From 8586d37c9b8a92959bf869b11436c7b63ad95fca Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 28 Oct 2020 10:05:56 +0100 Subject: [PATCH] Continued: - changed all to - added hidden anti-spam field as I'm done with these spammers abusing my well-intended email form - also included a message to those spammers MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- libs/language/.php | 3 -- libs/language/de.php | 3 -- libs/language/en.php | 3 -- libs/lib_detector.php | 5 ++- libs/lib_general.php | 38 ++++++++++++++++++++ libs/templates/add_ticket.tpl.php | 3 -- libs/templates/add_ticket_thanks.tpl.php | 3 -- libs/templates/bot_captured.tpl.php | 32 +++++++++++++++++ libs/templates/de/add_ticket_form.tpl.php | 5 +-- libs/templates/de/add_ticket_success.tpl.php | 4 +-- libs/templates/de/body_header.tpl.php | 2 +- libs/templates/de/bot_captured.tpl.php | 15 ++++++++ libs/templates/en/add_ticket_form.tpl.php | 5 +-- libs/templates/en/add_ticket_success.tpl.php | 4 +-- libs/templates/en/body_header.tpl.php | 2 +- libs/templates/en/bot_captured.tpl.php | 14 ++++++++ libs/templates/page_header.tpl.php | 4 +-- 17 files changed, 117 insertions(+), 28 deletions(-) create mode 100644 libs/templates/bot_captured.tpl.php create mode 100644 libs/templates/de/bot_captured.tpl.php create mode 100644 libs/templates/en/bot_captured.tpl.php diff --git a/libs/language/.php b/libs/language/.php index ad89265..545a39b 100644 --- a/libs/language/.php +++ b/libs/language/.php @@ -24,6 +24,3 @@ // Add localized messages here $GLOBALS['ctracker_localized']['foo_bar'] = 'Some foo-bar string'; - -// [EOF] -?> diff --git a/libs/language/de.php b/libs/language/de.php index 6cf7859..2d07289 100644 --- a/libs/language/de.php +++ b/libs/language/de.php @@ -28,6 +28,3 @@ $GLOBALS['ctracker_localized']['user_add_ticket_subject'] = 'Ihr ausgefüllt $GLOBALS['ctracker_localized']['webmaster_add_ticket_subject'] = 'Ausgefülltes Support-Ticket erhalten'; $GLOBALS['ctracker_localized']['add_ticket_name_missing'] = 'Sie haben keinen Namen eingegeben.'; $GLOBALS['ctracker_localized']['add_ticket_email_missing'] = 'Sie haben keine Email-Adresse eingegeben.'; - -// [EOF] -?> diff --git a/libs/language/en.php b/libs/language/en.php index deedfac..f5ff6c7 100644 --- a/libs/language/en.php +++ b/libs/language/en.php @@ -28,6 +28,3 @@ $GLOBALS['ctracker_localized']['user_add_ticket_subject'] = 'Your filled-out sup $GLOBALS['ctracker_localized']['webmaster_add_ticket_subject'] = 'Filled-out support ticket received'; $GLOBALS['ctracker_localized']['add_ticket_name_missing'] = 'You have entered no name.'; $GLOBALS['ctracker_localized']['add_ticket_email_missing'] = 'You have entered no email address.'; - -// [EOF] -?> diff --git a/libs/lib_detector.php b/libs/lib_detector.php index 7dc5c47..862c738 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -443,7 +443,10 @@ function crackerTrackerAlertCurrentUser () { // Is there some data? if (isset($GLOBALS['ctracker_last_suspicious_entry'])) { // Does the user have a ticket? - if (ifCrackerTrackerIpHasTicket()) { + if (ifCtrackerTrackerAntiSpamFieldGiven()) { + // Spam-bot filled out anti-spam field + ctrackerTrackerLoadTemplate('bot_captured'); + } elseif (ifCrackerTrackerIpHasTicket()) { // Load "Thank you" template crackerTrackerLoadTemplate('add_ticket_thanks'); } elseif ((isset($_POST['ctracker_add_ticket'])) && (!empty($_POST['name'])) && (!empty($_POST['email']))) { diff --git a/libs/lib_general.php b/libs/lib_general.php index e20fa23..0b1a8fd 100644 --- a/libs/lib_general.php +++ b/libs/lib_general.php @@ -596,3 +596,41 @@ function crackerTrackerSanitize ($str) { function crackerTrackerIsConsole () { return (php_sapi_name() == 'cli'); } + +function ctrackerAntiSpamField () { + // Get all fields + $fields = ctrackerGetAntiSpamFields(); + + // Choose random + $fieldName = $fields[mt_rand(0, count($fields) - 1)]; + + // Return it + return $fieldName; +} + +function ctrackerGetAntiSpamFields () { + return [ + 'ctracker_url', + 'ctracker_aol', + 'ctracker_yahoo', + 'ctracker_icq', + 'ctracker_jabber', + ]; +} + +function ifCtrackerTrackerAntiSpamFieldGiven () { + // Is request method POST? + if (crackerTrackerRequestMethod() != 'POST') { + // Cannot be given + return FALSE; + } + + // Walk through all fields + foreach (ctrackerGetAntiSpamFields() as $fieldName) { + // Is one found? + if (in_array($fieldName, $_POST) && !empty($_POST[$fieldName])) { + // Filled out! + return TRUE; + } + } +} diff --git a/libs/templates/add_ticket.tpl.php b/libs/templates/add_ticket.tpl.php index 04d8f2a..a46354f 100644 --- a/libs/templates/add_ticket.tpl.php +++ b/libs/templates/add_ticket.tpl.php @@ -36,6 +36,3 @@ crackerTrackerLoadLocalizedTemplate('add_ticket_form'); // Load footer crackerTrackerLoadTemplate('page_footer'); - -// [EOF] -?> diff --git a/libs/templates/add_ticket_thanks.tpl.php b/libs/templates/add_ticket_thanks.tpl.php index 6cf4ff0..a14fd81 100644 --- a/libs/templates/add_ticket_thanks.tpl.php +++ b/libs/templates/add_ticket_thanks.tpl.php @@ -30,6 +30,3 @@ crackerTrackerLoadLocalizedTemplate('add_ticket_success'); // Load footer crackerTrackerLoadTemplate('page_footer'); - -// [EOF] -?> diff --git a/libs/templates/bot_captured.tpl.php b/libs/templates/bot_captured.tpl.php new file mode 100644 index 0000000..65462dd --- /dev/null +++ b/libs/templates/bot_captured.tpl.php @@ -0,0 +1,32 @@ + + * @version 3.0.0 + * @copyright Copyright (c) 2009 - 2017 Cracker Tracker Team + * @license GNU GPL 3.0 or any newer version + * @link http://www.shipsimu.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +// Load header +crackerTrackerLoadTemplate('page_header'); + +// Load form +crackerTrackerLoadLocalizedTemplate('bot_captured'); + +// Load footer +crackerTrackerLoadTemplate('page_footer'); diff --git a/libs/templates/de/add_ticket_form.tpl.php b/libs/templates/de/add_ticket_form.tpl.php index baec1d4..33af810 100644 --- a/libs/templates/de/add_ticket_form.tpl.php +++ b/libs/templates/de/add_ticket_form.tpl.php @@ -1,5 +1,5 @@ -
method="post"> + method="post">
Bitte füllen Sie ein Support-Ticket aus: @@ -27,7 +27,8 @@
+
diff --git a/libs/templates/de/add_ticket_success.tpl.php b/libs/templates/de/add_ticket_success.tpl.php index 7a651f2..5ce6ca5 100644 --- a/libs/templates/de/add_ticket_success.tpl.php +++ b/libs/templates/de/add_ticket_success.tpl.php @@ -1,11 +1,11 @@
- Ihr Ticket wurde mit der ID-Nummer + Ihr Ticket wurde mit der ID-Nummer erstellt. Sie können nun fortfahren:
-
method="post"> + method="post">
