[PHP] AntiDOS Script 07-21-2011, 05:01 PM
#1
My friend give me this AntiDos script, but i am not sure it will works...
Try it..
Try it..
PHP Code:
<?php
///////////////////////////////////////////////////////////
Antiddos PHP Skripta, by Serbian Cyber Team === === It is BEST to use AntiDDOS on VPS or Dedicated Servers...
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
*/
$debug = false; // debug mode, disabled ban, Jednostavno pokazuje dali je ip bio banovan ili nije.
if ($debug) error_reporting(E_ALL);
else error_reporting(0);
/* Possible values - $ddos 1-5:
| 1. Check withcookies
| 2. Duble check $_GET antiddos-a i meta refresh-a
| 3. Request for WWW-Authenticate
| 4. Disable all, but BOT's can not disable..
| 5. Turn off site if it is big BUG.
*/
$ddos = 1;
$log = false;
$dir = dirname(__file__) . '/cyki_bots/'; //DDOS l
$ddos_redirect_host = 'http://google.com/'; // Forwarding DDOS-a
$icq = '123456'; //Admins ICQ
$off_message = 'BUG.'; //
$anticyka = md5(sha1('botik' . strrev(getenv('HTTP_USER_AGENT'))));
$ban_message = 'You have been banned, try to contact administrator admin@hackcomunity.com' .
$icq . '<hr>(c)XakNet antiddos module'; // Ban msg
$exec_ban = "iptables -A INPUT -s " . $_SERVER["REMOTE_ADDR"] . " -j DROP"; // ôûѠiptables(Debian/ubuntu/etc)
$load = sys_getloadavg(); // Funkcija za preuzimanje opterecenja \=\
$ddosuser = 'lol_ddos';
$ddospass = substr(ip2long($_SERVER['REMOTE_ADDR']), 0, rand(2, 4));
//nije testirano //Check:
$google = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "googlebot.com") !== false;
$yandex = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "yandex.ru") !== false;
$rambler = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "ramtel.ru") !== false;
$rambler2 = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "rambler.ru") !== false;
$aport = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "aport.ru") !== false;
$sape = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "sape.ru") !== false;
$msn = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "msn.com") !== false;
$yahoo = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "yahoo.net") !== false;
//
if(!file_exists($dir . 'banned_ips')) file_put_contents($dir . 'banned_ips', '');
if (strstr(file_get_contents($dir . 'banned_ips'), $_SERVER['REMOTE_ADDR']))
die($ban_message); //GTFO )
if (! $google || ! $yandex || ! $rambler || ! $rambler2 || ! $aport || ! $sape ||
! $msn || ! $yahoo) {
$f = fopen($dir . $_SERVER["REMOTE_ADDR"], "a");
fwrite($f, "zapros cyka\n");
fclose($f);
function ban()
{
if (! system($exec_ban)) {
$f = fopen($dir . 'banned_ips', "a");
fwrite($f, $_SERVER['REMOTE_ADDR'] . '|');
fclose($f);
}
echo $ban_message;
header('Location: ' . $ddos_redirect_host . '');
die();
}
switch ($ddos) {
///////////////////////////
case 1:
if (empty($_COOKIE['ddos']) or ! $_COOKIE['ddos']) {
$counter = @file($dir . $_SERVER["REMOTE_ADDR"]);
setcookie('ddos', $anticyka, time() + 3600 * 24 * 7 * 356);
if (count($counter) > 10) {
if (! $debug) ban();
else die("Blocked");
}
if (! $_COOKIE['ddos_log'] == 'bil') {
if (! $_GET['antiddos'] == 1) {
setcookie('ddos_log', 'bil', time() + 3600 * 24 * 7 * 356);
header("Location: ./?antiddos=1");
}
}
} elseif ($_COOKIE['ddos'] !== $anticyka) {
if (! $debug) ban();
else die("Blocked.");
}
break;
/////////////////////////
case 2:
if (empty($_COOKIE['ddos'])) {
if (empty($_GET['antiddos'])) {
if (! $_COOKIE['ddos_log'] == 'bil')
//Checking cookies for request
die('<meta http-equiv="refresh" content="0;URL=?antiddos=' . $anticyka . '" />');
} elseif ($_GET['antiddos'] == $anticyka) {
setcookie('ddos', $anticyka, time() + 3600 * 24 * 7 * 356);
setcookie('ddos_log', 'bil', time() + 3600 * 24 * 7 * 356);
}
else {
if (! $debug) {
ban();
die("Forward line of adress");
}
else {
echo "Forward line of adress";
die("Blocked.");
}
}
}
break;
case 3:
if (! isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] !== $ddosuser ||
$_SERVER['PHP_AUTH_PW'] !== $ddospass) {
header('WWW-Authenticate: Basic realm="Vvedite parol\': ' . $ddospass .
' | Login: ' . $ddosuser . '"');
header('HTTP/1.0 401 Unauthorized');
if (! $debug) ban();
else die("Blocked");
die("<h1>401 Unauthorized</h1>");
}
break;
case 4:
die($off_message); //Site turned off
break;
case 5:
if ($load[0] > 80) {
header('HTTP/1.1 503 Too busy, try again later');
die('<center><h1>503 Server too busy.</h1></center><hr><small><i>Server too busy. Please try again later. Apache server on ' .
$_SERVER['HTTP_HOST'] .
' at port 80 with <a href="http://serbiancyberteam.com/">ddos protect</a></i></small>');
}
break;
default:
break;
//////////////////////////
}
if ($_COOKIE['ddos'] == $anticyka) @unlink($dir . $_SERVER["REMOTE_ADDR"]);
}
......................................................................................
//////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////By SCT////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////
......................................................................................
?>![[Image: 1308031172619.gif?w=356&h=140]](http://thechive.files.wordpress.com/2011/06/1308031172619.gif?w=356&h=140)
Don't learn to hack, hack to learn.
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
![[Image: 5Y220l1.png]](http://imgur.com/5Y220l1.png)
