kristuff /
abuseipdb
@@ -28,10 +28,10 @@ discard block |
||
| 28 | 28 | */ |
| 29 | 29 | abstract class ApiDefintion |
| 30 | 30 | { |
| 31 | - /** |
|
| 32 | - * AbuseIPDB API v2 Endpoint |
|
| 33 | - * @var string $api_endpoint |
|
| 34 | - */ |
|
| 31 | + /** |
|
| 32 | + * AbuseIPDB API v2 Endpoint |
|
| 33 | + * @var string $api_endpoint |
|
| 34 | + */ |
|
| 35 | 35 | protected $aipdbApiEndpoint = 'https://api.abuseipdb.com/api/v2/'; |
| 36 | 36 | |
| 37 | 37 | /** |
@@ -67,7 +67,7 @@ discard block |
||
| 67 | 67 | // Open proxy, open relay, or Tor exit node. |
| 68 | 68 | 'openproxy' => ['9', 'Open Proxy', true], |
| 69 | 69 | |
| 70 | - // Comment/forum spam, HTTP referer spam, or other CMS spam. |
|
| 70 | + // Comment/forum spam, HTTP referer spam, or other CMS spam. |
|
| 71 | 71 | 'webspam' => ['10', 'Web Spam', true], |
| 72 | 72 | |
| 73 | 73 | // Spam email content, infected attachments, and phishing emails. Note: Limit comments to only relevent |
@@ -118,6 +118,6 @@ discard block |
||
| 118 | 118 | // Abuse was targeted at an "Internet of Things" type device. Include |
| 119 | 119 | // information about what type of device was targeted in the comments. |
| 120 | 120 | 'oit' => ['23', 'IoT Targeted', true], |
| 121 | - ]; |
|
| 121 | + ]; |
|
| 122 | 122 | |
| 123 | 123 | } |
| 124 | 124 | \ No newline at end of file |
@@ -41,83 +41,83 @@ |
||
| 41 | 41 | protected $aipdbApiCategories = [ |
| 42 | 42 | |
| 43 | 43 | // Altering DNS records resulting in improper redirection. |
| 44 | - 'dns-c' => ['1', 'DNS Compromise', true], |
|
| 44 | + 'dns-c' => [ '1', 'DNS Compromise', true ], |
|
| 45 | 45 | |
| 46 | 46 | // Falsifying domain server cache (cache poisoning). |
| 47 | - 'dns-p' => ['2', 'DNS Poisoning', true], |
|
| 47 | + 'dns-p' => [ '2', 'DNS Poisoning', true ], |
|
| 48 | 48 | |
| 49 | 49 | // Fraudulent orders. |
| 50 | - 'fraud-orders' => ['3', 'Fraud Orders', true], |
|
| 50 | + 'fraud-orders' => [ '3', 'Fraud Orders', true ], |
|
| 51 | 51 | |
| 52 | 52 | // Participating in distributed denial-of-service (usually part of botnet). |
| 53 | - 'ddos' => ['4', 'DDoS Attack', true], |
|
| 53 | + 'ddos' => [ '4', 'DDoS Attack', true ], |
|
| 54 | 54 | |
| 55 | 55 | // |
| 56 | - 'ftp-bf' => ['5', 'FTP Brute-Force', true], |
|
| 56 | + 'ftp-bf' => [ '5', 'FTP Brute-Force', true ], |
|
| 57 | 57 | |
| 58 | 58 | // Oversized IP packet. |
| 59 | - 'pingdeath' => ['6', 'Ping of Death', true], |
|
| 59 | + 'pingdeath' => [ '6', 'Ping of Death', true ], |
|
| 60 | 60 | |
| 61 | 61 | // Phishing websites and/or email. |
| 62 | - 'phishing' => ['7', 'Phishing', true], |
|
| 62 | + 'phishing' => [ '7', 'Phishing', true ], |
|
| 63 | 63 | |
| 64 | 64 | // |
| 65 | - 'fraudvoip' => ['8', 'Fraud VoIP', true], |
|
| 65 | + 'fraudvoip' => [ '8', 'Fraud VoIP', true ], |
|
| 66 | 66 | |
| 67 | 67 | // Open proxy, open relay, or Tor exit node. |
| 68 | - 'openproxy' => ['9', 'Open Proxy', true], |
|
| 68 | + 'openproxy' => [ '9', 'Open Proxy', true ], |
|
| 69 | 69 | |
| 70 | 70 | // Comment/forum spam, HTTP referer spam, or other CMS spam. |
| 71 | - 'webspam' => ['10', 'Web Spam', true], |
|
| 71 | + 'webspam' => [ '10', 'Web Spam', true ], |
|
| 72 | 72 | |
| 73 | 73 | // Spam email content, infected attachments, and phishing emails. Note: Limit comments to only relevent |
| 74 | 74 | // information (instead of log dumps) and be sure to remove PII if you want to remain anonymous. |
