Anti DDOs script

Go down

Anti DDOs script Empty Anti DDOs script

Post by yehiapsycho on Sun Feb 28, 2010 8:29 am

Hey Mates
Recently there is someone who is trying to DDOS my site i guess.
so i made a little search and surfed the internet and i stumbled with that code from a friend.
i wanna be sure that it works .

here's the code.. and if it really works.. IT MUST BE IN Forumotion u know ..

For people who doesn't know whats DDOSING : it's a process used to send TCP-IP lost packages to make the website runs slower and then suddenly go down ..
i didn't really understand it .. so i hope someone will here !

Code:

<?php
//если ещё раз какой-нибудь дибил скрысит скрипт без копирайтов - кастрирую.
/*
//////////////////////////////////////////////////////////// 
Antiddos php module, powered by XakNet.Ru - S(r1pt 
Work on IPTABLES!!! 
Paste into the beginning of a script via include 
For the anti-ddos to operate, you need to have access to the 'system' function and an iptables command. If it's not available, all blocked ips go into 'banned_ips'.
It's the best to put anti-ddos on VPS or dedicated server. 
Going to work against an average DDOS. (If it works through iptables)
Comments translated by --Σ--
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 
*/
$debug = false; // debug mode, disabled ban, simply shows a message if the IP was banned or not.
if ($debug) error_reporting(E_ALL);
else  error_reporting(0);


/* Possible values - $ddos 1-5:
| 1. Check using cookies(recommended) 
| 2. Double check using $_GET antiddos and meta refresh 
| 3. Authorization request WWW-Authenticate 
| 4. Disables the site completely, bots aren't being blocked!!! 
| 5. Turn the site off if the load is too high, bots aren't being blocked!!! 
*/

$ddos = 1;
$log = false;
$dir = dirname(__file__) . '/cyki_bots/'; //DDOS log directory, create it and chmod 777
$ddos_redirect_host = 'http://google.com/'; // Host to which redirect DDOS
$icq = '123456'; //Admins ICQ
$off_message = 'We are experiencing technical difficulties.'; //Message if website is down.
$anticyka = md5(sha1('botik' . strrev(getenv('HTTP_USER_AGENT'))));
$ban_message = 'You have been blocked. If you believe this is a mistake, contact an administrator, icq of admin:' .
    $icq . '<hr>(c)XakNet antiddos module'; // Ban message
$exec_ban = "iptables -A INPUT -s " . $_SERVER["REMOTE_ADDR"] . " -j DROP"; // для iptables(Debian/ubuntu/etc)
$load = sys_getloadavg(); // Function for retrieving load average \=\
$ddosuser = 'lol_ddos';
$ddospass = substr(ip2long($_SERVER['REMOTE_ADDR']), 0, rand(2, 4));
//not tested //checks if those are crawlers:

$google = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "googlebot.com") !== false;
$yandex = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "yandex.ru") !== false;
$rambler = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "ramtel.ru") !== false;
$rambler2 = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "rambler.ru") !== false;
$aport = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "aport.ru") !== false;
$sape = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "sape.ru") !== false;
$msn = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "msn.com") !== false;
$yahoo = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "yahoo.net") !== false;
//
if(!file_exists($dir . 'banned_ips')) file_put_contents($dir . 'banned_ips', '');
if (strstr(file_get_contents($dir . 'banned_ips'), $_SERVER['REMOTE_ADDR']))
        die($ban_message); //GTFO )


if (! $google || ! $yandex || ! $rambler || ! $rambler2 || ! $aport || ! $sape ||
    ! $msn || ! $yahoo) {

    $f = fopen($dir . $_SERVER["REMOTE_ADDR"], "a");
    fwrite($f, "zapros cyka\n");
    fclose($f);
    function ban()
    {
        if (! system($exec_ban)) {
            $f = fopen($dir . 'banned_ips', "a");
            fwrite($f, $_SERVER['REMOTE_ADDR'] . '|');
            fclose($f);
        }
        echo $ban_message;
        header('Location: ' . $ddos_redirect_host . '');
        die();
    }
    switch ($ddos) {
            ///////////////////////////
        case 1:
            if (empty($_COOKIE['ddos']) or ! $_COOKIE['ddos']) {
                $counter = @file($dir . $_SERVER["REMOTE_ADDR"]);

                setcookie('ddos', $anticyka, time() + 3600 * 24 * 7 * 356); // на год нах.
                if (count($counter) > 10) {
                    if (! $debug) ban();

                    else  die("Blocked");

                }
                if (! $_COOKIE['ddos_log'] == 'bil') {
                    if (! $_GET['antiddos'] == 1) {
                        setcookie('ddos_log', 'bil', time() + 3600 * 24 * 7 * 356); //типо запрос уже был чтоб не перекидывало постоянно рефрешем.
                        header("Location: ./?antiddos=1");
                    }
                }
            } elseif ($_COOKIE['ddos'] !== $anticyka) {
                if (! $debug) ban();

                else  die("Blocked.");

            }
            break;
            /////////////////////////
        case 2:
            if (empty($_COOKIE['ddos'])) {
                if (empty($_GET['antiddos'])) {
                    if (! $_COOKIE['ddos_log'] == 'bil')
                        //Checking cookies for request
                            die('<meta http-equiv="refresh" content="0;URL=?antiddos=' . $anticyka . '" />');

