From 374883557144bdfa642de89b663351f13291f27c Mon Sep 17 00:00:00 2001 From: Doug Freed Date: Fri, 15 Jan 2016 02:46:47 -0700 Subject: Update web files --- cgi-bin/query.pl | 56 +++++++++++++++++++++---------------------- cgi-bin/secret/investigate.pl | 49 ++++++++++++++++++++----------------- cgi-bin/secret/logs.pl | 22 ++++++++--------- syntax.txt | 51 +++++++++++++++++++++++++++------------ 4 files changed, 102 insertions(+), 76 deletions(-) diff --git a/cgi-bin/query.pl b/cgi-bin/query.pl index 35c2455..eef0b09 100755 --- a/cgi-bin/query.pl +++ b/cgi-bin/query.pl @@ -5,7 +5,7 @@ use Data::Dumper; use strict; use DBI; -use CGI_Lite; +use CGI; use XML::Simple qw(:strict); my $xs1 = XML::Simple->new( KeyAttr => ['id'], Cache => [ qw/memcopy/ ]); @@ -27,10 +27,10 @@ sub esc return $arg; } -my $cgi = new CGI_Lite; -my %data = $cgi->parse_form_data; +my $cgi = CGI->new; +my %data = %{$cgi->{param}}; -$debug = int($data{debug}) if (defined($data{debug})); +$debug = int($data{debug}->[0]) if (defined($data{debug})); if ($debug) { print "Content-type: text/plain", "\n\n"; @@ -45,54 +45,54 @@ my ($level, $id, $reason); my $qry = "SELECT time, channel, nick, user, host, gecos, level, id, reason FROM alertlog WHERE "; -if (defined($data{channel})) { - $qry = $qry . "channel like " . esc($data{channel}); +if (defined($data{channel}->[0])) { + $qry = $qry . "channel like " . esc($data{channel}->[0]); } else { die "channel not defined!\n"; } -if (defined($data{nick}) && ($data{nick} ne "*") && ($data{nick} ne "")) { - $qry .= " and nick like " . esc($data{nick}); +if (defined($data{nick}->[0]) && ($data{nick}->[0] ne "*") && ($data{nick}->[0] ne "")) { + $qry .= " and nick like " . esc($data{nick}->[0]); } -if (defined($data{user}) && ($data{user} ne "*") && ($data{user} ne "")) { - $qry .= " and user like " . esc($data{user}); +if (defined($data{user}->[0]) && ($data{user}->[0] ne "*") && ($data{user}->[0] ne "")) { + $qry .= " and user like " . esc($data{user}->[0]); } -if (defined($data{host}) && ($data{host} ne "*") && ($data{host} ne "")) { - $qry .= " and host like " . esc($data{host}); +if (defined($data{host}->[0]) && ($data{host}->[0] ne "*") && ($data{host}->[0] ne "")) { + $qry .= " and host like " . esc($data{host}->[0]); } -if (defined($data{gecos}) && ($data{gecos} ne "*") && ($data{gecos} ne "")) { - $qry .= " and gecos like " . esc($data{gecos}); +if (defined($data{gecos}->[0]) && ($data{gecos}->[0] ne "*") && ($data{gecos}->[0] ne "")) { + $qry .= " and gecos like " . esc($data{gecos}->[0]); } -if (defined($data{since})) { +if (defined($data{since}->[0])) { $qry .