| 1 | <?php if (!defined('BB2_CORE')) die('I said no cheating!'); |
| 2 | |
| 3 | function bb2_blacklist($package) { |
| 4 | |
| 5 | // Blacklisted user agents |
| 6 | // These user agent strings occur at the beginning of the line. |
| 7 | $bb2_spambots_0 = array( |
| 8 | "<sc", // XSS exploit attempts |
| 9 | "8484 Boston Project", // video poker/porn spam |
| 10 | "adwords", // referrer spam |
| 11 | "autoemailspider", // spam harvester |
| 12 | "blogsearchbot-martin", // from honeypot |
| 13 | "CherryPicker", // spam harvester |
| 14 | "core-project/", // FrontPage extension exploits |
| 15 | "Diamond", // delivers spyware/adware |
| 16 | "Digger", // spam harvester |
| 17 | "ecollector", // spam harvester |
| 18 | "EmailCollector", // spam harvester |
| 19 | "Email Siphon", // spam harvester |
| 20 | "EmailSiphon", // spam harvester |
| 21 | "grub crawler", // misc comment/email spam |
| 22 | "HttpProxy", // misc comment/email spam |
| 23 | "Internet Explorer", // XMLRPC exploits seen |
| 24 | "ISC Systems iRc", // spam harvester |
| 25 | "Jakarta Commons", // custommised spambots |
| 26 | "Java 1.", // definitely a spammer |
| 27 | "Java/1.", // definitely a spammer |
| 28 | "libwww-perl", // spambot scripts |
| 29 | "LWP", // spambot scripts |
| 30 | "Microsoft URL", // spam harvester |
| 31 | "Missigua", // spam harvester |
| 32 | "MJ12bot/v1.0.8", // malicious botnet |
| 33 | "Movable Type", // customised spambots |
| 34 | "Mozilla ", // malicious software |
| 35 | "Mozilla/4.0(", // from honeypot |
| 36 | "Mozilla/4.0+(", // suspicious harvester |
| 37 | "MSIE", // malicious software |
| 38 | "NutchCVS", // unidentified robots |
| 39 | "Nutscrape/", // misc comment spam |
| 40 | "OmniExplorer", // spam harvester |
| 41 | "psycheclone", // spam harvester |
| 42 | "PussyCat ", // misc comment spam |
| 43 | "PycURL", // misc comment spam |
| 44 | // "Shockwave Flash", // spam harvester |
| 45 | // WP 2.5 now has Flash; FIXME |
| 46 | "Super Happy Fun ", // spam harvester |
| 47 | "TrackBack/", // trackback spam |
| 48 | "user", // suspicious harvester |
| 49 | "User Agent: ", // spam harvester |
| 50 | "User-Agent: ", // spam harvester |
| 51 | "Winnie Poh", // Automated Coppermine hacks |
| 52 | "Wordpress", // malicious software |
| 53 | "\"", // malicious software |
| 54 | ); |
| 55 | |
| 56 | // These user agent strings occur anywhere within the line. |
| 57 | $bb2_spambots = array( |
| 58 | "\r", // A really dumb bot |
| 59 | "; Widows ", // misc comment/email spam |
| 60 | "a href=", // referrer spam |
| 61 | "Bad Behavior Test", // Add this to your user-agent to test BB |
| 62 | "compatible ; MSIE", // misc comment/email spam |
| 63 | "compatible-", // misc comment/email spam |
| 64 | "DTS Agent", // misc comment/email spam |
| 65 | "Email Extractor", // spam harvester |
| 66 | "Gecko/25", // revisit this in 500 years |
| 67 | "grub-client", // search engine ignores robots.txt |
| 68 | "hanzoweb", // very badly behaved crawler |
| 69 | "Indy Library", // misc comment/email spam |
| 70 | "larbin@unspecified", // stealth harvesters |
| 71 | "Murzillo compatible", // comment spam bot |
| 72 | ".NET CLR 1)", // free poker, etc. |
| 73 | "POE-Component-Client", // free poker, etc. |
| 74 | "Turing Machine", // www.anonymizer.com abuse |
| 75 | "WebaltBot", // spam harvester |
| 76 | "WISEbot", // spam harvester |
| 77 | "WISEnutbot", // spam harvester |
| 78 | "Windows NT 4.0;)", // wikispam bot |
| 79 | "Windows NT 5.0;)", // wikispam bot |
| 80 | "Windows NT 5.1;)", // wikispam bot |
| 81 | "Windows XP 5", // spam harvester |
| 82 | "WordPress/4.01", // pingback spam |
| 83 | "\\\\)", // spam harvester |
| 84 | ); |
| 85 | |
| 86 | // These are regular expression matches. |
| 87 | $bb2_spambots_regex = array( |
| 88 | "/^[A-Z]{10}$/", // misc email spam |
| 89 | "/^Mozilla...[05]$/i", // fake user agent/email spam |
| 90 | "/[bcdfghjklmnpqrstvwxz ]{8,}/", |
| 91 | // "/(;\){1,2}$/", // misc spammers/harvesters |
| 92 | // "/MSIE.*Windows XP/", // misc comment spam |
| 93 | ); |
| 94 | |
| 95 | // Do not edit below this line. |
| 96 | |
| 97 | @$ua = $package['headers_mixed']['User-Agent']; |
| 98 | |
| 99 | foreach ($bb2_spambots_0 as $spambot) { |
| 100 | $pos = strpos($ua, $spambot); |
| 101 | if ($pos !== FALSE && $pos == 0) { |
| 102 | return "17f4e8c8"; |
| 103 | } |
| 104 | } |
| 105 | |
| 106 | foreach ($bb2_spambots as $spambot) { |
| 107 | if (strpos($ua, $spambot) !== FALSE) { |
| 108 | return "17f4e8c8"; |
| 109 | } |
| 110 | } |
| 111 | |
| 112 | foreach ($bb2_spambots_regex as $spambot) { |
| 113 | if (preg_match($spambot, $ua)) { |
| 114 | return "17f4e8c8"; |
| 115 | } |
| 116 | } |
| 117 | |
| 118 | return FALSE; |
| 119 | } |
| 120 | |
| 121 | ?> |
| 122 | |