                } elseif ($_GET['antiddos'] == $anticyka) {
                    setcookie('ddos', $anticyka, time() + 3600 * 24 * 7 * 356);
                    setcookie('ddos_log', 'bil', time() + 3600 * 24 * 7 * 356); //типо запрос уже был чтоб не перекидывало постоянно рефрешем.
                }
                else {

                    if (! $debug) {
                        ban();
                        die("May be shall not transform address line?");
                    }
                    else {
                        echo "May be shall not transform address line?";
                        die("Blocked.");
                    }
                }
            }
            break;
        case 3:
            if (! isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] !== $ddosuser ||
                $_SERVER['PHP_AUTH_PW'] !== $ddospass) {
                header('WWW-Authenticate: Basic realm="Vvedite parol\':  ' . $ddospass .
                    ' | Login: ' . $ddosuser . '"');
                header('HTTP/1.0 401 Unauthorized');
                if (! $debug) ban();

                else  die("Blocked");

                die("<h1>401 Unauthorized</h1>");
            }
            break;
        case 4:
            die($off_message); //site disabled
            break;
        case 5:
            if ($load[0] > 80) {
                header('HTTP/1.1 503 Too busy, try again later');
                die('<center><h1>503 Server too busy.</h1></center><hr><small><i>Server too busy. Please try again later. Apache server on ' .
                    $_SERVER['HTTP_HOST'] .
                    ' at port 80 with <a href="http://forum.xaknet.ru/">ddos protect</a></i></small>');
            }
            break;
        default:
            break;
            //////////////////////////
    }
    if ($_COOKIE['ddos'] == $anticyka) @unlink($dir . $_SERVER["REMOTE_ADDR"]);
}
//////////////////////////////
//powered by xaknet.ru


?>
avatar
yehiapsycho
Forumember

Male Posts : 145
Reputation : 0
Language : English
Location : Egypt,Alexandria

http://www.sharingmonster.ace.st

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by mozaski on Sun Feb 28, 2010 10:13 am

That looks useful,but I think we still have an option with that DDOS users. backup? Smile
mozaski
mozaski
Forumember

Posts : 87
Reputation : 0
Language : Tagalog,English,Nihongo,Mandarin

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by yehiapsycho on Sun Feb 28, 2010 1:29 pm

I guess you didn't get me
what backup got to do with that ? no i don't think BACK UP will work in ddosing attacks..
DDOSING makes your site completly DOWN
avatar
yehiapsycho
Forumember

Male Posts : 145
Reputation : 0
Language : English
Location : Egypt,Alexandria

http://www.sharingmonster.ace.st

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by crysis992 on Sun Feb 28, 2010 3:01 pm

this is a php script, php doesnt work on forumotion.
avatar
crysis992
Forumember

Posts : 67
Reputation : 0
Language : German

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by mozaski on Sun Feb 28, 2010 4:05 pm

@yehiapsycho wrote:I guess you didn't get me
what backup got to do with that ? no i don't think BACK UP will work in ddosing attacks..
DDOSING makes your site completly DOWN

Nah..I mean if your forum get down from that DDOS attack.You can still manage it to recover though from this site https://www.forumotion.com/en/utils/.And php does not work with forumotion.
mozaski
mozaski
Forumember

Posts : 87
Reputation : 0
Language : Tagalog,English,Nihongo,Mandarin

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by crysis992 on Sun Feb 28, 2010 5:04 pm

@mozaski wrote:
@yehiapsycho wrote:I guess you didn't get me
what backup got to do with that ? no i don't think BACK UP will work in ddosing attacks..
DDOSING makes your site completly DOWN

Nah..I mean if your forum get down from that DDOS attack.You can still manage it to recover though from this site https://www.forumotion.com/en/utils/.And php does not work with forumotion.

i think you still didnt get it.
If someone DDOS a server, then the server will crash and you cant reach it. Files get not deleted.
avatar
crysis992
Forumember

Posts : 67
Reputation : 0
Language : German

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by Darren1 on Sun Feb 28, 2010 6:40 pm

Hello,

@crysis992 wrote:this is a php script, php doesnt work on forumotion.

This is correct.

ForuMotion doesnt use real PHP scripting, and you don't have access to the necessary DB files to insert this code Wink
Darren1
Darren1
Helper
Helper

Male Posts : 11853
Reputation : 563
Language : English

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by mozaski on Sun Feb 28, 2010 9:51 pm

@crysis992 wrote:
@mozaski wrote:
@yehiapsycho wrote:I guess you didn't get me
what backup got to do with that ? no i don't think BACK UP will work in ddosing attacks..
DDOSING makes your site completly DOWN

Nah..I mean if your forum get down from that DDOS attack.You can still manage it to recover though from this site https://www.forumotion.com/en/utils/.And php does not work with forumotion.

i think you still didnt get it.
If someone DDOS a server, then the server will crash and you cant reach it. Files get not deleted.

yeah,I really don't get it.. Laughing But hopefully forumotion do some action for this DDOS.Thanks for info anyway Wink
mozaski
mozaski
Forumember

Posts : 87
Reputation : 0
Language : Tagalog,English,Nihongo,Mandarin

Back to top Go down

Anti DDOs script Empty Re: Anti DDOs script

Post by yehiapsycho on Mon Mar 01, 2010 7:45 am

yeh welcome anywayz
and i wish that someone mod OR admin come here and check this out
avatar
yehiapsycho
Forumember

Male Posts : 145
Reputation : 0
Language : English
Location : Egypt,Alexandria

http://www.sharingmonster.ace.st

Back to top Go down

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum