@@ -183,19 +183,21 @@ function initCrackerTrackerArrays () {
 
                // /proc/ and other forbidden paths
                'proc/self/environ',
-       );
+       ];
 
        // Block these words found in POST requests
-       $GLOBALS['ctracker_post_blacklist'] = array(
+       $GLOBALS['ctracker_post_blacklist'] = [
                // This line is for detecting hidden link spam in wikis, forums, guestbooks, etc.
                ' style=', 'overflow:auto', 'height:1px', 'width:1px', 'display:hidden', 'style.display',
 
                // "Common" login names from VHCS exploiters ;-)
                'starhack', 'DeLiMehmet', 'hisset', 'Hisset', 'delimert', 'MecTruy'
-       );
+       ];
 
        // Also block these requests (mostly you don't want CONNECT to some SMTP sites)
-       $GLOBALS['ctracker_blocked_requests'] = array('CONNECT' => TRUE);
+       $GLOBALS['ctracker_blocked_methods'] = [
+               'CONNECT' => TRUE,
+       ];
 
        // Init more elements
        $GLOBALS['ctracker_post_track']   = '';
@@ -220,7 +222,7 @@ function isCrackerTrackerWormDetected () {
                ) || (
                        $GLOBALS['ctracker_checked_ua'] != crackerTrackerUserAgent(TRUE)
                ) || (
-                       isset($GLOBALS['ctracker_blocked_requests'][crackerTrackerRequestMethod()])
+                       isset($GLOBALS['ctracker_blocked_methods'][crackerTrackerRequestMethod()])
                )
        );
        //* DEBUG-DIE: */ die('isWorm='.intval($isWorm).PHP_EOL.'get='.PHP_EOL.'"'.$GLOBALS['ctracker_checked_get'].'"'.PHP_EOL.'"'.crackerTrackerQueryString().'"'.PHP_EOL.'ua='.PHP_EOL.'"'.$GLOBALS['ctracker_checked_ua'].'"'.PHP_EOL.'"'.crackerTrackerUserAgent().'"'.PHP_EOL);
@@ -284,12 +286,12 @@ function sendCrackerTrackerTicketMails () {
 // Sends a mail out
 function crackerTrackerSendMail ($mail, $recipient = NULL, $subject = NULL) {
        // Construct dummy array
-       $rowData = array(
+       $rowData = [
                'remote_addr' => determineCrackerTrackerRealRemoteAddress(),
                'proxy_addr'  => getenv('REMOTE_ADDR'),
                'check_get'   => $GLOBALS['ctracker_checked_get'],
                'server_name' => crackerTrackerServerName()
-       );
+       ];
 
        // Only send email if not yet found
        if (!isCrackerTrackerEntryFound($rowData)) {
@@ -385,7 +387,7 @@ function crackerTrackerLogAttack () {
        } // END - if
 
        // Prepare array for database insert
-       $rowData = array(
+       $rowData = [
                'remote_addr'    => determineCrackerTrackerRealRemoteAddress(),
                'proxy_addr'     => getenv('REMOTE_ADDR'),
                'user_agent'     => crackerTrackerUserAgent(),
@@ -400,7 +402,7 @@ function crackerTrackerLogAttack () {
                'request_method' => crackerTrackerRequestMethod(),
                'proxy_used'     => $proxyUsed,
                'first_attempt'  => 'NOW()'
-       );
+       ];
 
        // Insert the array in database
        crackerTrackerInsertArray('ctracker_data', $rowData);

diff --git a/libs/lib_general.php b/libs/lib_general.php
index 1b2b886c4e3dfaacf8c7d0145ba9d54241b158fe..515f0dc071591b1c375676f449e76dc68a452495 100644 (file)
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -25,13 +25,13 @@
 if (!function_exists('implode_r')) {
        // Implode recursive a multi-dimension array, taken from www.php.net
        function implode_r ($glue, $array, $array_name = NULL) {
-               $return = array();
-               while(list($key,$value) = @each($array)) {
-                       if(is_array($value)) {
+               $return = [];
+               while (list($key,$value) = @each($array)) {
+                       if (is_array($value)) {
                                // Is an array again, so call recursive
                                $return[] = implode_r($glue, $value, (string) $key);
                        } else {
-                               if($array_name != NULL) {
+                               if ($array_name != NULL) {
                                        $return[] = $array_name . '[' . (string) $key . ']=' . $value . "\n";
                                } else {
                                        $return[] = $key . '=' . $value."\n";
@@ -40,13 +40,13 @@ if (!function_exists('implode_r')) {
                } // END - while
 
                // Return resulting array
-               return(implode($glue, $return));
+               return implode($glue, $return);
        } // END - function
 } // END - if
 
 if (!function_exists('implode_secure')) {
        // Implode a simple array with a 'call-back' to our escaper function
-       function implode_secure ($array) {
+       function implode_secure (array $array) {
                // Return string
                $return = '';
 
@@ -85,7 +85,7 @@ function crackerTrackerLoadConfiguration () {
        } // END - if
 
        // Load it
-       require($fqfn);
+       require $fqfn;
 
        // Load email header
        $GLOBALS['ctracker_header'] = crackerTrackerLoadEmailTemplate('header');
@@ -383,7 +383,7 @@ function crackerTrackerLanguage () {
 }
 
 // Loads a given email template and passes through $content
-function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = NULL) {
+function crackerTrackerLoadEmailTemplate ($template, array $content = [], $language = NULL) {
        // Init language
        crackerTrackerLanguage();
 
@@ -581,7 +581,7 @@ function unsetCtrackerData () {
                        'ctracker_language',
                        'ctracker_localized',
                        'ctracker_link',
-                       'ctracker_blocked_requests',
+                       'ctracker_blocked_methods',
                ) as $key) {
                        // Unset it
                        unset($GLOBALS[$key]);

diff --git a/libs/lib_updates.php b/libs/lib_updates.php
index fd34fcc6c4159f32a70e8973b25d3a6d3c812867..21ef93f731b709c0cd163dc4cc58bfdd7b7c835b 100644 (file)
--- a/libs/lib_updates.php
+++ b/libs/lib_updates.php
@@ -25,7 +25,7 @@
 // Init all updates
 function crackerTrackerInitUpdates () {
        // Add all
-       $GLOBALS['ctracker_updates'] = array(
+       $GLOBALS['ctracker_updates'] = [
                // Ticket system:
                0 => array(
                        'CREATE TABLE IF NOT EXISTS `ctracker_ticket` (
@@ -98,7 +98,7 @@ FOREIGN KEY ( `ctracker_data_id` ) REFERENCES `' . $GLOBALS['ctracker_dbname'] .
                        FROM `ctracker_data`
                        GROUP BY `request_method`'
                ),
-       );
+       ];
 }
 
 // Runs the given updates at number X