1  <?php
2  // Filename index.php
3  // Function - See who's trying to hack your database files
4  //
5  // Script sends you an email if someone points their browser
6  // to your incs/ directory
7  //
8  // updated 10-07-2000
9  // -- added changelog the this file
10  //
11 
12 
13  /*
14  You will need to modify the $send_email and $email_admin
15  */
16  /* This code was pulled from various PHP script example sites */
17 
18  if($HTTP_SERVER_VARS["argc"] != 0) // If someone is trying to pass an argument
19  Header("Location: $PHP_SELF"); // Then reload the page argument-free
20 
21  echo "ERROR: Can't find database.";
22 
23  if(strstr($HTTP_USER_AGENT,'Win')) {
24          $BROWSER_PLATFORM="Windows BOX";
25  } else if(strstr($HTTP_USER_AGENT,'Win')) {
26          $BROWSER_PLATFORM="Windows BOX";
27  } else if(strstr($HTTP_USER_AGENT,'Mac')) {
28          $BROWSER_PLATFORM="Mac";
29  } else if(strstr($HTTP_USER_AGENT,'Linux')) {
30          $BROWSER_PLATFORM="Linux";
31  } else if(strstr($HTTP_USER_AGENT,'Unix')) {
32          $BROWSER_PLATFORM="UNIX BOX";
33  } else {
34          $BROWSER_PLATFORM="Other";
35  }
36 
37 
38  $infraction_subject = "INVALID DIR ACCESS Attempt ";
39  $infraction = "INVALID DIRECTORY ACCESS Attempted!!!";
40  $send_email = 0; // 0 NO, 1 YES
41  $email_admin = "root@localhost";
42 
43  if($send_email == "1") {
44 
45      $to = $email_admin;
46      $from = "HACKER@". $REMOTE_ADDR;
47      $subject = $infraction_subject . "From" . $REMOTE_ADDR;
48      $message = "\tSome one at" . $REMOTE_ADDR . "Did: " . $infraction . "\n";
49      $message .= " Using : " . $HTTP_USER_AGENT . " on : " . date("dS of F Y h:i:s A");
50 
51      mail("$to","$subject","$message","From:$from\nReply-To: $from");
52  }
53 
54  $logfile = "../logs/log.txt";
55  $badiplogfile = "../logs/badiplog.txt";
56 
57  // Log Infraction
58 
59  if(file_exists($logfile)) {
60 
61    $myfile = fopen($logfile,"a");
62    fputs($myfile,$BROWSER_PLATFORM."|".$HTTP_USER_AGENT."|".$REMOTE_ADDR."|".date("dS of F Y h:i:s A")."|"."$infraction"."\n");
63    fclose($myfile);
64 
65  } else {
66 
67    $myfile = fopen($logfile,"w");
68    fputs($myfile,$BROWSER_PLATFORM."|".$HTTP_USER_AGENT."|".$REMOTE_ADDR."|".date("dS of F Y h:i:s A")."|"."$infraction"."\n");
69    fclose($myfile);
70 
71  }
72 
73  // Log IP address date and time
74 
75  if(file_exists($badlogfile)) {
76 
77    $myfile = fopen($badiplogfile,"a");
78    fputs($myfile,$BROWSER_PLATFORM."|".$HTTP_USER_AGENT."|".$REMOTE_ADDR."|".date("dS of F Y h:i:s A")."|"."Watch this: IP ADDRESS"."\n");
79    fclose($myfile);
80 
81  } else {
82 
83    $myfile = fopen($badiplogfile,"w");
84    fputs($myfile,$BROWSER_PLATFORM."|".$HTTP_USER_AGENT."|".$REMOTE_ADDR."|".date("dS of F Y h:i:s A")."|"."Watch this: IP ADDRESS"."\n");
85    fclose($myfile);
86 
87  }
88 
89 
90 
91  ?>
92 
93