Categories

LinkedIn

Jonathan Anders

Share

Share|

Recent Comments

Proxy Detection

This is a proxy scanning script designed to be embedded into any of your current PHP-based websites.

How it Works

This script will scan a remote host (whoever is visiting the specific page) for a predetermined list of ports. No protocol interaction happens but if the port is open, then the user is redirected to another page of your choosing.

Along with this, you can add allowed and disallowed hosts to the script.

Code

< ?php
# This is the list of ports to scan on the remote host.
$Ports = array('1080', '8080', '8000', '3128', '8888', '23', '80', '8081');
 
# For the allowed and disallowed hosts, you can use 
# wildcard expressions. For example:
# *.google.com - Would validate true for any google.com subdomain but not the main domain.
# *.edu - Would validate true for any domain ending in .edu.
# data*ogik.org - Would validate true for a domain containing data and ogik.org in the domain.
# *aol* - Would validate true for any hostname containing the string 'aol'.
#
# If in the event that a host evaluates to true for both allowed
# and disallowed hosts, the allowed hosts always trumps the disallowed host.

# This is the list of allowed hosts. 
$AllowedHosts = array('*.edu', '*.google.com', 'test.com', 'datalogik.org');
 
# This is the list of disallowed hosts.
$DisallowedHosts = array('*.msn.com', '*aol*', '*.gov');
 
# Redirect to this site if either a bad port or disallowed host was found.
$Redirect = "http://www.google.com";
 
# Get the remote hostname
$Host = $REMOTE_ADDR;
 
# Set flags which will be used later
$RedirectFlag = 0;
$AllowFlag = 0;
 
# Check allowed hosts list and bypass the scan if they are in the list
foreach ($AllowedHosts as $AllowedHost) {
  if ($AllowFlag == 0)
    if (fnmatch($AllowedHost, $Host) == true)
      $AllowFlag = 1;
}
 
# Check the disallowed hosts list and set flag.
foreach ($DisallowedHosts as $DisallowedHost) {
  if ($RedirectFlag == 0)
    if (fnmatch($DisallowedHost, $Host) == true)
      $RedirectFlag = 1;
}
 
# If the allow flag is set, we stop the check.  
if ($AllowFlag == 1) { return; }
 
# If the redirect flag is set, we redirect and stop.
if ($RedirectFlag == 1) {
  header ("Location: $Redirect");
  return;
}
 
# If neither flag is set, then we start the port scan.
if (($RedirectFlag == 0) && ($AllowFlag == 0)) {
  foreach ($Ports as $Port) {
    if (($fp = @fsockopen($Host, $Port, $errno, $errstr)) == true) {
      header ("Location: $Redirect");
      fclose($fp);
    }
  }
}
?>

How to Use

Add the following line to any current PHP-based webpage you wish to add security to.
This assumes that “proxy.php” is the name of the file.

include ("proxy.php");

Notice

This code was created on 12/1/2002 and has recently been updated and revamped from the original. I am posting this information here for easier access for users. Use at your own risk.

Popularity: 2% [?]

Leave a Reply

Your email address will not be published. Required fields are marked *

*

CAPTCHA Image

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">

Spam protection by WP Captcha-Free

Copyright © 2002-2011 Jonathan Anders. All Rights Reserved.