From 73216cc6f0fd08588b98ac21fc6b931610bb3e1e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 28 Oct 2020 10:16:38 +0100 Subject: [PATCH] Continued: - added spam_bot_dectections field to allow counting spambot attacks MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- libs/lib_connect.php | 6 +++--- libs/lib_detector.php | 16 +++++++++++++++- libs/lib_updates.php | 6 ++++++ 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/libs/lib_connect.php b/libs/lib_connect.php index 9524454..2a6a366 100644 --- a/libs/lib_connect.php +++ b/libs/lib_connect.php @@ -97,7 +97,7 @@ function crackerTrackerCloseDatabaseLink () { } // Inserts given array, if IP/check_get combination was not found -function crackerTrackerInsertArray ($table, $rowData) { +function crackerTrackerInsertArray ($table, array $rowData) { // Is there a link up? if (!isCrackerTrackerDatabaseLinkUp()) { // Abort silently here @@ -124,9 +124,9 @@ function crackerTrackerInsertArray ($table, $rowData) { } // Updates a given entry by just counting it up -function updateCrackerTrackerEntry (array $rowData) { +function updateCrackerTrackerEntry (array $rowData, $countColumn = 'count') { // Construct the SELECT query - $sqlString = 'UPDATE `ctracker_data` SET `count`=`count`+1 WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `` = "' . crackerTrackerEscapeString($rowData['']) . '" LIMIT 1'; + $sqlString = 'UPDATE `ctracker_data` SET `' . $countColumn . '`=`' . $countColumn . '`+1 WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") LIMIT 1'; // Run the SQL and check if we have one line runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__); diff --git a/libs/lib_detector.php b/libs/lib_detector.php index 862c738..819adc6 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -438,13 +438,27 @@ function crackerTrackerLogAttack () { crackerTrackerInsertArray('ctracker_data', $rowData); } +function ctrackerIncreaseAntiSpambotCount () { + // Init row data + $rowData = [ + 'remote_addr' => determineCrackerTrackerRealRemoteAddress(), + 'proxy_addr' => getenv('REMOTE_ADDR'), + ]; + + // Update count + updateCrackerTrackerEntry($rowData, 'spam_bot_dectections'); +} + // Alerts the current user about malicious/suspicious traffic function crackerTrackerAlertCurrentUser () { // Is there some data? if (isset($GLOBALS['ctracker_last_suspicious_entry'])) { // Does the user have a ticket? if (ifCtrackerTrackerAntiSpamFieldGiven()) { - // Spam-bot filled out anti-spam field + // Spam-bot filled out anti-spam field, register count + ctrackerIncreaseAntiSpambotCount(); + + // Output message to spammer ctrackerTrackerLoadTemplate('bot_captured'); } elseif (ifCrackerTrackerIpHasTicket()) { // Load "Thank you" template diff --git a/libs/lib_updates.php b/libs/lib_updates.php index a51e584..c3d0287 100644 --- a/libs/lib_updates.php +++ b/libs/lib_updates.php @@ -98,6 +98,12 @@ FOREIGN KEY ( `ctracker_data_id` ) REFERENCES `' . $GLOBALS['ctracker_dbname'] . FROM `ctracker_data` GROUP BY `request_method`' ], + + // Anti-spambot field + [ + "ALTER TABLE `ctracker_data` CHANGE `proxy_addr` `proxy_addr` varchar(15) COLLATE 'latin1_swedish_ci' NULL COMMENT 'Detected proxy address' AFTER `count`", + "ALTER TABLE `ctracker_data` ADD `spam_bot_dectections` bigint unsigned NOT NULL DEFAULT '0' COMMENT 'Spam-bot attempts'", + ], ]; } -- 2.39.5