Bad Behavior - Version 2.2.12

Version Description

Release Info

Developer	error
Plugin	Bad Behavior
Version	2.2.12
Comparing to
See all releases

Code changes from version 2.2.11 to 2.2.12

Files changed (5) hide show

README.txt +8 -11
bad-behavior-wordpress.php +1 -1
bad-behavior/blacklist.inc.php +0 -3
bad-behavior/core.inc.php +8 -1
bad-behavior/searchengine.inc.php +23 -6

README.txt CHANGED Viewed

	@@ -1,10 +1,10 @@
1	=== Bad Behavior ===
2	Tags: comment,trackback,referrer,spam,robot,antispam
3	- Contributors: error~~, markjaquith, skeltoac~~
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5	Requires at least: 3.1
6	Tested up to: 3.4.2
7	- Stable tag: 2.2.11
8
9	Bad Behavior prevents spammers from ever delivering their junk, and in many
10	cases, from ever reading your site in the first place.
	@@ -87,10 +87,12 @@ block reason to filter results.
87
88	== Release Notes ==
89
90	- = Bad Behavior 2.0 Known Issues =
91
92	- * Bad Behavior 2.0 requires MySQL 4.1 or later and PHP 4.3 or later. ~~Bad~~
93	- ~~Behavior 2.1 requires MySQL 5.0 or later and PHP 5.2 or later.~~


94
95	* Bad Behavior is unable to protect internally cached pages on MediaWiki.
96	Only form submissions will be protected.
	@@ -100,7 +102,7 @@ you must remove the old version of Bad Behavior from your system manually
100	before manually installing the new version. Other platforms are not
101	affected by this issue.
102
103	- * Bad Behavior on WordPress requires version 2.7 or later. Users of older
104	versions should upgrade WordPress prior to installing Bad Behavior.
105
106	* On WordPress when using WP-Super Cache, Bad Behavior must be enabled in
	@@ -113,8 +115,3 @@ warnings when Spam Karma 2 displays its internally generated CAPTCHA. This
113	is a design problem in Spam Karma 2. Contact the author of Spam Karma 2 for
114	a fix.
115
116	- == Upgrade Notice ==
117	-
118	- = 2.0.40 =
119	-
120	- This release fixes a security issue. Upgrade as soon as possible.


1	=== Bad Behavior ===
2	Tags: comment,trackback,referrer,spam,robot,antispam
3	+ Contributors: error
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5	Requires at least: 3.1
6	Tested up to: 3.4.2
7	+ Stable tag: 2.2.12
8
9	Bad Behavior prevents spammers from ever delivering their junk, and in many
10	cases, from ever reading your site in the first place.

87
88	== Release Notes ==
89
90	+ = Bad Behavior 2.2 Known Issues =
91
92	+ * Bad Behavior 2.2 requires MySQL 5.0 or later and PHP 5.2 or later.
93	+
94	+ * CloudFlare users must enable the Reverse Proxy option in Bad Behavior's
95	+ settings. See the documentation for further details.
96
97	* Bad Behavior is unable to protect internally cached pages on MediaWiki.
98	Only form submissions will be protected.

102	before manually installing the new version. Other platforms are not
103	affected by this issue.
104
105	+ * Bad Behavior on WordPress requires version 3.1 or later. Users of older
106	versions should upgrade WordPress prior to installing Bad Behavior.
107
108	* On WordPress when using WP-Super Cache, Bad Behavior must be enabled in

115	is a design problem in Spam Karma 2. Contact the author of Spam Karma 2 for
116	a fix.
117

bad-behavior-wordpress.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	<?php
2	/*
3	Plugin Name: Bad Behavior
4	- Version: 2.2.11
5	Description: Deny automated spambots access to your PHP-based Web site.
6	Plugin URI: http://bad-behavior.ioerror.us/
7	Author: Michael Hampton


1	<?php
2	/*
3	Plugin Name: Bad Behavior
4	+ Version: 2.2.12
5	Description: Deny automated spambots access to your PHP-based Web site.
6	Plugin URI: http://bad-behavior.ioerror.us/
7	Author: Michael Hampton

bad-behavior/blacklist.inc.php CHANGED Viewed

	@@ -140,9 +140,6 @@ function bb2_blacklist($package) {
140	"..\\", // path traversal
141	"%60information_schema%60", // SQL injection probe
142	"+%2F*%21", // SQL injection probe
143	- "+and+%", // SQL injection probe
144	- "+and+1%", // SQL injection probe
145	- "+and+if", // SQL injection probe
146	"%27--", // SQL injection
147	"%27 --", // SQL injection
148	"%27%23", // SQL injection


140	"..\\", // path traversal
141	"%60information_schema%60", // SQL injection probe
142	"+%2F*%21", // SQL injection probe



143	"%27--", // SQL injection
144	"%27 --", // SQL injection
145	"%27%23", // SQL injection

bad-behavior/core.inc.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php if (!defined('BB2_CWD')) die("I said no cheating!");
2	- define('BB2_VERSION', "2.2.11");
3
4	// Bad Behavior entry point is bb2_start()
5	// If you're reading this, you are probably lost.
	@@ -165,6 +165,13 @@ function bb2_screen($settings, $package)
165	return $r;
166	}
167	return false;







168	}
169	// MSIE checks
170	if (stripos($ua, "; MSIE") !== FALSE) {


1	<?php if (!defined('BB2_CWD')) die("I said no cheating!");
2	+ define('BB2_VERSION', "2.2.12");
3
4	// Bad Behavior entry point is bb2_start()
5	// If you're reading this, you are probably lost.