| 75 | - 'emailspam' => ['11', 'Email Spam', true], |
|
| 75 | + 'emailspam' => [ '11', 'Email Spam', true ], |
|
| 76 | 76 | |
| 77 | 77 | // CMS blog comment spam. |
| 78 | - 'blogspam' => ['12', 'Blog Spam', true], |
|
| 78 | + 'blogspam' => [ '12', 'Blog Spam', true ], |
|
| 79 | 79 | |
| 80 | 80 | // Conjunctive category. |
| 81 | - 'vpnip' => ['13', 'VPN IP', false], // to check alone ?? |
|
| 81 | + 'vpnip' => [ '13', 'VPN IP', false ], // to check alone ?? |
|
| 82 | 82 | |
| 83 | 83 | // Scanning for open ports and vulnerable services. |
| 84 | - 'scan' => ['14', 'Port Scan', true], |
|
| 84 | + 'scan' => [ '14', 'Port Scan', true ], |
|
| 85 | 85 | |
| 86 | 86 | // seems to can't be used alone |
| 87 | - 'hack' => ['15', 'Hacking', false], |
|
| 87 | + 'hack' => [ '15', 'Hacking', false ], |
|
| 88 | 88 | |
| 89 | 89 | // Attempts at SQL injection. |
| 90 | - 'sql' => ['16', 'SQL Injection', true], |
|
| 90 | + 'sql' => [ '16', 'SQL Injection', true ], |
|
| 91 | 91 | |
| 92 | 92 | // Email sender spoofing. |
| 93 | - 'spoof' => ['17', 'Spoofing', true], |
|
| 93 | + 'spoof' => [ '17', 'Spoofing', true ], |
|
| 94 | 94 | |
| 95 | 95 | // Credential brute-force attacks on webpage logins and services like SSH, FTP, SIP, SMTP, RDP, etc. |
| 96 | 96 | // This category is seperate from DDoS attacks. |
| 97 | - 'brute' => ['18', 'Brute-Force', true], |
|
| 97 | + 'brute' => [ '18', 'Brute-Force', true ], |
|
| 98 | 98 | |
| 99 | 99 | // Webpage scraping (for email addresses, content, etc) and crawlers that do not honor robots.txt. |
| 100 | 100 | // Excessive requests and user agent spoofing can also be reported here. |
| 101 | - 'badbot' => ['19', 'Bad Web Bot', true], |
|
| 101 | + 'badbot' => [ '19', 'Bad Web Bot', true ], |
|
| 102 | 102 | |
| 103 | 103 | |
| 104 | 104 | // Host is likely infected with malware and being used for other attacks or to host malicious content. |
| 105 | 105 | // The host owner may not be aware of the compromise. This category is often used in combination |
| 106 | 106 | // with other attack categories. |
| 107 | - 'explhost' => ['20', 'Exploited Host', true], |
|
| 107 | + 'explhost' => [ '20', 'Exploited Host', true ], |
|
| 108 | 108 | |
| 109 | 109 | // Attempts to probe for or exploit installed web applications such as a CMS |
| 110 | 110 | // like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and |
| 111 | 111 | // various other software plugins/solutions. |
| 112 | - 'webattack' => ['21', 'Web App Attack', true ], |
|
| 112 | + 'webattack' => [ '21', 'Web App Attack', true ], |
|
| 113 | 113 | |
| 114 | 114 | // Secure Shell (SSH) abuse. Use this category in combination |
| 115 | 115 | // with more specific categories. |
| 116 | - 'ssh' => ['22', 'SSH', false], |
|
| 116 | + 'ssh' => [ '22', 'SSH', false ], |
|
| 117 | 117 | |
| 118 | 118 | // Abuse was targeted at an "Internet of Things" type device. Include |
| 119 | 119 | // information about what type of device was targeted in the comments. |
| 120 | - 'oit' => ['23', 'IoT Targeted', true], |
|
| 120 | + 'oit' => [ '23', 'IoT Targeted', true ], |
|
| 121 | 121 | ]; |
| 122 | 122 | |
| 123 | 123 | } |
| 124 | 124 | \ No newline at end of file |
@@ -80,8 +80,8 @@ discard block |
||
| 80 | 80 | 'userId' => $this->aipdbUserId, |
| 81 | 81 | 'apiKey' => $this->aipdbApiKey, |
| 82 | 82 | |
| 83 | - // TODO 'selfIps' => $this->selfIps, |
|
