1<?php if (!defined('BB2_CORE')) die('I said no cheating!'); 2 3function bb2_blacklist($package) { 4 5 // Blacklisted user agents 6 // These user agent strings occur at the beginning of the line. 7 $bb2_spambots_0 = array( 8 "<sc", // XSS exploit attempts 9 "8484 Boston Project", // video poker/porn spam 10 "adwords", // referrer spam 11 "autoemailspider", // spam harvester 12 "blogsearchbot-martin", // from honeypot 13 "CherryPicker", // spam harvester 14 "core-project/", // FrontPage extension exploits 15 "Diamond", // delivers spyware/adware 16 "Digger", // spam harvester 17 "ecollector", // spam harvester 18 "EmailCollector", // spam harvester 19 "Email Siphon", // spam harvester 20 "EmailSiphon", // spam harvester 21 "grub crawler", // misc comment/email spam 22 "HttpProxy", // misc comment/email spam 23 "Internet Explorer", // XMLRPC exploits seen 24 "ISC Systems iRc", // spam harvester 25 "Jakarta Commons", // custommised spambots 26 "Java 1.", // definitely a spammer 27 "Java/1.", // definitely a spammer 28 "libwww-perl", // spambot scripts 29 "LWP", // spambot scripts 30 "Microsoft URL", // spam harvester 31 "Missigua", // spam harvester 32 "MJ12bot/v1.0.8", // malicious botnet 33 "Movable Type", // customised spambots 34 //"Mozilla ", // malicious software 35 "Mozilla/2", // malicious software 36 "Mozilla/4.0(", // from honeypot 37 "Mozilla/4.0+(compatible;+", // suspicious harvester 38 "MSIE", // malicious software 39 "NutchCVS", // unidentified robots 40 "Nutscrape/", // misc comment spam 41 "OmniExplorer", // spam harvester 42 "psycheclone", // spam harvester 43 "PussyCat ", // misc comment spam 44 "PycURL", // misc comment spam 45// "Shockwave Flash", // spam harvester 46// WP 2.5 now has Flash; FIXME 47 "Super Happy Fun ", // spam harvester 48 "TrackBack/", // trackback spam 49 "user", // suspicious harvester 50 "User Agent: ", // spam harvester 51 "User-Agent: ", // spam harvester 52 "WebSite-X Suite", // misc comment spam 53 "Winnie Poh", // Automated Coppermine hacks 54 "Wordpress", // malicious software 55 "\"", // malicious software 56 ); 57 58 // These user agent strings occur anywhere within the line. 59 $bb2_spambots = array( 60 "\r", // A really dumb bot 61 "; Widows ", // misc comment/email spam 62 "a href=", // referrer spam 63 "Bad Behavior Test", // Add this to your user-agent to test BB 64 "compatible ; MSIE", // misc comment/email spam 65 "compatible-", // misc comment/email spam 66 "DTS Agent", // misc comment/email spam 67 "Email Extractor", // spam harvester 68 "Gecko/25", // revisit this in 500 years 69 "grub-client", // search engine ignores robots.txt 70 "hanzoweb", // very badly behaved crawler 71 "Indy Library", // misc comment/email spam 72 "larbin@unspecified", // stealth harvesters 73 "Murzillo compatible", // comment spam bot 74 ".NET CLR 1)", // free poker, etc. 75 "POE-Component-Client", // free poker, etc. 76 "Turing Machine", // www.anonymizer.com abuse 77 "User-agent: ", // spam harvester/splogger 78 "WebaltBot", // spam harvester 79 "WISEbot", // spam harvester 80 "WISEnutbot", // spam harvester 81 "Windows NT 4.0;)", // wikispam bot 82 "Windows NT 5.0;)", // wikispam bot 83 "Windows NT 5.1;)", // wikispam bot 84 "Windows XP 5", // spam harvester 85 "WordPress/4.01", // pingback spam 86 "\\\\)", // spam harvester 87 ); 88 89 // These are regular expression matches. 90 $bb2_spambots_regex = array( 91 "/^[A-Z]{10}$/", // misc email spam 92// msnbot is using this fake user agent string now 93// "/^Mozilla...[05]$/i", // fake user agent/email spam 94 "/[bcdfghjklmnpqrstvwxz ]{8,}/", 95// "/(;\){1,2}$/", // misc spammers/harvesters 96// "/MSIE.*Windows XP/", // misc comment spam 97 ); 98 99 // Do not edit below this line. 100 101 @$ua = $package['headers_mixed']['User-Agent']; 102 103 foreach ($bb2_spambots_0 as $spambot) { 104 $pos = strpos($ua, $spambot); 105 if ($pos !== FALSE && $pos == 0) { 106 return "17f4e8c8"; 107 } 108 } 109 110 foreach ($bb2_spambots as $spambot) { 111 if (strpos($ua, $spambot) !== FALSE) { 112 return "17f4e8c8"; 113 } 114 } 115 116 foreach ($bb2_spambots_regex as $spambot) { 117 if (preg_match($spambot, $ua)) { 118 return "17f4e8c8"; 119 } 120 } 121 122 return FALSE; 123} 124 125?> 126