Merge pull request #14 from dwisiswant0/master

Add many methods & fix some bugs. See CHANGELOG.md.

Author: dwisiswant0

CHANGELOG.md

@@ -2,9 +2,23 @@
 
 All notable changes to `AntiScanScanClub` will be documented in this file.
 
+## Version 2.0.2
+
+### Added
+
+-   filterFileFind() method (deep search for filterFile() method), check whether the destination file and/ path is in the filter_files.txt
+-   addToFilterFiles() method, add file and/ path to filter_files.txt
+-   md5LocalFilterFiles() method for validate in restoreFilterFiles() method
+-   getRemoteFilterFiles() method, getting filter_files.txt from remote repository
+
+### Fixed
+
+-   Avoid nested arrays in filterInput() _(related v1.0.3 bug)_
+
 ## Version 2.0.1
 
 ### Added
+
 -   getPublicFiles() method for get all files in public path recursively
 -   getAllRoutes() method for get uri of all registered routes
 -   whitelistPublicFiles() method for whitelisting all public files recursively
@@ -13,12 +27,14 @@ All notable changes to `AntiScanScanClub` will be documented in this file.
 ## Version 2.0.0
 
 ### Added
+
 -   whitelistFile() method, for whitelisting files/path from filterFile()
 -   restoreFilterFiles() method to restoring filter_files.txt to default
 
 ## Version 1.0.3
 
 ### Fixed
+
 -   Fix filterInput() bug failed to handle array input fields (reported by [@mirfansulaiman](https://github.com/mirfansulaiman))
 
 ## Version 1.0.2-dev1

README.md

@@ -204,6 +204,14 @@ var_dump(whitelistAllRoutes()); // @return array
 var_dump($ASSC->restoreFilterFiles()); // @return bool
 ```
 
+-   **Add file and/ path to filterFile() rejection**
+
+```php
+$file = "api/adminLists";
+
+var_dump(addToFilterFiles($file)); // @return integer/bool
+```
+
 ### NOTE
 
 -   If you call `filterInput()` and/ `filterFile()` method, you no longer need to call `addToBlacklisted()` method.
@@ -235,4 +243,4 @@ license. Please see the [LICENSE file](LICENSE) for more information.
 
 ## Version
 
-**Current version is 2.0.1** and still development.
+**Current version is 2.0.2** and still development.

src/AntiScanScanClub.php

@@ -10,25 +10,30 @@
 
 class AntiScanScanClub
 {
+    /**
+     * @var string $defaultBlacklists
+     */
+    private $defaultBlacklists = "blacklists.json";
+
     /**
      * @var string $filterRules
      */
-	private $filterRules = "filter_rules.json";
+    private $filterRules = "filter_rules.json";
 
     /**
      * @var string $filterFiles
      */
     private $filterFiles = "filter_files.txt";
 
     /**
-     * @var string $defaultBlacklists
+     * @var constant string REMOTE_REPO
      */
-    private $defaultBlacklists = "blacklists.json";
+    private const REMOTE_REPO = "https://github.com/noobsec/AntiScanScanClub-laravel";
 
     /**
-     * @var string $remoteRepo
+     * @var constant string FILTER_FILES_MD5
      */
-    private $remoteRepo = "https://github.com/noobsec/AntiScanScanClub-laravel";
+    private const FILTER_FILES_MD5 = "05c2fe4cad6dc3ea1a3bf2becdb9153f";
 
     /**
      * AntiScanScanClub.
@@ -117,26 +122,22 @@ public function filterInput($data = [], $blocker = FALSE, $clientIp) {
     	foreach ($data as $key => $value) {
 	    	foreach ($objectRules as $key => $object) {
                 if (is_array($value)) {
-                    foreach ($value as $key => $array) {
-                        $filtered = preg_match("/" . $object['rule'] . "/", $array);
-                        $value = $array;
-                        if ($filtered) break;
-                    }
+                    return $this->filterInput($value, $blocker, $clientIp);
                 } else {
                     $filtered = preg_match("/" . $object['rule'] . "/", $value);
+                    if ($filtered) break;
                 }
+            }
+        }
 
-	    		if ($filtered) {
-	    			if ($blocker === TRUE) $this->addToBlacklisted($clientIp, $object['description'] . " (" . $value . ")");
-	    			return abort($this->abort);
-	    		}
-	    	}
-    	}
+		if ($filtered) {
+			if ($blocker === TRUE) $this->addToBlacklisted($clientIp, $object['description'] . " (" . $value . ")");
+			return abort($this->abort);
+		}
 
     	return FALSE;
     }
 
-
     /**
      * Prevention of access to credentials and/ important files/path
      * e.g: wp-admin.php, .git/, backups.tar.gz, www.sql (see many more at filter_files.txt)
@@ -149,6 +150,23 @@ public function filterInput($data = [], $blocker = FALSE, $clientIp) {
      * @throws \Symfony\Component\HttpKernel\Exception\HttpException
     */
     public function filterFile($url = NULL, $blocker = FALSE, $clientIp) {
+        $filterFileFind = $this->filterFileFind($url);
+
+        if ($filterFileFind === TRUE) {
+            if ($blocker === TRUE) $this->addToBlacklisted($clientIp, "Trying to access " . $url);
+            return abort($this->abort);
+        } else {
+            return FALSE;
+        }
+    }
+
+    /**
+     * Check whether the destination file and/ path is in the filter_files.txt
+     *
+     * @param string $file and/ path to check 
+     * @return bool
+    */
+    private function filterFileFind($file) {
         $filterFiles = __DIR__ . "/" . $this->filterFiles;
         $getFile = @file_get_contents($filterFiles);
 
@@ -159,10 +177,9 @@ public function filterFile($url = NULL, $blocker = FALSE, $clientIp) {
         $objectFiles = file($filterFiles);
 
         foreach ($objectFiles as $key => $value) {
-            $file = trim($value);
-            if (substr($url, 1) === trim($file)) {
-                if ($blocker === TRUE) $this->addToBlacklisted($clientIp, "Trying to access " . $file);
-                return abort($this->abort);
+            $list = trim($value);
+            if (substr($file, 1) === trim($list)) {
+                return TRUE;
             }
         }
 
@@ -188,6 +205,22 @@ public function addToBlacklisted($clientIp, $attack = NULL) {
     	return $this->writeToBlacklistsFile($add);
     }
 
+    /**
+     * Add file and/ path to filter_files.txt
+     *
+     * @param string $file and/ path
+     * @return integer/bool
+    */
+    public function addToFilterFiles($file) {
+        $filterFiles = __DIR__ . "/" . $this->filterFiles;
+        $filterFileFind = $this->filterFileFind($file);
+
+        if ($filterFileFind === FALSE) {
+            return file_put_contents($filterFiles, $file, FILE_APPEND);
+        } else {
+            return FALSE;
+        }
+    }
 
 	/**
      * Clean the client IP from blacklists
@@ -203,7 +236,6 @@ public function cronBlacklistedRules() {
 		}
 	}
 
-
     /**
      * Remove client IP from blacklists rule
      *
@@ -218,7 +250,6 @@ public function removeFromBlacklists($clientIp) {
 	    return $this->writeToBlacklistsFile($this->list_object);
 	}
 
-
 	/**
      * Purge and/ clean all client IPs from blacklists
      *
@@ -228,7 +259,6 @@ public function purgeBlacklistsFile() {
     	return $this->writeToBlacklistsFile([]);
     }
 
-
     /**
      * Write visitor data to blacklists file
      *
@@ -347,23 +377,52 @@ public function whitelistFile($search) {
     }
 
     /**
-    * Restore filter_files.txt lists to default
+    * MD5 checksum for local filter_files.txt
     *
     * @return bool
     */
-    public function restoreFilterFiles() {
-        $defaultFilterFiles = @file_get_contents($this->remoteRepo . "/raw/master/src/" . $this->filterFiles);
+    public function md5LocalFilterFiles() {
+        $localFilterFiles = __DIR__ . "/" . $this->filterFiles;
+
+        if (md5_file($localFilterFiles) === self::FILTER_FILES_MD5) {
+            return TRUE;
+        } else {
+            return FALSE;
+        }
+    }
+
+    /**
+    * Getting filter_files.txt from remote repository
+    *
+    * @return string
+    */
+    private function getRemoteFilterFiles() {
+        $defaultFilterFiles = @file_get_contents(self::REMOTE_REPO . "/raw/master/src/" . $this->filterFiles);
 
         if ($defaultFilterFiles === FALSE) {
             throw new \Exception("Error While Getting default filter files from Repo", 1);
         }
 
-        $write = file_put_contents(__DIR__ . "/" . $this->filterFiles, $defaultFilterFiles);
+        return $defaultFilterFiles;
+    }
 
-        if ($write === 84213) {
-            return TRUE;
+    /**
+    * Restore filter_files.txt lists to default
+    *
+    * @return bool
+    */
+    public function restoreFilterFiles() {
+        $remoteFilterFiles = $this->getRemoteFilterFiles();
+
+        if ($this->md5LocalFilterFiles() === FALSE) {
+            $write = file_put_contents(__DIR__ . "/" . $this->filterFiles, $remoteFilterFiles);
+            if ($write === 84213 && $this->md5LocalFilterFiles() === TRUE) {
+                return TRUE;
+            } else {
+                return FALSE;
+            }
         } else {
-            return FALSE;
+            return TRUE;
         }
     }
 }