Full Disclosure mailing list archives

Re: Code for ban IP adresses inmediately

From: Valdis.Kletnieks () vt edu
Date: Sat, 11 Oct 2003 11:26:10 -0400

On Sat, 11 Oct 2003 16:19:10 +0200, Lorenzo Hernandez Garcia-Hierro said:

  if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $clip = $_SERVER['HTTP_X_FORWARDED_FOR'];
  }
  elseif (isset($_SERVER['HTTP_VIA'])) {
    $clip = $_SERVER['HTTP_VIA'];
  }

(more code snipped).

Soooo... let's see... if I feed this thing something that has *both*
a legitimate X_FORWARDED_FOR and a malicious VIA, this code
will only check the FORWARDED.  I think you really wanted to do

for i in (FORWARDED VIA REMOTE_ADDR) do
        if (isset($_server($i)) banit($_server($i)....)
done

or however you do it in PHP.

Attachment: _bin
Description:

Current thread:

Code for ban IP adresses inmediately Lorenzo Hernandez Garcia-Hierro (Oct 11)
- Re: Code for ban IP adresses inmediately Valdis . Kletnieks (Oct 11)