Pages:
Author

Topic: [BOT KILLER] ANTI VPN - ANTI PROXY [NEW] - page 3. (Read 4262 times)

hero member
Activity: 504
Merit: 501
August 17, 2016, 11:22:33 PM
#20
My friend sent me this .htaccess code... what do you guys/girls think?


Code:
RewriteEngine on
RewriteCond %{HTTP:VIA}                 !^$ [OR]
RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]



and this



Code:
/*Anti vpn/proxy checker*/
 
 
class Main{
 
public 
$_base "http://whatismyipaddress.com/ip/";
 
public function 
_get_ip(){
$forward_check explode(",",$_SERVER['HTTP_X_FORWARDED_FOR']);
if (!empty(
$_SERVER['HTTP_CLIENT_IP']))
{
$ip $_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty(
$_SERVER['HTTP_X_FORWARDED_FOR']))
{
$ip $forward_check[sizeof($forward_check)-1];
/*This will always pick the last IP (legit one in the case of using some sort of cdn/proxy) in the X-Forwarded-For */
}
else
{
$ip $_SERVER['REMOTE_ADDR'];
}
return 
$ip;
}
 
 
public function 
_validate(){
global 
$dbh;
$ip $this->_get_ip();
$whitelist_check file_get_contents("./whitelistip.txt");
if(
preg_match('/'.$ip.'/'), $whitelist_check);
{
return 
true;
}
$ch curl_init();
curl_setopt($chCURLOPT_URL$this->_base $ip);
curl_setopt($chCURLOPT_RETURNTRANSFER1);
curl_setopt($chCURLOPT_USERAGENT"Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0");
curl_setopt($chCURLOPT_TIMEOUT10);
$reply strtolower(trim(strip_tags(curl_exec($ch))));
curl_close($ch);
if(!
preg_match('/at&t/'$reply))
{
if(
preg_match('/type:corporate/'$reply) || preg_match('/hostname:'.$ip.'/'$reply) || substr_count($str,'proxyserver'))
{
return 
false;
//die("We belive $ip is a Proxy/VPN if you're sure this is not a Proxy / VPN contact support below with the IP address.");
}
if(
preg_match('/type:assignment:/'$reply))
{
return 
false;
//die("We belive $ip is a Proxy/VPN if you're sure this is not a Proxy / VPN contact support below with the IP address.");
}
}
return 
true;
}
 
 
}
 
?>



hero member
Activity: 504
Merit: 501
August 17, 2016, 10:48:44 PM
#19




Ok, i have figured out how People are stealing From Xapo Faucets and it doesn't matter if its my script or another, it works on every faucet in Xapo as far as i know . I'm not even sure how to fix this so i'm posting here for ideas.

They have one main account in Xapo.

They have multiple accounts made in Xapo with similar email. like this:   [email protected], [email protected]    or could just have completely different email all together.


They claim with bots using different email and different Ip for same faucet over and over.

The Accounts are all connected VIA Xapo wallet "share wallet" Even if they haven't sent in ID or Passport The main user can take from non verified accounts.  this is a huge security flaw with Xapo itself not in the faucets.

name me the bot they use then we can easy block that bot ??


Btw you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kidn regards
name of bot is CoinCollector http://www.autoclickbots.com/product/coincollector-v3/
legendary
Activity: 2688
Merit: 2297
August 17, 2016, 07:23:28 PM
#18




Ok, i have figured out how People are stealing From Xapo Faucets and it doesn't matter if its my script or another, it works on every faucet in Xapo as far as i know . I'm not even sure how to fix this so i'm posting here for ideas.

They have one main account in Xapo.

They have multiple accounts made in Xapo with similar email. like this:   [email protected], [email protected]    or could just have completely different email all together.


They claim with bots using different email and different Ip for same faucet over and over.

The Accounts are all connected VIA Xapo wallet "share wallet" Even if they haven't sent in ID or Passport The main user can take from non verified accounts.  this is a huge security flaw with Xapo itself not in the faucets.

name me the bot they use then we can easy block that bot ??


Btw you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kidn regards

last time I tried(1 week ago I think, your system was not working).. now is working fine, detected all proxy sites I tried! nice one felicita!
legendary
Activity: 1582
Merit: 1031
August 17, 2016, 07:04:34 PM
#17




Ok, i have figured out how People are stealing From Xapo Faucets and it doesn't matter if its my script or another, it works on every faucet in Xapo as far as i know . I'm not even sure how to fix this so i'm posting here for ideas.

They have one main account in Xapo.

They have multiple accounts made in Xapo with similar email. like this:   [email protected], [email protected]    or could just have completely different email all together.


They claim with bots using different email and different Ip for same faucet over and over.

The Accounts are all connected VIA Xapo wallet "share wallet" Even if they haven't sent in ID or Passport The main user can take from non verified accounts.  this is a huge security flaw with Xapo itself not in the faucets.

name me the bot they use then we can easy block that bot ??


