[Summary view] [Print] [Text view]

   1  <?php if (!defined('BB2_CORE')) die('I said no cheating!');
   2  
   3  function bb2_blacklist($package) {
   4  
   5      // Blacklisted user agents
   6      // These user agent strings occur at the beginning of the line.
   7      $bb2_spambots_0 = array(
   8          "<sc",            // XSS exploit attempts
   9          "8484 Boston Project",    // video poker/porn spam
  10          "adwords",        // referrer spam
  11          "autoemailspider",    // spam harvester
  12          "blogsearchbot-martin",    // from honeypot
  13          "CherryPicker",        // spam harvester
  14          "core-project/",    // FrontPage extension exploits
  15          "Diamond",        // delivers spyware/adware
  16          "Digger",        // spam harvester
  17          "ecollector",        // spam harvester
  18          "EmailCollector",    // spam harvester
  19          "Email Siphon",        // spam harvester
  20          "EmailSiphon",        // spam harvester
  21          "grub crawler",        // misc comment/email spam
  22          "HttpProxy",        // misc comment/email spam
  23          "Internet Explorer",    // XMLRPC exploits seen
  24          "ISC Systems iRc",    // spam harvester
  25          "Jakarta Commons",    // custommised spambots
  26          "Java 1.",        // definitely a spammer
  27          "Java/1.",        // definitely a spammer
  28          "libwww-perl",        // spambot scripts
  29          "LWP",            // spambot scripts
  30          "Microsoft URL",    // spam harvester
  31          "Missigua",        // spam harvester
  32          "MJ12bot/v1.0.8",    // malicious botnet
  33          "Movable Type",        // customised spambots
  34          "Mozilla ",        // malicious software
  35          "Mozilla/2",        // malicious software
  36          "Mozilla/4.0(",        // from honeypot
  37          "Mozilla/4.0+(",    // suspicious harvester
  38          "MSIE",            // malicious software
  39          "NutchCVS",        // unidentified robots
  40          "Nutscrape/",        // misc comment spam
  41          "OmniExplorer",        // spam harvester
  42          "psycheclone",        // spam harvester
  43          "PussyCat ",        // misc comment spam
  44          "PycURL",        // misc comment spam
  45  //        "Shockwave Flash",    // spam harvester
  46  //        WP 2.5 now has Flash; FIXME
  47          "Super Happy Fun ",    // spam harvester
  48          "TrackBack/",        // trackback spam
  49          "user",            // suspicious harvester
  50          "User Agent: ",        // spam harvester
  51          "User-Agent: ",        // spam harvester
  52          "WebSite-X Suite",    // misc comment spam
  53          "Winnie Poh",        // Automated Coppermine hacks
  54          "Wordpress",        // malicious software
  55          "\"",            // malicious software
  56      );
  57  
  58      // These user agent strings occur anywhere within the line.
  59      $bb2_spambots = array(
  60          "\r",            // A really dumb bot
  61          "; Widows ",        // misc comment/email spam
  62          "a href=",        // referrer spam
  63          "Bad Behavior Test",    // Add this to your user-agent to test BB
  64          "compatible ; MSIE",    // misc comment/email spam
  65          "compatible-",        // misc comment/email spam
  66          "DTS Agent",        // misc comment/email spam
  67          "Email Extractor",    // spam harvester
  68          "Gecko/25",        // revisit this in 500 years
  69          "grub-client",        // search engine ignores robots.txt
  70          "hanzoweb",        // very badly behaved crawler
  71          "Indy Library",        // misc comment/email spam
  72          "MSIE 7.0;  Windows NT 5.2",    // Cyveillance
  73          "Murzillo compatible",    // comment spam bot
  74          ".NET CLR 1)",        // free poker, etc.
  75          "POE-Component-Client",    // free poker, etc.
  76          "Turing Machine",    // www.anonymizer.com abuse
  77          "unspecified.mail",    // stealth harvesters
  78          "User-agent: ",        // spam harvester/splogger
  79          "WebaltBot",        // spam harvester
  80          "WISEbot",        // spam harvester
  81          "WISEnutbot",        // spam harvester
  82          "Windows NT 4.0;)",    // wikispam bot
  83          "Windows NT 5.0;)",    // wikispam bot
  84          "Windows NT 5.1;)",    // wikispam bot
  85          "Windows XP 5",        // spam harvester
  86          "WordPress/4.01",    // pingback spam
  87          "Xedant Human Emulator",// spammer script engine
  88          "\\\\)",        // spam harvester
  89      );
  90  
  91      // These are regular expression matches.
  92      $bb2_spambots_regex = array(
  93          "/^[A-Z]{10}$/",    // misc email spam
  94  // msnbot is using this fake user agent string now
  95  //        "/^Mozilla...[05]$/i",    // fake user agent/email spam
  96          "/[bcdfghjklmnpqrstvwxz ]{8,}/",
  97  //        "/(;\){1,2}$/",        // misc spammers/harvesters
  98  //        "/MSIE.*Windows XP/",    // misc comment spam
  99      );
 100  
 101      // Do not edit below this line.
 102  
 103      @$ua = $package['headers_mixed']['User-Agent'];
 104  
 105      foreach ($bb2_spambots_0 as $spambot) {
 106          $pos = strpos($ua, $spambot);
 107          if ($pos !== FALSE && $pos == 0) {
 108              return "17f4e8c8";
 109          }
 110      }
 111  
 112      foreach ($bb2_spambots as $spambot) {
 113          if (strpos($ua, $spambot) !== FALSE) {
 114              return "17f4e8c8";
 115          }
 116      }
 117  
 118      foreach ($bb2_spambots_regex as $spambot) {
 119          if (preg_match($spambot, $ua)) {
 120              return "17f4e8c8";
 121          }
 122      }
 123  
 124      return FALSE;
 125  }
 126  
 127  ?>