elkarte /
Elkarte
| Conditions | 10 |
| Paths | 31 |
| Total Lines | 192 |
| Code Lines | 155 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php if (!defined('BB2_CORE')) die('I said no cheating!'); |
||
| 3 | function bb2_blacklist($package) { |
||
| 4 | |||
| 5 | // Blacklisted user agents |
||
| 6 | // These user agent strings occur at the beginning of the line. |
||
| 7 | $bb2_spambots_0 = array( |
||
| 8 | "-", // brute force password attempts, malicious botnet |
||
| 9 | "8484 Boston Project", // video poker/porn spam |
||
| 10 | "ArchiveTeam", // ignores robots.txt and hammers server |
||
| 11 | "adwords", // referrer spam |
||
| 12 | "autoemailspider", // spam harvester |
||
| 13 | "blogsearchbot-martin", // from honeypot |
||
| 14 | "BrowserEmulator/", // open proxy software |
||
| 15 | "CherryPicker", // spam harvester |
||
| 16 | "core-project/", // FrontPage extension exploits |
||
| 17 | "Diamond", // delivers spyware/adware |
||
| 18 | "Digger", // spam harvester |
||
| 19 | "ecollector", // spam harvester |
||
| 20 | "EmailCollector", // spam harvester |
||
| 21 | "Email Siphon", // spam harvester |
||
| 22 | "EmailSiphon", // spam harvester |
||
| 23 | "Forum Poster", // forum spambot |
||
| 24 | "grub crawler", // misc comment/email spam |
||
| 25 | "HttpProxy", // misc comment/email spam |
||
| 26 | "Internet Explorer", // XMLRPC exploits seen |
||
| 27 | "ISC Systems iRc", // spam harvester |
||
| 28 | "Jakarta Commons", // customised spambots |
||
| 29 | "Java 1.", // unidentified robots |
||
| 30 | "Java/1.", // unidentified robots |
||
| 31 | "libwww-perl", // unidentified robots |
||
| 32 | "LWP", // unidentified robots |
||
| 33 | "lwp", // unidentified robots |
||
| 34 | "Microsoft Internet Explorer/", // too old; assumed robot |
||
| 35 | "Microsoft URL", // unidentified robots |
||
| 36 | "Missigua", // spam harvester |
||
| 37 | "MJ12bot/v1.0.8", // malicious botnet |
||
| 38 | "Morfeus", // vulnerability scanner |
||
| 39 | "Movable Type", // customised spambots |
||
| 40 | // msnbot is using this fake user agent string now |
||
| 41 | //"Mozilla ", // malicious software |
||
| 42 | "Mozilla/0", // malicious software |
||
| 43 | "Mozilla/1", // malicious software |
||
| 44 | "Mozilla/2", // malicious software |
||
| 45 | "Mozilla/3", // malicious software |
||
| 46 | "Mozilla/4.0(", // from honeypot |
||
| 47 | "Mozilla/4.0+(compatible;+", // suspicious harvester |
||
| 48 | "Mozilla/4.0 (Hydra)", // brute force tool |
||
| 49 | "MSIE", // malicious software |
||
| 50 | "MVAClient", // automated hacking attempts |
||
| 51 | "Nessus", // vulnerability scanner |
||
| 52 | "NutchCVS", // unidentified robots |
||
| 53 | "Nutscrape/", // misc comment spam |
||
| 54 | "OmniExplorer", // spam harvester |
||
| 55 | "Opera/9.64(", // comment spam bot |
||
| 56 | "PMAFind", // vulnerability scanner |
||
| 57 | "psycheclone", // spam harvester |
||
| 58 | "PussyCat ", // misc comment spam |
||
| 59 | "PycURL", // misc comment spam |
||
| 60 | "Python-urllib", // commonly abused |
||
| 61 | "revolt", // vulnerability scanner |
||
| 62 | // WP 2.5 now has Flash; FIXME |
||
| 63 | // "Shockwave Flash", // spam harvester |
||
| 64 | "sqlmap/", // SQL injection |
||
| 65 | "Super Happy Fun ", // spam harvester |
||
| 66 | "TrackBack/", // trackback spam |
||
| 67 | "user", // suspicious harvester |
||
| 68 | "User Agent: ", // spam harvester |
||
| 69 | "User-Agent: ", // spam harvester |
||
| 70 | "w3af", // vulnerability scanner |
||
| 71 | "WebSite-X Suite", // misc comment spam |
||
| 72 | "Winnie Poh", // Automated Coppermine hacks |
||
| 73 | "Wordpress", // malicious software |
||
| 74 | "\"", // malicious software |
||
| 75 | ); |
||
| 76 | |||
| 77 | // These user agent strings occur anywhere within the line. |
||
| 78 | $bb2_spambots = array( |
||
| 79 | "\r", // A really dumb bot |
||
| 80 | "<sc", // XSS exploit attempts |
||
| 81 | "; Widows ", // misc comment/email spam |
||
| 82 | ": ;", // shellshock |
||
| 83 | ":;", // shellshock |
||
| 84 | "a href=", // referrer spam |
||
| 85 | "ArchiveBot", // ignores robots.txt and hammers server |
||
| 86 | "Bad Behavior Test", // Add this to your user-agent to test BB |
||
| 87 | "compatible ; MSIE", // misc comment/email spam |
||
| 88 | "compatible-", // misc comment/email spam |
||
| 89 | "DTS Agent", // misc comment/email spam |
||
| 90 | "Email Extractor", // spam harvester |
||
| 91 | "Firebird/", // too old; assumed robot |
||
| 92 | "Gecko/2525", // revisit this in 500 years |
||
| 93 | "grub-client", // search engine ignores robots.txt |
||
| 94 | "hanzoweb", // very badly behaved crawler |
||
| 95 | "Havij", // SQL injection tool |
||
| 96 | "Indy Library", // misc comment/email spam |
||
| 97 | "Ming Mong", // brute force tool |
||
| 98 | "MSIE 7.0; Windows NT 5.2", // Cyveillance |
||
| 99 | "Murzillo compatible", // comment spam bot |
||
| 100 | ".NET CLR 1)", // free poker, etc. |
||
| 101 | ".NET CLR1", // spam harvester |
||
| 102 | "Netsparker", // vulnerability scanner |
||
| 103 | "Nikto/", // vulnerability scanner |
||
| 104 | "Perman Surfer", // old and very broken harvester |
||
| 105 | "POE-Component-Client", // free poker, etc. |
||
| 106 | "Teh Forest Lobster", // brute force tool |
||
| 107 | "Turing Machine", // www.anonymizer.com abuse |
||
| 108 | "Ubuntu/9.25", // comment spam bot |
||
| 109 | "unspecified.mail", // stealth harvesters |
||
| 110 | "User-agent: ", // spam harvester/splogger |
||
| 111 | "WebaltBot", // spam harvester |
||
| 112 | "WISEbot", // spam harvester |
||
| 113 | "WISEnutbot", // spam harvester |
||
| 114 | "Win95", // too old; assumed robot |
||
| 115 | "Win98", // too old; assumed robot |
||
| 116 | "WinME", // too old; assumed robot |
||
| 117 | "Win 9x 4.90", // too old; assumed robot |
||
| 118 | "Windows 3", // too old; assumed robot |
||
| 119 | "Windows 95", // too old; assumed robot |
||
| 120 | "Windows 98", // too old; assumed robot |
||
| 121 | "Windows NT 4", // too old; assumed robot |
||
| 122 | "Windows NT;", // too old; assumed robot |
||
| 123 | #"Windows NT 4.0;)", // wikispam bot |
||
| 124 | "Windows NT 5.0;)", // wikispam bot |
||
| 125 | "Windows NT 5.1;)", // wikispam bot |
||
| 126 | "Windows XP 5", // spam harvester |
||
| 127 | "WordPress/4.01", // pingback spam |
||
| 128 | "Xedant Human Emulator",// spammer script engine |
||
| 129 | "ZmEu", // exploit scanner |
||
| 130 | "\\\\)", // spam harvester |
||
| 131 | ); |
||
| 132 | |||
| 133 | // These are regular expression matches. |
||
| 134 | $bb2_spambots_regex = array( |
||
| 135 | "/^[A-Z]{10}$/", // misc email spam |
||
| 136 | "/[bcdfghjklmnpqrstvwxz ]{8,}/", |
||
| 137 | // "/(;\){1,2}$/", // misc spammers/harvesters |
||
| 138 | "/MSIE.*Windows XP/", // misc comment spam |
||
| 139 | "/MSIE [2345]/", // too old; assumed robot |
||
| 140 | ); |
||
| 141 | |||
| 142 | // Blacklisted URL strings |
||
| 143 | // These strings are considered case-insensitive. |
||
| 144 | $bb2_spambots_url = array( |
||
| 145 | "0x31303235343830303536", // Havij |
||
| 146 | "../", // path traversal |
||
| 147 | "..\\", // path traversal |
||
| 148 | "%60information_schema%60", // SQL injection probe |
||
| 149 | "+%2F*%21", // SQL injection probe |
||
| 150 | "%27--", // SQL injection |
||
| 151 | "%27 --", // SQL injection |
||
| 152 | "%27%23", // SQL injection |
||
| 153 | "%27 %23", // SQL injection |
||
| 154 | "benchmark%28", // SQL injection probe |
||
| 155 | "insert+into+", // SQL injection |
||
| 156 | "r3dm0v3", // SQL injection probe |
||
| 157 | "select+1+from", // SQL injection probe |
||
| 158 | "union+all+select", // SQL injection probe |
||
| 159 | "union+select", // SQL injection probe |
||
| 160 | "waitfor+delay+", // SQL injection probe |
||
| 161 | "w00tw00t", // vulnerability scanner |
||
| 162 | ); |
||
| 163 | |||
| 164 | // Do not edit below this line. |
||
| 165 | |||
| 166 | @$ua = $package['headers_mixed']['User-Agent']; |
||
| 167 | @$uri = $package['request_uri']; |
||
| 168 | |||
| 169 | foreach ($bb2_spambots_0 as $spambot) { |
||
| 170 | $pos = strpos($ua, $spambot); |
||
| 171 | if ($pos !== FALSE && $pos == 0) { |
||
| 172 | return "17f4e8c8"; |
||
| 173 | } |
||
| 174 | } |
||
| 175 | |||
| 176 | foreach ($bb2_spambots as $spambot) { |
||
| 177 | if (strpos($ua, $spambot) !== FALSE) { |
||
| 178 | return "17f4e8c8"; |
||
| 179 | } |
||
| 180 | } |
||
| 181 | |||
| 182 | foreach ($bb2_spambots_regex as $spambot) { |
||
| 183 | if (preg_match($spambot, $ua)) { |
||
| 184 | return "17f4e8c8"; |
||
| 185 | } |
||
| 186 | } |
||
| 187 | |||
| 188 | foreach ($bb2_spambots_url as $spambot) { |
||
| 189 | if (stripos($uri, $spambot) !== FALSE) { |
||
| 190 | return "96c0bd29"; |
||
| 191 | } |
||
| 192 | } |
||
| 193 | |||
| 194 | return FALSE; |
||
| 195 | } |
||
| 196 |