165	return $r;
166	}
167	return false;
168	+ } elseif (stripos($ua, "Yahoo! Slurp") !== FALSE \|\| stripos($ua, "Yahoo! SearchMonkey") !== FALSE) {
169	+ require_once(BB2_CORE . "/searchengine.inc.php");
170	+ if ($r = bb2_baidu($package)) {
171	+ if ($r == 1) return false; # whitelisted
172	+ return $r;
173	+ }
174	+ return false;
175	}
176	// MSIE checks
177	if (stripos($ua, "; MSIE") !== FALSE) {

bad-behavior/searchengine.inc.php CHANGED Viewed

	@@ -6,40 +6,57 @@ require_once(BB2_CORE . "/roundtripdns.inc.php");
6
7	function bb2_google($package)
8	{

9	if (match_cidr($package['ip'], array("66.249.64.0/19", "64.233.160.0/19", "72.14.192.0/18", "203.208.32.0/19", "74.125.0.0/16", "216.239.32.0/19", "209.85.128.0/17")) === FALSE) {
10	- return ~~"f1182195"~~;

11	}
12	# Disabled due to http://bugs.php.net/bug.php?id=53092
13	# if (!bb2_roundtripdns($package['ip'], "googlebot.com")) {
14	# return "f1182195";
15	# }
16	- return ~~false~~;
17	}
18
19	// Analyze user agents claiming to be msnbot
20
21	function bb2_msnbot($package)
22	{

23	if (match_cidr($package['ip'], array("207.46.0.0/16", "65.52.0.0/14", "207.68.128.0/18", "207.68.192.0/20", "64.4.0.0/18", "157.54.0.0/15", "157.60.0.0/16", "157.56.0.0/14", "131.253.21.0/24", "131.253.22.0/23", "131.253.24.0/21", "131.253.32.0/20")) === FALSE) {
24	- return ~~"e4de0453"~~;

25	}
26	# Disabled due to http://bugs.php.net/bug.php?id=53092
27	# if (!bb2_roundtripdns($package['ip'], "msn.com")) {
28	# return "e4de0453";
29	# }
30	- return ~~false~~;
31	}
32
33	// Analyze user agents claiming to be Yahoo!
34
35	function bb2_yahoo($package)
36	{

37	if (match_cidr($package['ip'], array("202.160.176.0/20", "67.195.0.0/16", "203.209.252.0/24", "72.30.0.0/16", "98.136.0.0/14", "74.6.0.0/16")) === FALSE) {
38	- return ~~'71436a15'~~;

39	}
40	# Disabled due to http://bugs.php.net/bug.php?id=53092
41	# if (!bb2_roundtripdns($package['ip'], "crawl.yahoo.net")) {
42	# return "71436a15";
43	# }
44	- return ~~false~~;











45	}


6
7	function bb2_google($package)
8	{
9	+ if (@is_ipv6($package['ip'])) return false; # TODO
10	if (match_cidr($package['ip'], array("66.249.64.0/19", "64.233.160.0/19", "72.14.192.0/18", "203.208.32.0/19", "74.125.0.0/16", "216.239.32.0/19", "209.85.128.0/17")) === FALSE) {
11	+ return false; # Soft fail, must pass other screening
12	+ #return "f1182195"; # Hard fail
13	}
14	# Disabled due to http://bugs.php.net/bug.php?id=53092
15	# if (!bb2_roundtripdns($package['ip'], "googlebot.com")) {
16	# return "f1182195";
17	# }
18	+ return 1; # Real Googlebot; bypass all other checks
19	}
20
21	// Analyze user agents claiming to be msnbot
22
23	function bb2_msnbot($package)
24	{
25	+ if (@is_ipv6($package['ip'])) return false; # TODO
26	if (match_cidr($package['ip'], array("207.46.0.0/16", "65.52.0.0/14", "207.68.128.0/18", "207.68.192.0/20", "64.4.0.0/18", "157.54.0.0/15", "157.60.0.0/16", "157.56.0.0/14", "131.253.21.0/24", "131.253.22.0/23", "131.253.24.0/21", "131.253.32.0/20")) === FALSE) {
27	+ return false; # Soft fail, must pass other screening
28	+ #return "e4de0453"; # Hard fail
29	}
30	# Disabled due to http://bugs.php.net/bug.php?id=53092
31	# if (!bb2_roundtripdns($package['ip'], "msn.com")) {
32	# return "e4de0453";
33	# }
34	+ return 1; # Real msnbot; bypass all other checks
35	}
36
37	// Analyze user agents claiming to be Yahoo!
38
39	function bb2_yahoo($package)
40	{
41	+ if (@is_ipv6($package['ip'])) return false; # TODO
42	if (match_cidr($package['ip'], array("202.160.176.0/20", "67.195.0.0/16", "203.209.252.0/24", "72.30.0.0/16", "98.136.0.0/14", "74.6.0.0/16")) === FALSE) {
43	+ return false; # Soft fail, must pass other screening
44	+ #return '71436a15'; # Hard fail
45	}
46	# Disabled due to http://bugs.php.net/bug.php?id=53092
47	# if (!bb2_roundtripdns($package['ip'], "crawl.yahoo.net")) {
48	# return "71436a15";
49	# }
50	+ return 1; # Real Yahoo bot; bypass all other checks
51	+ }
52	+
53	+ // Analyze user agents claiming to be Baidu
54	+
55	+ function bb2_baidu($package)
56	+ {
57	+ if (@is_ipv6($package['ip'])) return false; # TODO
58	+ if (match_cidr($package['ip'], array("119.63.192.0/21", "123.125.71.0/24", "180.76.0.0/16", "220.181.0.0/16")) === FALSE) {
59	+ return false; # Soft fail, must pass other screening
60	+ }
61	+ return 1; # Real Baidu bot; bypass all other checks
62	}