Updating branch refs/heads/master
to 97f4505a894099542126f74312e6e5e3f75bd1c9 (commit)
from b0aace746d4fb0e611c7c899206d0ad09e8a0398 (commit)
commit 97f4505a894099542126f74312e6e5e3f75bd1c9
Author: Nick Schermer <[email protected]>
Date: Tue Dec 4 19:36:13 2012 +0100
Update bad-behaviour.
include/bad-behavior/blacklist.inc.php | 10 +++++++++-
include/bad-behavior/core.inc.php | 2 +-
include/bad-behavior/whitelist.inc.php | 6 +++---
3 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/include/bad-behavior/blacklist.inc.php
b/include/bad-behavior/blacklist.inc.php
index ba4554e..b122ca6 100644
--- a/include/bad-behavior/blacklist.inc.php
+++ b/include/bad-behavior/blacklist.inc.php
@@ -33,16 +33,19 @@ function bb2_blacklist($package) {
"Microsoft URL", // unidentified robots
"Missigua", // spam harvester
"MJ12bot/v1.0.8", // malicious botnet
+ "Morfeus", // vulnerability scanner
"Movable Type", // customised spambots
- "Mozilla ", // malicious software
+ //"Mozilla ", // malicious software
"Mozilla/0", // malicious software
"Mozilla/1", // malicious software
"Mozilla/2", // malicious software
"Mozilla/3", // malicious software
"Mozilla/4.0(", // from honeypot
"Mozilla/4.0+(compatible;+", // suspicious harvester
+ "Mozilla/4.0 (Hydra)", // brute force tool
"MSIE", // malicious software
"MVAClient", // automated hacking attempts
+ "Nessus", // vulnerability scanner
"NutchCVS", // unidentified robots
"Nutscrape/", // misc comment spam
"OmniExplorer", // spam harvester
@@ -53,11 +56,13 @@ function bb2_blacklist($package) {
"Python-urllib", // commonly abused
// WP 2.5 now has Flash; FIXME
// "Shockwave Flash", // spam harvester
+ "sqlmap/", // SQL injection
"Super Happy Fun ", // spam harvester
"TrackBack/", // trackback spam
"user", // suspicious harvester
"User Agent: ", // spam harvester
"User-Agent: ", // spam harvester
+ "w3af", // vulnerability scanner
"WebSite-X Suite", // misc comment spam
"Winnie Poh", // Automated Coppermine hacks
"Wordpress", // malicious software
@@ -81,12 +86,15 @@ function bb2_blacklist($package) {
"hanzoweb", // very badly behaved crawler
"Havij", // SQL injection tool
"Indy Library", // misc comment/email spam
+ "Ming Mong", // brute force tool
"MSIE 7.0; Windows NT 5.2", // Cyveillance
"Murzillo compatible", // comment spam bot
".NET CLR 1)", // free poker, etc.
".NET CLR1", // spam harvester
+ "Nikto/", // vulnerability scanner
"Perman Surfer", // old and very broken harvester
"POE-Component-Client", // free poker, etc.
+ "Teh Forest Lobster", // brute force tool
"Turing Machine", // www.anonymizer.com abuse
"Ubuntu/9.25", // comment spam bot
"unspecified.mail", // stealth harvesters
diff --git a/include/bad-behavior/core.inc.php
b/include/bad-behavior/core.inc.php
index 7210d3a..441ad59 100644
--- a/include/bad-behavior/core.inc.php
+++ b/include/bad-behavior/core.inc.php
@@ -1,5 +1,5 @@
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
-define('BB2_VERSION', "2.2.10");
+define('BB2_VERSION', "2.2.11");
// Bad Behavior entry point is bb2_start()
// If you're reading this, you are probably lost.
diff --git a/include/bad-behavior/whitelist.inc.php
b/include/bad-behavior/whitelist.inc.php
index 0e1e710..67a1f6b 100644
--- a/include/bad-behavior/whitelist.inc.php
+++ b/include/bad-behavior/whitelist.inc.php
@@ -10,12 +10,12 @@ function bb2_run_whitelist($package)
}
if (@!empty($whitelists['ip'])) {
- foreach ($whitelists['ip'] as $range) {
+ foreach (array_filter($whitelists['ip']) as $range) {
if (match_cidr($package['ip'], $range)) return true;
}
}
if (@!empty($whitelists['useragent'])) {
- foreach ($whitelists['useragent'] as $user_agent) {
+ foreach (array_filter($whitelists['useragent']) as $user_agent)
{
if (!strcmp($package['headers_mixed']['User-Agent'],
$user_agent)) return true;
}
}
@@ -25,7 +25,7 @@ function bb2_run_whitelist($package)
} else {
$request_uri = substr($package['request_uri'], 0,
strpos($package['request_uri'], "?"));
}
- foreach ($whitelists['url'] as $url) {
+ foreach (array_filter($whitelists['url']) as $url) {
$pos = strpos($request_uri, $url);
if ($pos !== false && $pos == 0) return true;
}
_______________________________________________
Xfce4-commits mailing list
[email protected]
https://mail.xfce.org/mailman/listinfo/xfce4-commits
