חבר מתקדם
מיני פרופיל
תאריך הצטרפות: Feb 2008
גיל: 37
הודעות: 710
הנה חלק מהדברים שאני משתמש יש כאן כמעט הכל, XSS, SQL INJ, ניקוי טקסט רגיל, אבטחת GET POST COOKIE REQUEST , בדיקת אימייל, ניקיון טקסט עם פסיקים, בדיקה לקוד לא חוקי כמו EXEC , פונקציות להמרה מ NL ל BR וההפך, מציאת דפדפן המשתמש ומערכת ההפעלה שלו, ועוד...
PHP קוד:
<?php /** function hax_check_for_executable_code ( $text = '' ) //----------------------------------------- if ( preg_match ( "#include|require|include_once|require_once|exec|system|passthru|`#si" , $text ) ) TRUE ; FALSE ; /** function xss_check_url ( $url ) $url = trim ( urldecode ( $url ) ); preg_match ( "#^https?://(?:[^<>*\"]+|[a-z0-9/\._\- !]+)$#iU" , $url ) ) FALSE ; TRUE ; xss_html_clean ( $html ) //----------------------------------------- $html = preg_replace ( "#<(\s+?)?s(\s+?)?c(\s+?)?r(\s+?)?i(\s+?)?p(\s+?)?t#is" , "<script" , $html ); $html = preg_replace ( "#<(\s+?)?/(\s+?)?s(\s+?)?c(\s+?)?r(\s+?)?i(\s+?)?p(\s+?)?t#is" , "</script" , $html ); //----------------------------------------- $html = preg_replace ( "/javascript/i" , "javascript" , $html ); $html = preg_replace ( "/alert/i" , "alert" , $html ); $html = preg_replace ( "/behavior/i" , "behavior" , $html ); $html = preg_replace ( "/e((\/\*.*?\*\/)*)x((\/\*.*?\*\/)*)p((\/\*.*?\*\/)*)r((\/\*.*?\*\/)*)e((\/\*.*?\*\/)*)s((\/\*.*?\*\/)*)s((\/\*.*?\*\/)*)i((\/\*.*?\*\/)*)o((\/\*.*?\*\/)*)n/i" , "expression" , $html ); $html = preg_replace ( "/e((\\\|\)*)x((\\\|\)*)p((\\\|\)*)r((\\\|\)*)e((\\\|\)*)s((\\\|\)*)s((\\\|\)*)i((\\\|\)*)o((\\\|\)*)n/i" , "expression" , $html ); $html = preg_replace ( "/m((\\\|\)*)o((\\\|\)*)z((\\\|\)*)\-((\\\|\)*)b((\\\|\)*)i((\\\|\)*)n((\\\|\)*)d((\\\|\)*)i((\\\|\)*)n((\\\|\)*)g/i" , "moz-binding" , $html ); $html = preg_replace ( "/about , "about:" , $html ); $html = preg_replace ( "/<body/i" , "<body" , $html ); $html = preg_replace ( "/<html/i" , "<html" , $html ); $html = preg_replace ( "/document\./i" , "document." , $html ); $html = preg_replace ( "/window\./i" , "window." , $html ); $event_handlers = array( 'mouseover' , 'mouseout' , 'mouseup' , 'mousemove' , 'mousedown' , 'mouseenter' , 'mouseleave' , 'mousewheel' , 'contextmenu' , 'click' , 'dblclick' , 'load' , 'unload' , 'submit' , 'blur' , 'focus' , 'resize' , 'scroll' , 'change' , 'reset' , 'select' , 'selectionchange' , 'selectstart' , 'start' , 'stop' , 'keydown' , 'keyup' , 'keypress' , 'abort' , 'error' , 'dragdrop' , 'move' , 'moveend' , 'movestart' , 'activate' , 'afterprint' , 'afterupdate' , 'beforeactivate' , 'beforecopy' , 'beforecut' , 'beforedeactivate' , 'beforeeditfocus' , 'beforepaste' , 'beforeprint' , 'beforeunload' , 'begin' , 'bounce' , 'cellchange' , 'controlselect' , 'copy' , 'cut' , 'paste' , 'dataavailable' , 'datasetchanged' , 'datasetcomplete' , 'deactivate' , 'drag' , 'dragend' , 'dragleave' , 'dragenter' , 'dragover' , 'drop' , 'end' , 'errorupdate' , 'filterchange' , 'finish' , 'focusin' , 'focusout' , 'help' , 'layoutcomplete' , 'losecapture' , 'mediacomplete' , 'mediaerror' , 'outofsync' , 'pause' , 'propertychange' , 'progress' , 'readystatechange' , 'repeat' , 'resizeend' , 'resizestart' , 'resume' , 'reverse' , 'rowsenter' , 'rowexit' , 'rowdelete' , 'rowinserted' , 'seek' , 'syncrestored' , 'timeerror' , 'trackchange' , 'urlflip' , $html = preg_replace ( "/on(" . implode ( '|' , $event_handlers ) . ")/i" , "on\\1" , $html ); $html ; /** function my_nl2br ( $t = "" ) str_replace ( "\n" , "<br />" , $t ); /*-------------------------------------------------------------------------*/ function my_br2nl ( $t = "" ) $t = preg_replace ( "#(?:\n|\r)?<br />(?:\n|\r)?#" , "\n" , $t ); $t = preg_replace ( "#(?:\n|\r)?<br>(?:\n|\r)?#" , "\n" , $t ); $t ; /** function clean_email ( $email = "" ) $email = trim ( $email ); $email = str_replace ( " " , "" , $email ); //----------------------------------------- if ( substr_count ( $email , '@' ) > 1 ) FALSE ; $email = preg_replace ( "#[\;\#\n\r\*\'\"<>&\%\!\(\)\{\}\[\]\?\\/\s]#" , "" , $email ); preg_match ( "/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,4})(\]?)$/" , $email ) ) $email ; FALSE ; /** function trim_leading_comma ( $t ) preg_replace ( "/^,/" , "" , $t ); /** function trim_trailing_comma ( $t ) preg_replace ( "/,$/" , "" , $t ); /** function clean_comma ( $t ) preg_replace ( "/,{2,}/" , "," , $t ); /** function clean_perm_string ( $t ) $t = $this -> clean_comma ( $t ); $t = $this -> trim_leading_comma ( $t ); $t = $this -> trim_trailing_comma ( $t ); $t ; /** function fetch_os () $useragent = strtolower ( $this -> my_getenv ( 'HTTP_USER_AGENT' )); strstr ( $useragent , 'mac' ) ) 'mac' ; preg_match ( '#wi(n|n32|ndows)#' , $useragent ) ) 'windows' ; 'unknown' ; /** private function fetch_browser () $version = 0 ; $browser = "unknown" ; $useragent = strtolower ( $this -> my_getenv ( 'HTTP_USER_AGENT' )); //----------------------------------------- if ( strstr ( $useragent , 'opera' ) ) preg_match ( "#opera[ /]([0-9\.]{1,10})#" , $useragent , $ver ); 'browser' => 'opera' , 'version' => $ver [ 1 ] ); //----------------------------------------- if ( strstr ( $useragent , 'msie' ) ) preg_match ( "#msie[ /]([0-9\.]{1,10})#" , $useragent , $ver ); 'browser' => 'ie' , 'version' => $ver [ 1 ] ); //----------------------------------------- if ( strstr ( $useragent , 'safari' ) ) preg_match ( "#safari/([0-9.]{1,10})#" , $useragent , $ver ); 'browser' => 'safari' , 'version' => $ver [ 1 ] ); //----------------------------------------- if ( strstr ( $useragent , 'gecko' ) ) preg_match ( "#gecko/(\d+)#" , $useragent , $ver ); 'browser' => 'gecko' , 'version' => $ver [ 1 ] ); //----------------------------------------- if ( strstr ( $useragent , 'mozilla' ) ) preg_match ( "#^mozilla/[5-9]\.[0-9.]{1,10}.+rv:([0-9a-z.+]{1,10})#" , $useragent , $ver ); 'browser' => 'mozilla' , 'version' => $ver [ 1 ] ); //----------------------------------------- if ( strstr ( $useragent , 'konqueror' ) ) preg_match ( "#konqueror/([0-9.]{1,10})#" , $useragent , $ver ); 'browser' => 'konqueror' , 'version' => $ver [ 1 ] ); //----------------------------------------- return array( 'browser' => $browser , 'version' => $version ); /** public function my_getenv ( $key ) $return = array(); is_array ( $_SERVER ) AND count ( $_SERVER ) ) $_SERVER [ $key ] ) ) $return = $_SERVER [ $key ]; $return ) $return = getenv ( $key ); $return ; /** private function clean_globals ( & $data , $iteration = 0 ) // Crafty hacker could send something like &foo[][][][][][]....to kill Apache process if( $iteration >= 10 ) $data ; count ( $data ) ) $data as $k => $v ) is_array ( $v ) ) $this -> clean_globals ( $data [ $k ], $iteration + 1 ); # Null byte characters $v = preg_replace ( '/\\\0/' , '\0' , $v ); $v = preg_replace ( '/\\x00/' , '\x00' , $v ); $v = str_replace ( '%00' , '%00' , $v ); # File traversal $v = str_replace ( '../' , '../' , $v ); $data [ $k ] = $v ; /** private function define_indexes () $this -> input [ 'area' ]) ) $this -> input [ 'area' ] = '' ; /** private function parse_incoming_recursively ( & $data , $input =array(), $iteration = 0 ) // Crafty hacker could send something like &foo[][][][][][]....to kill Apache process if( $iteration >= 10 ) $input ; count ( $data ) ) $data as $k => $v ) is_array ( $v ) ) //$input = $this->parse_incoming_recursively( $data[ $k ], $input ); $input [ $k ] = $this -> parse_incoming_recursively ( $data [ $k ], array(), $iteration + 1 ); $k = $this -> parse_clean_key ( $k ); $v = $this -> parse_clean_value ( $v ); $input [ $k ] = $v ; $input ; /** public function parse_incoming () //----------------------------------------- @ set_magic_quotes_runtime ( 0 ); $this -> get_magic_quotes = @ get_magic_quotes_gpc (); //----------------------------------------- $this -> clean_globals ( $_GET ); $this -> clean_globals ( $_POST ); $this -> clean_globals ( $_COOKIE ); $this -> clean_globals ( $_REQUEST ); # GET first $input = $this -> parse_incoming_recursively ( $_GET , array() ); # Then overwrite with POST $input = $this -> parse_incoming_recursively ( $_POST , $input ); $this -> input = $input ; $this -> define_indexes (); //----------------------------------------- $addrs = array(); array_reverse ( explode ( ',' , $this -> my_getenv ( 'HTTP_X_FORWARDED_FOR' ) ) ) as $x_f ) $x_f = trim ( $x_f ); preg_match ( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/' , $x_f ) ) $addrs [] = $x_f ; $addrs [] = $this -> my_getenv ( 'HTTP_CLIENT_IP' ); $addrs [] = $this -> my_getenv ( 'HTTP_X_CLUSTER_CLIENT_IP' ); $addrs [] = $this -> my_getenv ( 'HTTP_PROXY_USER' ); $addrs [] = $this -> my_getenv ( 'REMOTE_ADDR' ); //----------------------------------------- foreach ( $addrs as $ip ) $ip ) preg_match ( "/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/" , $ip , $match ); $this -> ip_address = $match [ 1 ]. '.' . $match [ 2 ]. '.' . $match [ 3 ]. '.' . $match [ 4 ]; $this -> ip_address AND $this -> ip_address != '...' ) //----------------------------------------- if ( ( ! $this -> ip_address OR $this -> ip_address == '...' ) AND ! $this -> my_getenv ( 'SHELL' ) ) "Could not determine your IP address" ; #Backwards compat: $this -> input [ "IP_ADDRESS" ] = $this -> ip_address ; //----------------------------------------- $this -> query_string_safe = str_replace ( '&amp;' , '&' , $this -> parse_clean_value ( urldecode ( $this -> my_getenv ( 'QUERY_STRING' )) ) ); $this -> query_string_real = str_replace ( '&' , '&' , $this -> query_string_safe ); //----------------------------------------- $this -> query_string_formatted = str_replace ( $this -> vars [ 'baseurl' ] . '/index.' . $this -> vars [ 'php_ext' ]. '?' , '' , $this -> query_string_safe ); $this -> query_string_formatted = preg_replace ( "#s=([a-z0-9]){32}#" , '' , $this -> query_string_formatted ); # Assign request method $this -> input [ 'request_method' ] = strtolower ( $this -> my_getenv ( 'REQUEST_METHOD' )); $this -> input ; /** public function parse_clean_value ( $val ) $val == "" ) "" ; $val = str_replace ( " " , " " , $this -> txt_stripslashes ( $val ) ); // As cool as this entity is... $val = str_replace ( "" , '' , $val ); $val = str_replace ( "&" , "&" , $val ); $val = str_replace ( "<!--" , "<!--" , $val ); $val = str_replace ( "-->" , "-->" , $val ); $val = preg_replace ( "/<script/i" , "<script" , $val ); $val = str_replace ( ">" , ">" , $val ); $val = str_replace ( "<" , "<" , $val ); $val = str_replace ( '"' , """ , $val ); $val = str_replace ( "\n" , "<br />" , $val ); // Convert literal newlines $val = str_replace ( "$" , "$" , $val ); $val = str_replace ( "\r" , "" , $val ); // Remove literal carriage returns $val = str_replace ( "!" , "!" , $val ); $val = str_replace ( chr ( 0xCA ), "" , $val ); //Remove sneaky spaces $val = str_replace ( "'" , "'" , $val ); // IMPORTANT: It helps to increase sql query safety. $val = preg_replace ( "/&#([0-9]+);/s" , "&#\\1;" , $val ); //----------------------------------------- $val = preg_replace ( "/&#(\d+?)([^\d;])/i" , "&#\\1;\\2" , $val ); $val ; /** public function txt_stripslashes ( $t ) $this -> get_magic_quotes ) $t = stripslashes ( $t ); $t ; /** function parse_clean_key ( $key ) $key == "" ) "" ; $key = htmlspecialchars ( urldecode ( $key )); $key = str_replace ( ".." , "" , $key ); $key = preg_replace ( "/\_\_(.+?)\_\_/" , "" , $key ); $key = preg_replace ( "/^([\w\.\-\_]+)$/" , "$1" , $key ); $key ; ?>
21-11-08, 11:02
פונקציית אבטחה נגד הזרקות PHP
עבור למצב קווי
