ctracker.git
9 months agoproject name set master
Roland Häder [Tue, 18 Jul 2017 15:56:21 +0000 (17:56 +0200)]
project name set

Signed-off-by: Roland Häder <roland@mxchange.org>
9 months agoupdated (c)
Roland Häder [Tue, 18 Jul 2017 15:55:36 +0000 (17:55 +0200)]
updated (c)

Signed-off-by: Roland Häder <roland@mxchange.org>
9 months agoIt is okay to have this NetBeans project around + ignored private data
Roland Häder [Tue, 18 Jul 2017 15:51:36 +0000 (17:51 +0200)]
It is okay to have this NetBeans project around + ignored private data

Signed-off-by: Roland Häder <roland@mxchange.org>
18 months agoMantisBT need these being white-listed.
Roland Häder [Fri, 23 Sep 2016 15:14:27 +0000 (17:14 +0200)]
MantisBT need these being white-listed.

Signed-off-by: Roland Häder <roland@mxchange.org>
19 months agoMust be id to have NULL counted, too.
Roland Häder [Wed, 31 Aug 2016 07:17:27 +0000 (09:17 +0200)]
Must be id to have NULL counted, too.

Signed-off-by: Roland Häder <roland@mxchange.org>
19 months agoAdded view for request methods
Roland Häder [Wed, 31 Aug 2016 07:11:18 +0000 (09:11 +0200)]
Added view for request methods

Signed-off-by: Roland Häder <roland@mxchange.org>
19 months agoAdded "detection" of open_basedir and php:// protocol:
Roland Häder [Tue, 30 Aug 2016 07:04:17 +0000 (09:04 +0200)]
Added "detection" of open_basedir and php:// protocol:
- common way to inject php.ini settings which overrides them and then try to
  inject external code (remote inclusion)
- don't do such things as http://host.example/script.php?bla=php://input

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoFixed parser error
Roland Häder [Mon, 22 Aug 2016 08:58:54 +0000 (10:58 +0200)]
Fixed parser error

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoSorted a bit + removed '.js' as this was to much and kicked out .json, too.
Roland Häder [Mon, 22 Aug 2016 07:52:19 +0000 (09:52 +0200)]
Sorted a bit + removed '.js' as this was to much and kicked out .json, too.

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoSome fixes:
Roland Häder [Wed, 10 Aug 2016 07:47:09 +0000 (09:47 +0200)]
Some fixes:
- also check REQUEST_URI array element as QUERY_STRING may not be always set
- only sanitize when string is not empty

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoAlso block request methods such as CONNECT as they can be used for proxying
Roland Häder [Fri, 5 Aug 2016 08:58:46 +0000 (10:58 +0200)]
Also block request methods such as CONNECT as they can be used for proxying
(means "hiding") other requests such as SMTP (spam) or POP3 (people try to read
their mails but wasting your bandwidth).

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoAlso __CALLBACKPARAM needs blocking
Roland Häder [Thu, 28 Jul 2016 11:00:39 +0000 (13:00 +0200)]
Also __CALLBACKPARAM needs blocking

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoChecking against GET parameters is for the user-agent string not possible as
Roland Häder [Thu, 28 Jul 2016 10:57:49 +0000 (12:57 +0200)]
Checking against GET parameters is for the user-agent string not possible as
ordinary UAs may get blocked.

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoOnly for testing purposes the string is being sanitized, else http:// becomes http...
Roland Häder [Thu, 28 Jul 2016 09:53:13 +0000 (11:53 +0200)]
Only for testing purposes the string is being sanitized, else  becomes http:/ and cannot be compared with http:// anymore

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoUpdated database
Roland Häder [Thu, 28 Jul 2016 08:21:46 +0000 (10:21 +0200)]
Updated database

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoRenaming season has started:
Roland Häder [Thu, 28 Jul 2016 08:18:13 +0000 (10:18 +0200)]
Renaming season has started:
- renamed $F -> $function
- renamed $L -> $line
- renamed $SQL -> $sqlString
- added type-hint for arrays

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoSanitize request strings (also serialized POST data) from trickery like '//'
Roland Häder [Thu, 28 Jul 2016 08:02:50 +0000 (10:02 +0200)]
Sanitize request strings (also serialized POST data) from trickery like '//'
and '/./' where the attacker tries to circumvent checks.

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoContinued:
Roland Häder [Thu, 28 Jul 2016 07:57:30 +0000 (09:57 +0200)]
Continued:
- esystem is, well, system is better to look for
- block content-type header-insertion

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoContinued improving:
Roland Häder [Thu, 28 Jul 2016 07:50:24 +0000 (09:50 +0200)]
Continued improving:
- introduced crackerTrackerRequestMethod() to encapsulate $_SERVER['REQUEST_METHOD'] retrival
- this allows the script being used on console now
- check also user-agent string for bad occurrences (difference not yet logged)

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoUpdated a lot:
Roland Häder [Wed, 27 Jul 2016 08:35:57 +0000 (10:35 +0200)]
Updated a lot:
- fixed domain as the one with dash is gone
- loading config is now done correctly after general array is being initialized
- fixed loading of header template

Signed-off-by: Roland Häder <rhaeder@cho-time.de>
20 months agoIndex on count column to improve SUM queries
Roland Häder [Tue, 26 Jul 2016 08:11:57 +0000 (10:11 +0200)]
Index on count column to improve SUM queries

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoThis column should be after remote_addr to have both side by side
Roland Häder [Tue, 26 Jul 2016 07:55:32 +0000 (09:55 +0200)]
This column should be after remote_addr to have both side by side

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoCan be combined and makes code look nicer.
Roland Häder [Tue, 26 Jul 2016 07:35:00 +0000 (09:35 +0200)]
Can be combined and makes code look nicer.

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoAdded MySQL internal-use-only function
Roland Häder [Mon, 25 Jul 2016 09:15:57 +0000 (11:15 +0200)]
Added MySQL internal-use-only function

Signed-off-by: Roland Häder <roland@mxchange.org>
20 months agoAlso log request method
Roland Häder [Mon, 25 Jul 2016 07:59:45 +0000 (09:59 +0200)]
Also log request method

Signed-off-by: Roland Häder <roland@mxchange.org>
21 months agoOne to much ...
Roland Häder [Wed, 20 Jul 2016 08:40:11 +0000 (10:40 +0200)]
One to much ...

Signed-off-by: Roland Häder <roland@mxchange.org>
21 months agoMore PHP function calls (I don't like such RPCs) blocked
Roland Häder [Wed, 20 Jul 2016 08:26:41 +0000 (10:26 +0200)]
More PHP function calls (I don't like such RPCs) blocked

Signed-off-by: Roland Häder <roland@mxchange.org>
2 years agoAdded .gitattributes
Roland Haeder [Sat, 13 Feb 2016 20:56:17 +0000 (21:56 +0100)]
Added .gitattributes

Signed-off-by: Roland Haeder <roland@mxchange.org>
2 years agoOpps ...
Roland Haeder [Sat, 12 Sep 2015 21:38:08 +0000 (23:38 +0200)]
Opps ...

Signed-off-by: Roland Haeder <roland@mxchange.org>
2 years agoRewrote to MySQLi
Roland Haeder [Sat, 12 Sep 2015 21:36:46 +0000 (23:36 +0200)]
Rewrote to MySQLi

Signed-off-by: Roland Haeder <roland@mxchange.org>
3 years agoFixed
Roland Häder [Mon, 3 Nov 2014 09:53:26 +0000 (10:53 +0100)]
Fixed

Signed-off-by: Roland Häder <haeder@hmmdeutschland.de>
3 years agoAdded proc/self/environ
Roland Haeder [Sat, 1 Nov 2014 11:05:59 +0000 (12:05 +0100)]
Added proc/self/environ

Signed-off-by: Roland Haeder <roland@mxchange.org>
3 years agoAdded 'safe_mode' (php.ini setting).
Roland Haeder [Sat, 1 Nov 2014 10:46:41 +0000 (11:46 +0100)]
Added 'safe_mode' (php.ini setting).

Signed-off-by: Roland Haeder <roland@mxchange.org>
3 years agoDon't continue if the cookie has been set + ticket has created. 'unknown' was found...
Roland Haeder [Sat, 1 Nov 2014 10:30:26 +0000 (11:30 +0100)]
Don't continue if the cookie has been set + ticket has created. 'unknown' was found as IP address.

Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years agoAdded some php.ini settings to block
Roland Haeder [Fri, 18 Oct 2013 20:29:05 +0000 (20:29 +0000)]
Added some php.ini settings to block

4 years agoOpps, did forget the fetch :(
Roland Haeder [Mon, 12 Aug 2013 18:45:59 +0000 (18:45 +0000)]
Opps, did forget the fetch :(

4 years agoNo more ORDER BY required, cool.
Roland Haeder [Mon, 12 Aug 2013 18:38:24 +0000 (18:38 +0000)]
No more ORDER BY required, cool.

4 years agoAdded index + optimized query
Roland Haeder [Mon, 12 Aug 2013 18:20:27 +0000 (18:20 +0000)]
Added index + optimized query

4 years agoReverted removal, maybe now working?
Roland Haeder [Sun, 11 Aug 2013 12:32:43 +0000 (12:32 +0000)]
Reverted removal, maybe now working?

4 years agoOpps :(
Roland Haeder [Sun, 11 Aug 2013 12:23:57 +0000 (12:23 +0000)]
Opps :(

4 years ago:( Not good enough
Roland Haeder [Sun, 11 Aug 2013 12:17:01 +0000 (12:17 +0000)]
:( Not good enough

4 years agoAdded logging/detection of proxy IP address
Roland Haeder [Sun, 11 Aug 2013 12:15:49 +0000 (12:15 +0000)]
Added logging/detection of proxy IP address

4 years agoserver_name and script_name can now be NULL and set all empty strings to NULL, added...
Roland Haeder [Sun, 11 Aug 2013 12:02:25 +0000 (12:02 +0000)]
server_name and script_name can now be NULL and set all empty strings to NULL, added %3E%3C (><) which indicates an attempt to insert a HTML link into a badly secured URL

4 years ago%20 was to much here
Roland Haeder [Fri, 9 Aug 2013 18:25:05 +0000 (18:25 +0000)]
%20 was to much here

4 years agoJust '/group' was to restrictive (e.g. breaks StatusNet)
Roland Haeder [Fri, 26 Jul 2013 19:22:10 +0000 (19:22 +0000)]
Just '/group' was to restrictive (e.g. breaks StatusNet)

4 years agoAdded 'Autocomplete' as known-incompatible plugin
Roland Haeder [Thu, 25 Jul 2013 04:43:40 +0000 (04:43 +0000)]
Added 'Autocomplete' as known-incompatible plugin

4 years agoUpdated TODOs.txt
Roland Haeder [Sat, 20 Jul 2013 14:42:37 +0000 (14:42 +0000)]
Updated TODOs.txt

4 years agoFix for parser error :(
Roland Haeder [Sat, 20 Jul 2013 14:24:44 +0000 (14:24 +0000)]
Fix for parser error :(

4 years agoResorted almost all pattern checks + used more single-quotes than double
Roland Haeder [Sat, 20 Jul 2013 14:24:06 +0000 (14:24 +0000)]
Resorted almost all pattern checks + used more single-quotes than double

4 years agoWrappers like data://, tcp:// et cetera now blacklisted
Roland Haeder [Sat, 20 Jul 2013 13:30:14 +0000 (13:30 +0000)]
Wrappers like data://, tcp:// et cetera now blacklisted

4 years agoUse constants instead of keywords
Roland Haeder [Sat, 20 Jul 2013 13:07:03 +0000 (13:07 +0000)]
Use constants instead of keywords

4 years agoFixes (opps) for bad check, blocked all
Roland Haeder [Thu, 18 Jul 2013 00:53:17 +0000 (00:53 +0000)]
Fixes (opps) for bad check, blocked all

4 years agoExperimental commit:
Roland Haeder [Thu, 18 Jul 2013 00:07:58 +0000 (00:07 +0000)]
Experimental commit:
decode URL before checking to avoid something like this: q=%2FopenFooBar which
would be converted to q=%2fopenfoobar and then blocked as 'fopen' is then found.

This happens with StatusNet 1.1.1

4 years agoAdded incompatible notice
Roland Haeder [Thu, 27 Jun 2013 20:22:57 +0000 (20:22 +0000)]
Added incompatible notice

4 years agoExcluded secure_session=1 from mantis
Roland Haeder [Tue, 4 Jun 2013 13:57:14 +0000 (13:57 +0000)]
Excluded secure_session=1 from mantis

5 years agoNow use str_ireplace()
Roland Haeder [Thu, 18 Apr 2013 22:00:32 +0000 (22:00 +0000)]
Now use str_ireplace()

5 years agoBetter use this?
Roland Haeder [Sat, 30 Mar 2013 06:01:32 +0000 (06:01 +0000)]
Better use this?

5 years agoExtended is correct
Roland Haeder [Mon, 11 Mar 2013 23:04:23 +0000 (23:04 +0000)]
Extended is correct

5 years agoRemove even more
Roland Haeder [Tue, 26 Feb 2013 22:08:17 +0000 (22:08 +0000)]
Remove even more

5 years agounsetCtrackerData() introduced
Roland Haeder [Tue, 26 Feb 2013 21:46:56 +0000 (21:46 +0000)]
unsetCtrackerData() introduced

5 years agoDocu updated, detection array resorted a little
Roland Haeder [Thu, 20 Dec 2012 20:46:07 +0000 (20:46 +0000)]
Docu updated, detection array resorted a little

5 years agoBlocked also %27 (')
Roland Haeder [Wed, 24 Oct 2012 22:46:51 +0000 (22:46 +0000)]
Blocked also %27 (')

5 years agoDetection of attempt of SQL injections added
Roland Haeder [Wed, 24 Oct 2012 22:16:00 +0000 (22:16 +0000)]
Detection of attempt of SQL injections added

5 years agoTaken care of possible missing elements
Roland Haeder [Sat, 29 Sep 2012 22:06:08 +0000 (22:06 +0000)]
Taken care of possible missing elements

6 years ago'cmd=' broke to many legtime requests, cmd.exe should kill Windozer attacks a little...
Roland Haeder [Tue, 27 Sep 2011 18:27:44 +0000 (18:27 +0000)]
'cmd=' broke to many legtime requests, cmd.exe should kill Windozer attacks a little more

6 years ago.pl harms also legitime requests
Roland Haeder [Wed, 14 Sep 2011 10:59:31 +0000 (10:59 +0000)]
.pl harms also legitime requests

6 years agoNow all forms of '0x' are detected
Roland Haeder [Sat, 27 Aug 2011 23:10:59 +0000 (23:10 +0000)]
Now all forms of '0x' are detected

6 years agoDOCUMENT_ROOT and _SERVER added (avoid these things please)
Roland Haeder [Sat, 27 Aug 2011 23:05:40 +0000 (23:05 +0000)]
DOCUMENT_ROOT and _SERVER added (avoid these things please)

6 years agoBlock also these
Roland Haeder [Fri, 29 Jul 2011 09:43:07 +0000 (09:43 +0000)]
Block also these

6 years agoinit also this
Roland Haeder [Fri, 29 Jul 2011 05:18:51 +0000 (05:18 +0000)]
init also this

6 years agoFix for missing 'ctracker_post_track'
Roland Haeder [Fri, 29 Jul 2011 05:05:41 +0000 (05:05 +0000)]
Fix for missing 'ctracker_post_track'

6 years agoDetection of hexa-decimal encoded (0xXXXXX) strings added
Roland Haeder [Fri, 24 Jun 2011 12:47:17 +0000 (12:47 +0000)]
Detection of hexa-decimal encoded (0xXXXXX) strings added

7 years agosvn:eol-style set to 'native'
Roland Haeder [Wed, 20 Apr 2011 04:55:37 +0000 (04:55 +0000)]
svn:eol-style set to 'native'

7 years agoDuplicate entries removed, typo fixed
Roland Haeder [Sun, 10 Apr 2011 21:03:41 +0000 (21:03 +0000)]
Duplicate entries removed, typo fixed

7 years agoCopyright updated
Roland Haeder [Sun, 6 Mar 2011 11:29:30 +0000 (11:29 +0000)]
Copyright updated

7 years agoSome obsolete comment removed
Roland Haeder [Sun, 6 Mar 2011 11:28:32 +0000 (11:28 +0000)]
Some obsolete comment removed

7 years agoFixed error reporting for debug mode
Roland Haeder [Wed, 9 Feb 2011 14:19:14 +0000 (14:19 +0000)]
Fixed error reporting for debug mode

7 years agoDefault value of 'count' needs to be 1
Roland Haeder [Fri, 26 Nov 2010 15:30:03 +0000 (15:30 +0000)]
Default value of 'count' needs to be 1

7 years agoConfiguration entry 'ctracker_debug' renamed to 'ctracker_debug_enabled' to make...
Roland Haeder [Tue, 5 Oct 2010 11:43:54 +0000 (11:43 +0000)]
Configuration entry 'ctracker_debug' renamed to 'ctracker_debug_enabled' to make clear this is a boolean config

