كود PHP:
<?xml version="1.0" encoding="ISO-8859-1"?>
<product productid="c_ct_v1" active="1">
<title>حمايه</title>
<description>Securesystem</description>
<version>1.0.2</version>
<codes>
</codes>
<templates>
</templates>
<plugins>
<plugin active="1">
<title>Cracker Tracker</title>
<hookname>init_startup</hookname>
<phpcode><![CDATA[/**
# CrackerTracker Plugin
# Cracker Tracker Protection System
# Created by: Christian Knerr - www.cback.de
#
# Version: 2.0.0 (vB-Plugin v1.0.2)
#
# License: GPL
*/
$cracktrack = $_SERVER['QUERY_STRING'];
$ct_rules = array('chr(', 'chr=', 'chr%20', '%20chr', 'wget%20', '%20wget', 'wget(',
'cmd=', '%20cmd', 'cmd%20', 'rush=', '%20rush', 'rush%20',
'union%20', '%20union', 'union(', 'union=', 'echr(', '%20echr', 'echr%20', 'echr=',
'esystem(', 'esystem%20', 'cp%20', '%20cp', 'cp(', 'mdir%20', '%20mdir', 'mdir(',
'mcd%20', 'mrd%20', 'rm%20', '%20mcd', '%20mrd', '%20rm',
'mcd(', 'mrd(', 'rm(', 'mcd=', 'mrd=', 'mv%20', 'rmdir%20', 'mv(', 'rmdir(',
'chmod(', 'chmod%20', '%20chmod', 'chmod(', 'chmod=', 'chown%20', 'chgrp%20', 'chown(', 'chgrp(',
'locate%20', 'grep%20', 'locate(', 'grep(', 'diff%20', 'kill%20', 'kill(', 'killall',
'passwd%20', '%20passwd', 'passwd(', 'telnet%20', 'vi(', 'vi%20',
'insert%20into', 'select%20', 'nigga(', '%20nigga', 'nigga%20', 'fopen', 'fwrite', '%20like', 'like%20',
'$_request', '$_get', '$request', '$get', '.system', 'HTTP_PHP', '&aim', '%20getenv', 'getenv%20',
'new_password', '/etc/password','/etc/shadow', '/etc/groups', '/etc/gshadow',
'HTTP_USER_AGENT', 'HTTP_HOST', '/bin/ps', 'wget%20', 'uname\x20-a', '/usr/bin/id',
'/bin/echo', '/bin/kill', '/bin/', '/chgrp', '/chown', '/usr/bin', 'g\+\+', 'bin/python',
'bin/tclsh', 'bin/nasm', 'perl%20', 'traceroute%20', 'ping%20', '.pl', '/usr/X11R6/bin/xterm', 'lsof%20',
'/bin/mail', '.conf', 'motd%20', 'HTTP/1.', '.inc.php', 'config.php', 'cgi-', '.eml',
'file\://', 'window.open', '<SCRIPT>', 'javascript\://','img src', 'img%20src','.jsp','ftp.exe',
'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell', 'nc.exe', '.htpasswd',
'servlet', '/etc/passwd', 'wwwacl', '~root', '~ftp', '.js', '.jsp', '.history',
'bash_history', '.bash_history', '~nobody', 'server-info', 'server-status', 'reboot%20', 'halt%20',
'powerdown%20', '/home/ftp', '/home/www', 'secure_site, ok', 'chunked', 'org.apache', '/servlet/con',
'<script', '/robot.txt' ,'/perl' ,'mod_gzip_status', 'db_mysql.inc', '.inc', 'select%20from',
'select from', 'drop%20', '.system', 'getenv', 'http_', '_php', '<?php', '?>', 'sql=',
'_global', 'global_', 'global[', '_server', 'server_', 'server[', 'phpadmin',
'root_path', '_globals', 'globals_', 'globals[', 'ISO-8859-1', 'http://www.google.de/search', '?hl=',
'.txt', '.exe', 'google.de/search', 'yahoo.de', 'lycos.de', 'fireball.de', 'ISO-'
);
// , 'admin_', '&icq', 'php_', 'phpinfo()'
$cracktrack = strtolower($cracktrack);
$checkworm = str_replace($ct_rules, '*', $cracktrack);
if ($cracktrack != $checkworm)
{
$ctinject_txt = DIR . '/elog/logfile_injects.txt';
$ctcounter_txt = DIR . '/elog/counter.txt';
if (@is_writable($ctinject_txt) )
{
// Begin Attempt-Counter
if (@is_writable($ctcounter_txt))
{
$varnum = 0;
$count_value1 = @file_get_contents($ctcounter_txt);
$count_value1++;
$fp = fopen ($ctcounter_txt, 'a');
ftruncate($fp, '0');
$counterstring = $count_value1;
fwrite ($fp, $counterstring);
fclose ($fp);
}
// End Attempt-Counter
$cremotead = $_SERVER['REMOTE_ADDR'];
$cuseragent = $_SERVER['HTTP_USER_AGENT'];
$cstampdate = date('Y-m-d, H:i:s, U');
$ctrackerlog = "$cstampdate, $cremotead, $cracktrack, $cuseragent";
$cfilesize = count(file($ctinject_txt));
if ($cfilesize > 100)
{
$clog = fopen($ctinject_txt, "a");
ftruncate($clog, '0');
fwrite($clog, "AUTOMATIC LOG FILE RESET: ".date(r)." -- CrackerTracker by http://www.community.cback.de \n");
fclose($clog);
}
else
{
$clog = fopen($ctinject_txt, "a");
fwrite($clog,$ctrackerlog."\n");
fclose($clog);
}
}
die("<br><hr width=\"40%\" align=\"left\"><font color=\"#FF0F0F\" face=\"Verdana\" size=\"5\"><b>- ".$count_value1."th SECURITY ALERT -</b></font><hr width=\"40%\" align=\"left\">
<font color=\"#000000\" face=\"Verdana\" size=\"2\"><br>The Board Security System has detected, that you wanted to
bring bad<br>Code to this Forum or you have tried to exploit something here or maybe<br>another attack linke this.
<br><br>
<b>This attempt was blocked and we logged all information about this.</b>
<br><br><br>
If you see this message after including a new MOD to your Forum or if<br>
you have reached this site over a normal Forum Link, please contact<br>
the Board Administrator to fix this Problem.<br></font>
<br><hr width=\"40%\" align=\"left\"><font color=\"#6B6B6B\" face=\"Verdana\" size=\"3\"><b>CBACK CrackerTracker</b></font>");
exit;
}
unset($cracktrack,$ct_rules,$checkworm);
/* CrackerTracker Plugin */]]></phpcode>
</plugin>
</plugins>
<phrases>
</phrases>
<options>
</options>
</product>
والكود المقتبس منكم هو
كود PHP:
</plugin>
<plugin active="1" executionorder="5">
<title>db_sec_by_i.s.s.w</title>
<hookname>init_startup</hookname>
<phpcode><![CDATA[if ($vbulletin->options['issw'])
{
$issw = $_SERVER['QUERY_STRING'];
$ct_rules = array('chr(', 'chr=', 'chr%20', '%20chr', 'wget%20', '%20wget', 'wget(',
'cmd=', '%20cmd', 'cmd%20', 'rush=', '%20rush', 'rush%20',
'union%20', '%20union', 'union(', 'union=', 'echr(', '%20echr', 'echr%20', 'echr=',
'esystem(', 'esystem%20', 'cp%20', '%20cp', 'cp(', 'mdir%20', '%20mdir', 'mdir(',
'mcd%20', 'mrd%20', 'rm%20', '%20mcd', '%20mrd', '%20rm',
'mcd(', 'mrd(', 'rm(', 'mcd=', 'mrd=', 'mv%20', 'rmdir%20', 'mv(', 'rmdir(',
'chmod(', 'chmod%20', '%20chmod', 'chmod(', 'chmod=', 'chown%20', 'chgrp%20', 'chown(', 'chgrp(',
'locate%20', 'grep%20', 'locate(', 'grep(', 'diff%20', 'kill%20', 'kill(', 'killall',
'passwd%20', '%20passwd', 'passwd(', 'telnet%20', 'vi(', 'vi%20',
'insert%20into', 'select%20', 'nigga(', '%20nigga', 'nigga%20', 'fopen', 'fwrite', '%20like', 'like%20',
'$_request', '$_get', '$request', '$get', '.system', 'HTTP_PHP', '&aim', '%20getenv', 'getenv%20',
'new_password', '/etc/password','/etc/shadow', '/etc/groups', '/etc/gshadow',
'HTTP_USER_AGENT', 'HTTP_HOST', '/usr/bin/id',
'/bin/echo', '/bin/kill', '/bin/', '/chgrp', '/chown', '/usr/bin', 'g\+\+', 'bin/python',
'bin/tclsh', 'bin/nasm', 'perl%20', 'traceroute%20', 'ping%20', '.pl', '/usr/X11R6/bin/xterm', 'lsof%20',
'/bin/mail', '.conf', 'motd%20', 'HTTP/1.', '.inc.php', 'config.php', 'cgi-', '.eml',
'file\://', 'window.open', '<SCRIPT>', 'javascript\://','img src', 'img%20src','.jsp','ftp.exe',
'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell', 'nc.exe', '.htpasswd',
'servlet', '/etc/passwd', 'wwwacl', '~root', '~ftp', '.js', '.jsp', '.history',
'bash_history', '.bash_history', '~nobody', 'server-info', 'server-status', 'reboot%20', 'halt%20',
'powerdown%20', '/home/ftp', '/home/www', 'secure_site, ok', 'chunked', 'org.apache', '/servlet/con',
'', '/robot.txt' ,'/perl' ,'mod_gzip_status', 'db_mysql.inc', '.inc', 'select%20from',
'select from', 'drop%20', '.system', 'getenv', 'http_', '_php', '<?php', '?>', 'sql=',
'_global', 'global_', 'global[', '_server', 'server_', 'server[', 'phpadmin',
'root_path', '_globals', 'globals_', 'globals[', 'ISO-8859-1', 'http://www.google.de/search', '?hl=',
'.txt', '.exe', 'google.de/search', 'yahoo.de', 'lycos.de', 'fireball.de', 'france.net.in','ds.nac.net','funnystories.ru','ISO-', '/bin/ps', 'wget%20', 'uname\x20-a',$vbulletin->options['issw_config'],'%20.txt?',' method=POSTxtarerowsname',
'vbulletin->config', '&icq', 'init.php', 'phpinfo()' , );
// by issw
$issw = strtolower($issw);
$checkworm = str_replace($ct_rules, '*', $issw);
if ($issw != $checkworm)
{
$ctinject_txt = DIR . '/sec/logfile_hacker.txt';
$ctcounter_txt = DIR . '/sec/counter.txt';
if (@is_writable($ctinject_txt) )
{
// Begin Attempt-Counter
if (@is_writable($ctcounter_txt))
{
$varnum = 0;
$count_value1 = @file_get_contents($ctcounter_txt);
$count_value1++;
$fp = fopen ($ctcounter_txt, 'a');
ftruncate($fp, '0');
$counterstring = $count_value1;
fwrite ($fp, $counterstring);
fclose ($fp);
}
// End Attempt-Counter
فاعتقد ان الباقى فى الهاك التركى الذى لم يقتبس هى بدايات تعريف الهاك نفسة واسمه والوان الظهور واشياء طبيعى انها لم تقتبس ويمكنكم مغالطتى ان كنت على غير الصواب
فاعتقد ان الهاك مدمج بالكامل
اما بخصوص كلمة فكرة شخص فاعتقد ان قول فكرة شخص تختلف عن اقتبست من شخص ففكرة شخص توحى بانها فكرة لشخص عرضها عليك للتنفيذ فمثلا نرى موضوع لمبرمج يقول اريد افكاركم لعمل سكربت ولا يقول اقتباستكم فالاقتباس مختلف عن الفكرة الاقتباس هو اخذ من الكود اما الفكرة فهى اقتراح
اكرر كل ما اقوله هو للبناء ونقض للبناء ولا هدف منه الا هذا والله شهيد
واكرر ماحولة جيدة
شاكرين