Some nice improvements:

- Mail headers and receipient address configurable (the constant
  __CTRACKER_EMAIL is deprecated)
- Domain is now included in check (see function isCrackerTrackerEntryFound())
- Last attempt wasn't logged correctly (bad SQL)
- Minor improvements

diff --git a/config/db_config.php.dist b/config/db_config.php.dist
index 4a4c683884218c4873f4189c97385d5c767dac62..8821b7ffc872cf0b92d1f6b1cee10c1b0e6b0dcc 100644 (file)
--- a/config/db_config.php.dist
+++ b/config/db_config.php.dist
@@ -37,5 +37,11 @@ $GLOBALS['ctracker_password'] = '';
 // Debugging should be disabled by default
 // $GLOBALS['ctracker_debug'] = true;
 
+// Mail headers
+$GLOBALS['ctracker_header'] = 'From: ctracker@domain.invalid';
+
+// Email recipient for all emails
+$GLOBALS['ctracker_email'] = 'you@domain.invalid';
+
 // [EOF]
 ?>

diff --git a/install/install.sql b/install/install.sql
index eb3ce77268fc804b0a5f21941f50dbdeb256062b..aef3d907a925272e66ecc93302e5af7694d8bf24 100644 (file)
--- a/install/install.sql
+++ b/install/install.sql
@@ -10,7 +10,7 @@ CREATE TABLE IF NOT EXISTS `ctracker_data` (
        `script_name` varchar(255) NOT NULL COMMENT 'Full script name',
        `referer` varchar(255) NOT NULL COMMENT 'Referer',
        `first_attempt` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00' COMMENT 'First attempt',
-       `last_attempt` timestamp NOT NULL COMMENT 'Last attempt',
+       `last_attempt` TIMESTAMP ON UPDATE CURRENT_TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'Last attempt',
        `count` bigint(20) unsigned NOT NULL DEFAULT '0' COMMENT 'Counter',
        PRIMARY KEY (`id`),
        KEY `remote_addr` (`remote_addr`)

diff --git a/libs/lib_connect.php b/libs/lib_connect.php
index 800b07eb6b497c8e23192276ec37e0a2c1151bef..b4f3772991715088704601e23f3ec775beb675fe 100644 (file)
--- a/libs/lib_connect.php
+++ b/libs/lib_connect.php
@@ -103,10 +103,10 @@ function updateCrackerTrackerEntry ($rowData) {
        runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__);
 }
 
-// Checks if an entry with IP/check_worm combination is there
+// Checks if an entry with IP/check_worm/domain combination is there
 function isCrackerTrackerEntryFound ($rowData) {
        // Construct the SELECT query
-       $SQL = 'SELECT `id` FROM `ctracker_data` WHERE `remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" LIMIT 1';
+       $SQL = 'SELECT `id` FROM `ctracker_data` WHERE `remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1';
 
        // Run the SQL and check if we have one line
        return (mysql_num_rows(runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__)) == 1);

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index eb9ed1d8ad3e15cc9f7b3a5cc07a5a9e78416694..60c9f85dab9ce250d33be2e3e77ad688abe4c10f 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -144,9 +144,12 @@ function crackerTrackerSendMail ($mail) {
 
                        // All fine
                        return true;
-               } else {
+               } elseif (isset($GLOBALS['ctracker_email'])) {
                        // Send it
-                       return mail(constant('__CTRACKER_EMAIL'), 'CTracker: Attack detected!', $mail, 'From: ctracker@mxchange.org');
+                       return mail($GLOBALS['ctracker_email'], 'CTracker: Attack detected!', $mail, $GLOBALS['ctracker_header']);
+               } else {
+                       // Send it the deprecated way with constant
+                       return mail(constant('__CTRACKER_EMAIL'), 'CTracker: Attack detected!', $mail, $GLOBALS['ctracker_header']);
                }
        } // END - if
 }