| 84 | - // TODO default report cat |
|
| 83 | + // TODO 'selfIps' => $this->selfIps, |
|
| 84 | + // TODO default report cat |
|
| 85 | 85 | ); |
| 86 | 86 | } |
| 87 | 87 | |
@@ -136,7 +136,7 @@ discard block |
||
| 136 | 136 | */ |
| 137 | 137 | public function report(string $ip = '', array $categories = [], $message = '') |
| 138 | 138 | { |
| 139 | - // ip must be set |
|
| 139 | + // ip must be set |
|
| 140 | 140 | if (empty($ip)){ |
| 141 | 141 | throw new \InvalidArgumentException('Ip was empty'); |
| 142 | 142 | } |
@@ -147,7 +147,7 @@ discard block |
||
| 147 | 147 | } |
| 148 | 148 | |
| 149 | 149 | // message must be set |
| 150 | - if (empty($message)){ |
|
| 150 | + if (empty($message)){ |
|
| 151 | 151 | throw new \InvalidArgumentException('report message was empty'); |
| 152 | 152 | } |
| 153 | 153 | |
@@ -219,9 +219,9 @@ discard block |
||
| 219 | 219 | |
| 220 | 220 | // check AbuseIPDB request |
| 221 | 221 | return $this->apiRequest('check', 'GET', [ |
| 222 | - 'ipAddress' => $ip, |
|
| 223 | - 'maxAgeInDays' => $maxAge, |
|
| 224 | - 'verbose' => true |
|
| 222 | + 'ipAddress' => $ip, |
|
| 223 | + 'maxAgeInDays' => $maxAge, |
|
| 224 | + 'verbose' => true |
|
| 225 | 225 | ]); |
| 226 | 226 | } |
| 227 | 227 | |
@@ -261,14 +261,14 @@ discard block |
||
| 261 | 261 | 'Key: ' . $this->aipdbApiKey, |
| 262 | 262 | ]); |
| 263 | 263 | |
| 264 | - // execute curl call |
|
| 265 | - $result = curl_exec($ch); |
|
| 264 | + // execute curl call |
|
| 265 | + $result = curl_exec($ch); |
|
| 266 | 266 | |
| 267 | - // close connection |
|
| 268 | - curl_close($ch); |
|
| 267 | + // close connection |
|
| 268 | + curl_close($ch); |
|
| 269 | 269 | |
| 270 | - // return response as json object |
|
| 271 | - return json_decode($result); |
|
| 270 | + // return response as json object |
|
| 271 | + return json_decode($result); |
|
| 272 | 272 | } |
| 273 | 273 | |
| 274 | 274 | /** |
@@ -276,10 +276,10 @@ discard block |
||
| 276 | 276 | * |
| 277 | 277 | * @access public |
| 278 | 278 | * @static |
| 279 | - * @param string $filePath The file's full path |
|
| 280 | - * @param bool [$trowError] Throw error on true or silent process. Default is true |
|
| 279 | + * @param string $filePath The file's full path |
|
| 280 | + * @param bool [$trowError] Throw error on true or silent process. Default is true |
|
| 281 | 281 | * |
| 282 | - * @return string|null |
|
| 282 | + * @return string|null |
|
| 283 | 283 | * @throws \Exception |
| 284 | 284 | * @throws \LogicException |
| 285 | 285 | */ |
@@ -287,10 +287,10 @@ discard block |
||
| 287 | 287 | { |
| 288 | 288 | // check file exists |
| 289 | 289 | if (!file_exists($filePath) || !is_file($filePath)){ |
| 290 | - if ($throwError) { |
|
| 290 | + if ($throwError) { |
|
| 291 | 291 | throw new \Exception('Config file not found'); |
| 292 | - } |
|
| 293 | - return null; |
|
| 292 | + } |
|
| 293 | + return null; |
|
| 294 | 294 | } |
| 295 | 295 | |
| 296 | 296 | // get and parse content |
@@ -50,7 +50,7 @@ discard block |
||
| 50 | 50 | * @access protected |
| 51 | 51 | * @var array $selfIps |
| 52 | 52 | */ |
| 53 | - protected $selfIps = []; |
|
| 53 | + protected $selfIps = [ ]; |
|
| 54 | 54 | |
| 55 | 55 | /** |
| 56 | 56 | * Constructor |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | * @param array $myIps The Ips you dont want to report |
| 62 | 62 | * |
| 63 | 63 | */ |