diff --git a/libs/templates/de/body_header.tpl.php b/libs/templates/de/body_header.tpl.php index 4234ae7..1e557a2 100644 --- a/libs/templates/de/body_header.tpl.php +++ b/libs/templates/de/body_header.tpl.php @@ -7,7 +7,7 @@ Die auf diesem Server installierte Sicherheitssoftware "Cracker Tracker Stand-Alone" hat kurz zuvor bösartigen oder eben nur verdächtigen Traffic ausgehend von Ihrer IP-Adresse - + erkannt. Bitte installieren oder aktualisieren Sie nun einen freien Virenscanner Ihrer Wahl lassen Sie einen kompletten Scan Ihres Computers durchführen. Es ist sehr wahrscheinlich dass die Sicherheit Ihres diff --git a/libs/templates/de/bot_captured.tpl.php b/libs/templates/de/bot_captured.tpl.php new file mode 100644 index 0000000..9c190d8 --- /dev/null +++ b/libs/templates/de/bot_captured.tpl.php @@ -0,0 +1,15 @@ + +

+ Spam-Bot erkannt +

+ +
+ Ihr Bot hat ein verdecktes Feld ausgefüllt, das dazu gedacht ist, + automatisierte Software zu fangen, da dieses Formular dazu missbraucht + wurde, um Emails an unschuldige Internetbenutzer zu versenden. +
+ +
+ Bitte fangen Sie ein echtes Leben an und suchen Sie sich echte Arbeit. + Werden Sie erwachsen! +
diff --git a/libs/templates/en/add_ticket_form.tpl.php b/libs/templates/en/add_ticket_form.tpl.php index f325e5d..cebc3c6 100644 --- a/libs/templates/en/add_ticket_form.tpl.php +++ b/libs/templates/en/add_ticket_form.tpl.php @@ -1,5 +1,5 @@ -
method="post"> + method="post">
Please fill-in a support ticket: @@ -27,7 +27,8 @@
+
diff --git a/libs/templates/en/add_ticket_success.tpl.php b/libs/templates/en/add_ticket_success.tpl.php index d24f02d..5b8e2f7 100644 --- a/libs/templates/en/add_ticket_success.tpl.php +++ b/libs/templates/en/add_ticket_success.tpl.php @@ -1,11 +1,11 @@
- Your ticket with the id number + Your ticket with the id number was just been created. You may continue now:
-
method="post"> + method="post">
diff --git a/libs/templates/en/body_header.tpl.php b/libs/templates/en/body_header.tpl.php index 26dd649..e26148a 100644 --- a/libs/templates/en/body_header.tpl.php +++ b/libs/templates/en/body_header.tpl.php @@ -7,7 +7,7 @@ The security software "Cracker Tracker Stand-Alone" installed on this server has recently detected some malicious or even suspicious traffic originating from your IP address - . Please now + . Please now install or update a free virus scanner (of your choice) and run a full scan on your computer. There is a high possibility that your computer's security is compromised and a trojan horse or virus has infected your diff --git a/libs/templates/en/bot_captured.tpl.php b/libs/templates/en/bot_captured.tpl.php new file mode 100644 index 0000000..471b170 --- /dev/null +++ b/libs/templates/en/bot_captured.tpl.php @@ -0,0 +1,14 @@ + +

+ Spam-bot detected +

+ +
+ Your bot has filled a hidden field that is intended to capture automated + software as this form has been abused for sending out emails to innocent + Internet users. +
+ +
+ Please get yourself a real life and find a real job. Grow up! +
diff --git a/libs/templates/page_header.tpl.php b/libs/templates/page_header.tpl.php index 025d7a3..327ebbd 100644 --- a/libs/templates/page_header.tpl.php +++ b/libs/templates/page_header.tpl.php @@ -1,5 +1,5 @@ - + Cracker Tracker Stand-Alone - Extended Edition: <?php crackerTrackerOutputLocalized('ctracker_page_header'); ?> @@ -7,7 +7,7 @@ <meta http-equiv="content-type" content="text/html;charset=UTF-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="content-script-type" content="text/javascript" /> - <meta http-equiv="language" content="<?php print $GLOBALS['ctracker_language']; ?>" /> + <meta http-equiv="language" content="<?= $GLOBALS['ctracker_language']; ?>" /> </head> <body> -- 2.39.5