Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: Code for ban IP adresses inmediately
From: Valdis.Kletnieks () vt edu
Date: Sat, 11 Oct 2003 11:26:10 -0400
On Sat, 11 Oct 2003 16:19:10 +0200, Lorenzo Hernandez Garcia-Hierro said:


  if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $clip = $_SERVER['HTTP_X_FORWARDED_FOR'];
  }
  elseif (isset($_SERVER['HTTP_VIA'])) {
    $clip = $_SERVER['HTTP_VIA'];
  }

(more code snipped).

Soooo... let's see... if I feed this thing something that has *both*
a legitimate X_FORWARDED_FOR and a malicious VIA, this code
will only check the FORWARDED.  I think you really wanted to do

for i in (FORWARDED VIA REMOTE_ADDR) do
        if (isset($_server($i)) banit($_server($i)....)
done

or however you do it in PHP.

Attachment: _bin
Description:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]