| 64 | - public function __construct(string $apiKey, string $userId, array $myIps = []) |
|
| 64 | + public function __construct(string $apiKey, string $userId, array $myIps = [ ]) |
|
| 65 | 65 | { |
| 66 | 66 | $this->aipdbApiKey = $apiKey; |
| 67 | 67 | $this->aipdbUserId = $userId; |
@@ -134,20 +134,20 @@ discard block |
||
| 134 | 134 | * @return stdClass|array |
| 135 | 135 | * @throws \InvalidArgumentException |
| 136 | 136 | */ |
| 137 | - public function report(string $ip = '', array $categories = [], $message = '') |
|
| 137 | + public function report(string $ip = '', array $categories = [ ], $message = '') |
|
| 138 | 138 | { |
| 139 | 139 | // ip must be set |
| 140 | - if (empty($ip)){ |
|
| 140 | + if (empty($ip)) { |
|
| 141 | 141 | throw new \InvalidArgumentException('Ip was empty'); |
| 142 | 142 | } |
| 143 | 143 | |
| 144 | 144 | // categories must be set |
| 145 | - if (empty($categories)){ |
|
| 145 | + if (empty($categories)) { |
|
| 146 | 146 | throw new \InvalidArgumentException('categories list was empty'); |
| 147 | 147 | } |
| 148 | 148 | |
| 149 | 149 | // message must be set |
| 150 | - if (empty($message)){ |
|
| 150 | + if (empty($message)) { |
|
| 151 | 151 | throw new \InvalidArgumentException('report message was empty'); |
| 152 | 152 | } |
| 153 | 153 | |
@@ -176,12 +176,12 @@ discard block |
||
| 176 | 176 | * @return string Formatted string id list ('18,2,3...') |
| 177 | 177 | * @throws \InvalidArgumentException |
| 178 | 178 | */ |
| 179 | - public function validateCategories(array $categories = []) |
|
| 179 | + public function validateCategories(array $categories = [ ]) |
|
| 180 | 180 | { |
| 181 | - $newList = []; |
|
| 181 | + $newList = [ ]; |
|
| 182 | 182 | $needAnother = false; |
| 183 | 183 | |
| 184 | - foreach ($categories as $cat){ |
|
| 184 | + foreach ($categories as $cat) { |
|
| 185 | 185 | |
| 186 | 186 | } |
| 187 | 187 | //todo |
@@ -208,12 +208,12 @@ discard block |
||
| 208 | 208 | $maxAge = intval($maxAge); |
| 209 | 209 | |
| 210 | 210 | // max age must less or equal to 365 |
| 211 | - if ($maxAge > 365 || $maxAge < 1){ |
|
| 211 | + if ($maxAge > 365 || $maxAge < 1) { |
|
| 212 | 212 | throw new \InvalidArgumentException('maxAge must be at least 1 and less than 365 (' . $maxAge . ' was given)'); |
| 213 | 213 | } |
| 214 | 214 | |
| 215 | 215 | //ip must be set |
| 216 | - if (empty($ip)){ |
|
| 216 | + if (empty($ip)) { |
|
| 217 | 217 | throw new \InvalidArgumentException('ip argument must be set (null given)'); |
| 218 | 218 | } |
| 219 | 219 | |
@@ -286,7 +286,7 @@ discard block |
||
| 286 | 286 | protected static function loadJsonFile(string $filePath, bool $throwError = true) |
| 287 | 287 | { |
| 288 | 288 | // check file exists |
| 289 | - if (!file_exists($filePath) || !is_file($filePath)){ |
|
| 289 | + if (!file_exists($filePath) || !is_file($filePath)) { |
|
| 290 | 290 | if ($throwError) { |
| 291 | 291 | throw new \Exception('Config file not found'); |
| 292 | 292 | } |
@@ -298,7 +298,7 @@ discard block |
||
| 298 | 298 | $json = json_decode(utf8_encode($content)); |
| 299 | 299 | |
| 300 | 300 | // check for errors |
| 301 | - if ($json == null && json_last_error() != JSON_ERROR_NONE){ |
|
| 301 | + if ($json == null && json_last_error() != JSON_ERROR_NONE) { |
|
| 302 | 302 | if ($throwError) { |
| 303 | 303 | throw new \LogicException(sprintf("Failed to parse config file Error: '%s'", json_last_error_msg())); |
| 304 | 304 | } |
