Protect Against Malicious URL Requests With Email Alert by k3nz0

first we will make new file and write this:
<?php
/*
Plugin Name: Block Bad Queries
Plugin URI:
Description: Protect Against Malicious URL Requests with email alert
Author: k3nz0 snd (YM: k3nz0_snd)
Version: 2.0
Usage : include in database connection
*/
//
global $user_ID; if($user_ID) {
$agent = $_SERVER[‘HTTP_USER_AGENT’];
$uri = $_SERVER[‘REQUEST_URI’];
$ip = $_SERVER[‘REMOTE_ADDR’];
$ref = $_SERVER[‘HTTP_REFERER’];
$ipasli = $_SERVER[‘HTTP_X_FORWARDED_FOR’];
$via = $_SERVER[‘HTTP_VIA’];
$dtime = date(‘r’);
// SQLi bypass
if (strlen($_SERVER[‘REQUEST_URI’]) > 255 ||
strpos($_SERVER[‘REQUEST_URI’], “eval(“) ||
strpos($_SERVER[‘REQUEST_URI’], “CONCAT”) ||
strpos($_SERVER[‘REQUEST_URI’], “UNION SELECT”) ||
strpos($_SERVER[‘REQUEST_URI’], “UNION%20SELECT”) ||
strpos($_SERVER[‘REQUEST_URI’], “table_name”) ||
strpos($_SERVER[‘REQUEST_URI’], “base64”)||
strpos($_SERVER[‘REQUEST_URI’], “UNION%20ALL%20SELECT”)||
strpos($_SERVER[‘REQUEST_URI’], “UNION ALL SELECT”)) {
// your email address
$to = ’87.d0ing@gmail.com’;
$subject = ‘SQLi detected’;
// Set HTML Mail Header
$headers = ‘MIME-Version: 1.0’ . “\r\n”;
$headers .= ‘Content-type: text/html; charset=iso-8859-1’ . “\r\n”;
// The Message
$message = ‘
siemfestival.com
//————————— //
Waktu: $dtime
IP asli: $ip
Browser: $agent
URL: $uri
Referrer: $ref
Proxy: $ipasli
Koneksi: $via
//————————— //’;
mail($to, $subject, $message, $headers);
echo “<title>k3nz0 protected</title>”;
echo “k3nz0 was her3”;
@exit;
}
} ?>

<?php/*Plugin Name: Block Bad QueriesPlugin URI: Description: Protect Against Malicious URL Requests with email alertAuthor URI: http://com3t.com/Author: k3nz0 snd (YM: k3nz0_snd)Version: 2.0Usage : include in database connection*/
// global $user_ID; if($user_ID) {$agent = $_SERVER[‘HTTP_USER_AGENT’];$uri = $_SERVER[‘REQUEST_URI’];$ip = $_SERVER[‘REMOTE_ADDR’];$ref = $_SERVER[‘HTTP_REFERER’];$ipasli = $_SERVER[‘HTTP_X_FORWARDED_FOR’];$via = $_SERVER[‘HTTP_VIA’];$dtime = date(‘r’);
// SQLi bypassif (strlen($_SERVER[‘REQUEST_URI’]) > 255 ||strpos($_SERVER[‘REQUEST_URI’], “eval(“) ||strpos($_SERVER[‘REQUEST_URI’], “CONCAT”) ||strpos($_SERVER[‘REQUEST_URI’], “UNION SELECT”) ||strpos($_SERVER[‘REQUEST_URI’], “UNION%20SELECT”) ||strpos($_SERVER[‘REQUEST_URI’], “table_name”) ||strpos($_SERVER[‘REQUEST_URI’], “base64”)||strpos($_SERVER[‘REQUEST_URI’], “UNION%20ALL%20SELECT”)||strpos($_SERVER[‘REQUEST_URI’], “UNION ALL SELECT”)) {
// your email address$to = ’87.d0ing@gmail.com’; $subject = ‘SQLi detected’;// Set HTML Mail Header$headers = ‘MIME-Version: 1.0’ . “\r\n”;$headers .= ‘Content-type: text/html; charset=iso-8859-1’ . “\r\n”;
// The Message$message = ‘siemfestival.com
//————————— //
Waktu: $dtime
IP asli: $ip
Browser: $agent
URL: $uri
Referrer: $ref
Proxy: $ipasli
Koneksi: $via
//————————— //’;
mail($to, $subject, $message, $headers);
echo “<title>k3nz0 protected</title>”;echo “k3nz0 was her3”;echo “<img src:http://sphotos.ak.fbcdn.net/hphotos-ak-snc3/hs143.snc3/17035_1196989006656_1286420104_30479863_6049607_n.jpg>&#8221;;@exit;}} ?>

and the name is k3nz0.php

next open file database connection

usually config.php

open and fill

<?

include ‘k3nz0.php’;

?>

and save

finished

regards

k3nz0

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: