Version: 1.0.2, by Onur
Developer Last Online: Apr 2015
Version: 3.5.4
Rating:
Released: 03-09-2006
Last Update: 05-15-2006
Installs: 84
Uses Plugins
Additional Files
No support by the author.
CrackerTracker
this is a port from the standalone system of the Cback.de CrackerTracker (was original made for phpBB) to an Product for vB
Description
this hack search in the requeststring for definied codeparts, is found any hit the skript was die and send a little massage
in addition of security this simply skript discharged the server by automatic attacks from botskripts if the definations have a hit in the requests
Instructions Install
upload the /elog/ directory and set the CHMOD of counter.txt and logfile_injects.txt to 666, this is only to log blocked requests
if you not want to have writeable files on youre server this hack works without logging too and you can leave this part
at last install the CrackerTracker100-product.xml
Update
uninstall product of v100
reinstall new product of v101
Uninstall
uninstall the CrackerTracker100-product.xml
upload thedelete /elog/ directory
Credits & Information
i have only port this hack to a Plugin
Authorof the Hack is Cback from www.cback.de
only restraint of Cback is the Copyright in the footer
(i hope my english was understandable )
History
10/03/06 Release 1.0.0
15/05/06 Release 1.0.1
new searchpattern and handfull old replaced
little codemodifications
15/05/06 Release 1.0.2
one typo in list (missing ",")
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
@sandalwood
1. no, on this hook are no userinfo avalible
2. this is possible at next release
ok i understand, thats too bad. though the ip address is known, and only one user will have been logged in using that ip address at that time, so perhaps you can somehow set another hook later so WHEN we do know the username, you can have a little check in there that will record it to file.
i know this would only matter for attacks from users, and that many attacks are not even from users, or from people who never log in. but some are
when the incident happens, record what we know, perhaps with ip address, and the set a variable like "intrusion_detected = 1" sort of thing. then in a separate hook at some point where we know the user logged in and we have username, check that variable, and if intrusion_detected is set, then record their username/ip to the file, so that way we can cross-reference it or something.
isn't there some kind of global variable that can be used? how does that work.
also, even if you can't do the second part, why not record the IP address at least. that way we can manually cross reference it, just search for the ip in the admin console and that will show us what user(s) have used that ip.
thanks
ps. this has never tripped for me except in testing. i guess most attacks are not in the URL part but in post string.
Hi
onur hocam bu eklenti hakkında saldırıları engelliyor gibisinden duyumlar aldık Bu hack forum hacklama icin kullanilan bircok tehliklei scriptleri önlüyor hemde daha database ulasmadan önlüyor.
Böylece hem sunucunun gereksiz yere mesgul edilmesini hemde bircok tehlikle scriptlerin databaseinizi cökertmesii önleyen cok iyi bir korunma yöntemi.
bu şekilde bir arkadaş konu açtı vb turkiye'de yardımclı olup ne işe yaradığı hakkında türkçe açıklamasını yaparsan sevinirim..
kolay gelsin
Cracker Tracker Details »»
About Developer
Uses Plugins 
No support by the author.
)
04-17-2006, 07:30 AM
