deam0n
Member
Ето едно полезно скриптче
Код:
<?php
/**
*
*
* Saving date to log file and sending email to administrator if there is SQL injection or XSS attempt
*
*
* Atanas Atanasov
*
*
* How to use: Change $email var and include file wherever you want.
*
*
**/
function SqlInjectionDetector() {
$email = "[email protected]";
$data = $_SERVER['REQUEST_URI'].' '.$_SERVER['SCRIPT_FILENAME'].' '.$_SERVER['REMOTE_ADDR'].' '.$_SERVER["REQUEST_METHOD"].' '.$_SERVER["REMOTE_PORT"].' '.date('Y-m-d H:i:s').'
';
$queryString = strtolower($_SERVER['REQUEST_URI']);
if (strstr($queryString,"<") ||
strstr($queryString,">") ||
strstr($queryString,"(") ||
strstr($queryString,")") ||
strstr($queryString,"..") ||
strstr($queryString,"%") ||
strstr($queryString,"*") ||
strstr($queryString,"+") ||
strstr($queryString,"!") ||
strstr($queryString,"@") ||
preg_match('/union.*select/i', $queryString) ||
preg_match('/exec/i', $queryString) ||
preg_match('/declare/i', $queryString) ||
preg_match('/drop/i', $queryString)
) {
$filename = '/logs/sql_injection_log_'.date('Y-m-d').'.txt';
$fh = fopen($filename, 'a');
fwrite($fh, $data);
fclose($fh);
// Send an email to the administrator
$message = 'SqlInjectionAlarm function '.wordwrap($data, 70);
$headers = 'From: [email protected]' . "\r\n" .
'Reply-To: '.$email. "\r\n" .
'X-Mailer: PHP/' . phpversion();
// Send
mail('[email protected]', 'Possible Hack Attempt', $message, $headers);
header('Location: http://www.google.com');
exit();
}
}
SqlInjectionDetector();
?>