7 years agoSome code blocks moved, detection of '..//' added, user-agent is now securely used
Roland Haeder [Thu, 23 Sep 2010 12:09:23 +0000 (12:09 +0000)]
Some code blocks moved, detection of '..//' added, user-agent is now securely used

7 years agoSVN properties globally set
Roland Haeder [Tue, 14 Sep 2010 14:19:35 +0000 (14:19 +0000)]
SVN properties globally set

7 years ago'Based on' added, /proc/ will now be detected, do not use it in your scripts
Roland Haeder [Fri, 20 Aug 2010 08:27:38 +0000 (08:27 +0000)]
'Based on' added, /proc/ will now be detected, do not use it in your scripts

7 years agoFixes for missing config if no database link is provided
Roland Haeder [Sun, 18 Jul 2010 12:03:51 +0000 (12:03 +0000)]
Fixes for missing config if no database link is provided

7 years agoTODOs.txt updated ...
Roland Haeder [Thu, 8 Jul 2010 22:19:09 +0000 (22:19 +0000)]
TODOs.txt updated ...

7 years agoDocumentation does now make a notice about database-less operations
Roland Haeder [Thu, 8 Jul 2010 21:50:51 +0000 (21:50 +0000)]
Documentation does now make a notice about database-less operations

7 years agoUpdated to allow database-less operation
Roland Haeder [Thu, 8 Jul 2010 21:47:56 +0000 (21:47 +0000)]
Updated to allow database-less operation

7 years agoRenamed
Roland Haeder [Sun, 20 Jun 2010 16:10:13 +0000 (16:10 +0000)]
Renamed

7 years agoLog of first attempt fixed
Roland Haeder [Sun, 16 May 2010 02:20:40 +0000 (02:20 +0000)]
Log of first attempt fixed

7 years agoFix
Roland Haeder [Sun, 16 May 2010 02:17:39 +0000 (02:17 +0000)]
Fix

7 years agoThis should also not be used in URLs
Roland Haeder [Sat, 15 May 2010 07:37:33 +0000 (07:37 +0000)]
This should also not be used in URLs

7 years agoMissing form elements handled
Roland Haeder [Tue, 11 May 2010 09:19:49 +0000 (09:19 +0000)]
Missing form elements handled

7 years agoFix #4 from root...
root [Tue, 11 May 2010 08:17:41 +0000 (08:17 +0000)]
Fix #4 from root...

7 years agoFix #3
Roland Haeder [Tue, 11 May 2010 08:12:54 +0000 (08:12 +0000)]
Fix #3

7 years agoFix #2
Roland Haeder [Tue, 11 May 2010 08:10:56 +0000 (08:10 +0000)]
Fix #2

7 years agoFixes... :(
Roland Haeder [Tue, 11 May 2010 08:09:48 +0000 (08:09 +0000)]
Fixes... :(

7 years agoComplete rewrite:
Roland Haeder [Tue, 11 May 2010 07:58:56 +0000 (07:58 +0000)]
Complete rewrite:
- Very simple and basic template system (HTML and email) added
- Templates are language-dependent or indepented, this depends on if you call
  crackerTrackerLoadTemplate() or crackerTrackerLoadLocalizedTemplate()
- Email templates are always language-depenent... :-)
- Flexible database auto-update added (please just call your secured script
  normally!)
- Language sub-system added (German and English language is complete)
- Suport ticket added which gives your users, if his IP has recent malicious
  activities on the secured server, a support ticket form where they can request
  help. After the form is sent, the user can fully disable that warning. This is
  done by the script sends him a cookie with his ticket id.
- This support ticket system can be switched off and a little configured in
  the database table 'ctracker_config'. You can currently change the following
  values there:
  + Minimum random delay in seconds (default: 10 seconds)
  + Maximum random delay in seconds (default: 30 seconds)
  + Wether the support ticket system is on/off (default: on)
  + Which language you prefer to read (default: en)
- README updated

7 years agoAdded more flexible options
Roland Haeder [Tue, 4 May 2010 18:31:12 +0000 (18:31 +0000)]
Added more flexible options

7 years agoUpdated
Roland Haeder [Tue, 4 May 2010 17:25:46 +0000 (17:25 +0000)]
Updated

7 years agoUpdated
Roland Haeder [Tue, 4 May 2010 17:08:27 +0000 (17:08 +0000)]
Updated

8 years agoRenamed to bypass naming conflicts
Roland Haeder [Thu, 7 Jan 2010 16:17:25 +0000 (16:17 +0000)]
Renamed to bypass naming conflicts