= sprintf("and time > '%04d-%02d-%02d %02d:%02d:%02d'", - int($data{syear}), int($data{smonth}), int($data{sday}), - int($data{shour}), int($data{smin}), int($data{ssec})); + int($data{syear}->[0]), int($data{smonth}->[0]), int($data{sday}->[0]), + int($data{shour}->[0]), int($data{smin}->[0]), int($data{ssec}->[0])); } -if (defined($data{before})) { +if (defined($data{before}->[0])) { $qry .= sprintf("and time < '%04d-%02d-%02d %02d:%02d:%02d'", - int($data{byear}), int($data{bmonth}), int($data{bday}), - int($data{bhour}), int($data{bmin}), int($data{bsec})); + int($data{byear}->[0]), int($data{bmonth}->[0]), int($data{bday}->[0]), + int($data{bhour}->[0]), int($data{bmin}->[0]), int($data{bsec}->[0])); } #if (defined($data{id})) { # $qry .= " and id = " . $dbh->quote($data{id}); #} -if (defined($data{level}) && ($data{level} ne "any")) { - $qry .= " and level = " . $dbh->quote($data{level}); +if (defined($data{level}->[0]) && ($data{level}->[0] ne "any")) { + $qry .= " and level = " . $dbh->quote($data{level}->[0]); } -if (defined($data{reason})) { - $qry .= " and reason like " . esc($data{reason}); +if (defined($data{reason}->[0])) { + $qry .= " and reason like " . esc($data{reason}->[0]); } -if (defined($data{sort}) && defined($data{order}) && ($data{order} =~ /^[ad]$/ ) && - ( $data{sort} =~ /^(time|nick|user|host|level|id|reason)$/ ) ) { - $qry .= " order by " . $data{sort}; - $qry .= " desc" if $data{order} eq "d"; +if (defined($data{sort}) && defined($data{order}) && ($data{order}->[0] =~ /^[ad]$/ ) && + ( $data{sort}->[0] =~ /^(time|nick|user|host|level|id|reason)$/ ) ) { + $qry .= " order by " . $data{sort}->[0]; + $qry .= " desc" if $data{order}->[0] eq "d"; } if ($debug) { diff --git a/cgi-bin/secret/investigate.pl b/cgi-bin/secret/investigate.pl index 23a5945..6b48027 100755 --- a/cgi-bin/secret/investigate.pl +++ b/cgi-bin/secret/investigate.pl @@ -5,7 +5,7 @@ use Data::Dumper; use strict; use DBI; -use CGI_Lite; +use CGI; use XML::Simple qw(:strict); my $xs1 = XML::Simple->new( KeyAttr => ['id'], Cache => [ qw/memcopy/ ]); my $sqlconf = $xs1->XMLin( "/home/icxcnika/AntiSpamMeta/config-main/mysql.xml", @@ -13,6 +13,7 @@ my $sqlconf = $xs1->XMLin( "/home/icxcnika/AntiSpamMeta/config-main/mysql.xml", 'GroupTags' => { ignoredidents => 'ident', ignoredgecos => 'geco' }); my $dbh = DBI->connect("DBI:mysql:database=" . $sqlconf->{db} . ";host=" . $sqlconf->{host} . ";port=" . $sqlconf->{port}, $sqlconf->{user}, $sqlconf->{pass}); +$dbh->do("SET time_zone = '+0:00';"); my $debug = 0; @@ -38,8 +39,8 @@ sub dottedQuadToInt return $ip_number; } -my $cgi = new CGI_Lite; -my %data = $cgi->parse_form_data; +my $cgi = CGI->new; +my %data = %{$cgi->{param}}; $debug = int($data{debug}) if (defined($data{debug})); @@ -51,7 +52,11 @@ print <AntiSpamMeta database query page -

