Parašė Dandžu· 2008 Lie. 16 10:07:52
#13
Nu susikuri .php failą ir į jį įrašai šitą. Tada suvedi savo duomenis kur reikia ir viskas.
<?php
$email = "tavo@emailas.lt";
$req = $_SERVER['REQUEST_URI'];
$cadena = explode("?", $req);
$mi_url = $cadena[0];
$resto = $cadena[1];
$inyecc='/SERVER|http|<|>|%3c|%3e|SELECT|UNION|UPDATE|INSERT/i';
if (preg_match($inyecc, $resto)) {
$ip = $HTTP_SERVER_VARS["HTTP_CLIENT_IP"];
$forwarded = $HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"];
$remoteaddress = $HTTP_SERVER_VARS["REMOTE_ADDR"];
// message and kill execution
ban('bomzas');
}
function ban($type="bomzas") {
global $_SERVER,$ip,$forwarded,$remoteaddress, $email;
$atidaryti = fopen(".htaccess", "a+");
@fwrite($atidaryti, "\n#".date()." - FROM:".$_SERVER["HTTP_REFERER"]." - REQ:".$_SERVER['REQUEST_METHOD']." - FILE:".basename($_SERVER['SCRIPT_FILENAME'])." - QUERY:".$_SERVER['QUERY_STRING']."\ndeny from ".$_SERVER['REMOTE_ADDR']."\n");
@fclose($atidaryti);
@chmod(".htaccess", 0777);
if ($type == "bomzas") {
$message = "
".date()." - FROM:".$_SERVER["HTTP_REFERER"]."\n -\n REQ:".$_SERVER['REQUEST_METHOD']."\n -\n FILE:".basename($_SERVER['SCRIPT_FILENAME'])."\n -\n QUERY:".$_SERVER['QUERY_STRING']."\n -\n IP:".$_SERVER['REMOTE_ADDR']."\n\n
--------- end --------------------";
}
mail($email, $type." - web-trojanas - ".date()."", $message,"From: host@{$_SERVER['SERVER_NAME']}");
die("<h1>$type</h1>DRAUD?IAMA!<hr/>Susisiekite su administracija: ".$email);
}
?>