Maintaining AntiSpamMeta takes work! Please +

NEW: READ ME.

+

I'm looking to move AntiSpamMeta, and its databases, to a new server. This will cost me about \$400/year, however will allow + for recursive lookups similar to stalker.pl - Finding a nick tied to a host tied to another nick tied to a nickserv account tied to a geco, etc.

+

This will make the most comprehensive tracking database for Freenode to date, but I need your help with the bills!

+

HTML -print ' Nickname:
\n"; -print ' User:
\n"; -print ' Hostname:
\n"; -print ' Gecos:
\n"; -print ' Account:
\n"; -print ' Real IP: \n"; +print ' Nickname:
\n"; +print ' User:
\n"; +print ' Hostname:
\n"; +print ' Gecos:
\n"; +print ' Account:
\n"; +print ' Real IP: \n"; print <
@@ -106,28 +111,28 @@ HTML ## nick, user, host, realip, gecos, account my $qry = 'SELECT * FROM ' . $sqlconf->{actiontable} . ' WHERE '; -if (defined($data{nick}) && ($data{nick} ne "*") && ($data{nick} ne "")) { - $qry .= " nick like " . esc($data{nick}) . ' or '; +if (defined($data{nick}) && ($data{nick}->[0] ne "*") && ($data{nick}->[0] ne "")) { + $qry .= " nick like " . esc($data{nick}->[0] ) . ' or '; } -if (defined($data{user}) && ($data{user} ne "*") && ($data{user} ne "")) { - $qry .= ' user like ' . esc($data{user}) . ' or '; +if (defined($data{user}) && ($data{user}->[0] ne "*") && ($data{user}->[0] ne "")) { + $qry .= ' user like ' . esc($data{user}->[0] ) . ' or '; } -if (defined($data{host}) && ($data{host} ne "*") && ($data{host} ne "")) { - $qry .= ' host like ' . esc($data{host}) . ' or '; +if (defined($data{host}) && ($data{host}->[0] ne "*") && ($data{host}->[0] ne "")) { + $qry .= ' host like ' . esc($data{host}->[0] ) . ' or '; } -if (defined($data{gecos}) && ($data{gecos} ne "*") && ($data{gecos} ne "")) { - $qry .= ' gecos like ' . esc($data{gecos}) . ' or '; +if (defined($data{gecos}) && ($data{gecos}->[0] ne "*") && ($data{gecos}->[0] ne "")) { + $qry .= ' gecos like ' . esc($data{gecos}->[0] ) . ' or '; } -if (defined($data{account}) && ($data{account} ne "*") && ($data{account} ne "")) { - $qry .= ' account like ' . esc($data{account}) . ' or '; +if (defined($data{account}) && ($data{account}->[0] ne "*") && ($data{account}->[0] ne "")) { + $qry .= ' account like ' . esc($data{account}->[0] ) . ' or '; } -if (defined($data{realip}) && ($data{realip} =~ /^\d+\.\d+\.\d+\.\d+$/)) { - $qry .= ' ip = ' . dottedQuadToInt($data{realip}) . ' or '; +if (defined($data{realip}) && ($data{realip}->[0] =~ /^\d+\.\d+\.\d+\.\d+$/)) { + $qry .= ' ip = ' . dottedQuadToInt($data{realip}->[0] ) . ' or '; } $qry .= '(1 = 0)'; # rather than trying to get rid of a trailing 'or ' diff --git a/cgi-bin/secret/logs.pl b/cgi-bin/secret/logs.pl index c1d2313..111fffb 100755 --- a/cgi-bin/secret/logs.pl +++ b/cgi-bin/secret/logs.pl @@ -5,10 +5,10 @@ use Data::Dumper; use strict; use DBI; -use CGI_Lite; -my $cgi = new CGI_Lite; -my %data = $cgi->parse_form_data; -my $index = $data{index}; +use CGI; +my $cgi = CGI->new; +my %data = %{$cgi->{param}}; +my $index = $data{index}->[0]; print "Content-type: text/plain", "\n\n"; if ( !defined($index) ) { print "Nice hax!\n"; @@ -17,13 +17,13 @@ if ( !defined($index) ) { $index = int $index; my $i = int($index / 10000) + 1; -if ( -e "/var/www/actionlogs/${i}0K.tar.gz") { - print "tar -Oxf /var/www/actionlogs/${i}0K.tar.gz $index.txt\n\n"; - print `tar -Oxf /var/www/actionlogs/${i}0K.tar.gz $index.txt`; -} elsif ( -e "/var/www/actionlogs/$index.txt.lzma" ) { - print `lzcat /var/www/actionlogs/$index.txt.lzma`; -} elsif ( -e "/var/www/actionlogs/$index.txt" ) { - print `cat /var/www/actionlogs/$index.txt`; +if ( -e "/var/www/antispammeta.net/actionlogs/${i}0K.tar.gz") { + print "tar -Oxf /var/www/antispammeta.net/actionlogs/${i}0K.tar.gz $index.txt\n\n"; + print `tar -Oxf /var/www/antispammeta.net/actionlogs/${i}0K.tar.gz $index.txt`; +} elsif ( -e "/var/www/antispammeta.net/actionlogs/$index.txt.lzma" ) { + print `lzcat /var/www/antispammeta.net/actionlogs/$index.txt.lzma`; +} elsif ( -e "/var/www/antispammeta.net/actionlogs/$index.txt" ) { + print `cat /var/www/antispammeta.net/actionlogs/$index.txt`; } else { print "u wot m8?\n"; } diff --git a/syntax.txt b/syntax.txt index 0eecddf..2043d30 100644 --- a/syntax.txt +++ b/syntax.txt @@ -17,11 +17,14 @@ List of ASM's commands. Responds with a URL to the bot's source ;help - Refers you to ASM's website + ASM's least helpful command, accompanied by the least helpful description. ;ping Replies "pong". +;ping Restricted to flag "s" + pong + *** These are commands used for check to see if a user has a "bad past" *** ;db @@ -47,15 +50,6 @@ List of ASM's commands. ;mship Restricted to flag "s" Reports channels that both ASM and is on. -;;addwebuser Restricted to flag "s" - THIS COMMAND MUST BE SENT IN PM, WITH TWO SEMICOLONS. - This will give you access to the restricted areas of ASM's database, using an http login of - [yourIRCnick] and [password]. - No assurance of privacy is made with regards to your password. Make it secure, so that someone - else won't use your login, and make it unique - i.e. not something you use for /ns identify. - - - *** These commands are for managing who has access to the bot *** ;userx add Restricted to flag "a" @@ -72,11 +66,21 @@ List of ASM's commands. ;userx flags Restricted to flag "a" Sets the flags for that nickserv account - NOT NECESSARILY THE SAME AS THEIR NICK - to the provided set of flags. Once again, you can't give flags you don't already have, and you can't - ever give the 'd' flag. + ever give the 'd' flag. If you want to give the "d" flag, you will absolutely have to edit + the users.xml file by hand. ;userx del Restricted to flag "a" Removes the nickserv account from ASM's list of authorized users. +;;addwebuser Restricted to flag "s" + THIS COMMAND MUST BE SENT IN PM, WITH TWO SEMICOLONS. + This will give you access to the restricted areas of ASM's database, using an http login of + [yourIRCnick] and [password]. + No assurance of privacy is made with regards to your password. Make it secure, so that someone + else won't use your login, and make it unique - i.e. not something you use for /ns identify. + +;delwebuser Restricted to flag "a" + Deletes an individual's web access. *** These commands are for managing who/where the bot notifies of bad stuff *** @@ -86,9 +90,13 @@ List of ASM's commands. So, to send low-risk alerts and above concerning #spammychannel to #opschannel, you'd do ;target #spammychannel #opschannel info If a level isn't specified, it defaults to "debug". + may be in the form of $a:nickservAccount in which case ASM will substitute that + nickserv account for all nicks currently signed onto that nickserv account -;detarget Restricted to flag "a" - Stops sending messages concerning to . +;detarget Restricted to flag "a" + Stops sending messages concerning to . + may be in the form of $a:nickservAccount in which case ASM will substitute that + nickserv account for all nicks currently signed onto that nickserv account ;showhilights Restricted to flag "h" shows all the channels that it's configured to hilight on, and what level it's for. @@ -96,9 +104,12 @@ List of ASM's commands. ;hilight Restricted to flag "h" Adds to the list of hilights for for risks of and above. If is unspecified, it defaults to "info". + may be in the form of $a:nickservAccount in which case ASM will substitute that + nickserv account for all nicks currently signed onto that nickserv account ;dehilight Restricted to flag "h" Removes the list of nicks from the list of hilights for . + may be in the form of $a:nickservAccount. *** Blacklist management commands *** @@ -109,6 +120,9 @@ List of ASM's commands. is holy use common sense with this. Don't blacklist "nigger" or something like that... but definitely blacklist "http://spammyurl.com" etc. +;blacklistpcre Restricted to flag "a" + Adds to the list of strings ASM will watch out for. Regular expression matching. + ;blreason Restricted to flag "s" use the ID returned by ;blacklist to set a reason for why you blacklisted it. @@ -130,13 +144,15 @@ List of ASM's commands. ;rehash Restricted to flag "a" Re-reads the string blacklist files and config files etc etc. -;monitor (yes|no) Restricted to flag "a" +;monitor optional:(yes|no) Restricted to flag "a" Sets whether or not the channel is monitored for spam stuffs. This is obviously "yes" by default, but some places turn it off for their #blah-ops channel. + If yes/no is not specified, show the current state of the monitor flag. -;silence (yes|no) Restricted to flag "a" +;silence optional:(yes|no) Restricted to flag "a" Sets whether or not ASM ignores commands (other than !ops) in the channel. "no" by default; public channels often want this. + If yes/no is not specified, show the current state of the silence flag. ;quit Restricted to flag "a" Quits IRC using reason as the quit message. ASM is run in a while loop, so it'll probably @@ -152,6 +168,8 @@ List of ASM's commands. notrigger - prevents the target from causing the bot to generate a spam alert. nomsgs - don't relay private messages from target to the master channel nocommands - prevent target from sending the bot commands. + noidstring - e.g. nonickbl_impersonate, to prevent them from triggering the + nickbl_impersonate rule *** Highly restricted debug commands *** @@ -165,6 +183,9 @@ List of ASM's commands. ;ev Restricted to flag "d" Evaluates raw perl code - output is sent to STDOUT, not to IRC. +;wallop Restricted to flag "d" + Does nothing. One day, it'll probably broadcast a message to all target-chans. + *** Plugin interface *** -- cgit v1.2.3