Btw you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kidn regards
legendary
Activity: 2688
Merit: 2297
August 17, 2016, 06:48:23 PM
#16
hero member
Activity: 504
Merit: 501
August 17, 2016, 03:34:30 PM
#15
 This is what im working on.



Blocks all types of proxy servers, including Open proxies, HTTP proxies, SOCKS proxies, VPN (Virtual Private Network) servers, SSH tunnel servers, web-based proxies, popular anonymity networks, and more.
Block web proxies
Blocks all web-based proxy scripts such as Glype, CGIProxy, PHProxy, CoinCollector and variants. Block anonymity networks
Blocks popular anonymity networks such as Tor (The Onion Routing project) exit nodes, Anonymity, Proxify®, Vtunnel, Cotse. Block datacenter IP ranges
Blocks access from IP address networks operated by data centers, hosting companies, and cloud computing providers. Data center clients may include sources of undesirable traffic such as proxies, bots, spiders, and scrapers. Optional feature to allow access from IP address networks used by technical support staff in certain data centers and hosting companies. Request header analysis
This option analyzes each request header transmitted by users and blocks access when an invalid header is detected. Block User Languages
Block access to users based on browser language settings. Blocked is aware of 180 different languages Block the bots
Blocks access from unwanted bots and spiders, filtering companies, and intellectual property (i.e. trademark, copyright, and patent) monitoring companies. Validate search engine spiders
Blocks bots masquerading as or "spoofing" search engine spiders while ensuring that legitimate search engine spiders are allowed access. DNS based blocking
Can perform a reverse DNS lookup on user IP addresses and cross-reference them with lists of proxy servers and hosting companies. Block satellite ISPs
Blocks access from Internet Service Providers that offer Internet access through satellites. It is difficult to ascertain the country from which users of satellite ISPs originate. You may want to block satellite ISPs because they serve high risk countries such as Nigeria. Customization error message
hero member
Activity: 504
Merit: 501
August 17, 2016, 03:16:55 PM
#14
im working on something    Shocked Shocked Shocked Shocked Shocked Shocked Shocked Shocked Shocked Shocked Shocked Shocked
 
legendary
Activity: 2688
Merit: 2297
August 17, 2016, 03:08:24 PM
#13
no ideas yet?

about what?

Xapo don't do anything about this security flaw?

Here's my idea: create a rival  Cheesy Cheesy
hero member
Activity: 504
Merit: 501
August 17, 2016, 02:19:00 PM
#12
no ideas yet?
hero member
Activity: 504
Merit: 501
August 16, 2016, 06:21:09 PM
#11




Ok, i have figured out how People are stealing From Xapo Faucets and it doesn't matter if its my script or another, it works on every faucet in Xapo as far as i know . I'm not even sure how to fix this so i'm posting here for ideas.

They have one main account in Xapo.

They have multiple accounts made in Xapo with similar email. like this:   [email protected], [email protected]    or could just have completely different email all together.


They claim with bots using different email and different Ip for same faucet over and over.

The Accounts are all connected VIA Xapo wallet "share wallet" Even if they haven't sent in ID or Passport The main user can take from non verified accounts.  this is a huge security flaw with Xapo itself not in the faucets.
legendary
Activity: 1134
Merit: 1000
Soon, I have to go away.
August 16, 2016, 12:05:21 PM
#10
How many bots did you used get from the UK , now its zero I presume.

They use VPNs/Proxies from all around the world, this system banned a lot of bad users however a small part of good users too, I'll be working on remove some address from the list to be fair with all!

That is good to know, I also have issues with my provider regarding ip, it wrong and they fkn Virgin, have no clue how to fix it.
They have my IP set in another part of the country 300 miles away, dopey mofos  Grin Causing me problems everywhere on the net.
legendary
Activity: 2688
Merit: 2297
August 16, 2016, 11:58:16 AM
#9
How many bots did you used get from the UK , now its zero I presume.

They use VPNs/Proxies from all around the world, this system banned a lot of bad users however a small part of good users too, I'll be working on remove some address from the list to be fair with all!
legendary
Activity: 1134
Merit: 1000
Soon, I have to go away.
August 16, 2016, 11:48:17 AM
#8
How many bots did you used get from the UK , now its zero I presume.
legendary
Activity: 2688
Merit: 2297
August 09, 2016, 08:28:23 AM
#7
I think, to be able to intrgrate this to Xapo faucet script, it should have a separate PHP coding.

NastyHosts is a property from FaucetBox? Or it's a free service to everyone?

Seems legit. good luck

Thanks  Cheesy
sr. member
Activity: 700
Merit: 250
August 09, 2016, 07:40:45 AM
#6
Seems legit. good luck
hero member
Activity: 546
Merit: 500
August 09, 2016, 07:39:49 AM
#5
I think, to be able to intrgrate this to Xapo faucet script, it should have a separate PHP coding.
legendary
Activity: 2688
Merit: 2297
August 09, 2016, 01:36:37 AM
#4
Use carefully! thats a laugh, why ban virgin media at all? You banned me, this listing is wrong imo, I am no bot, nor do I hide behind a proxy.
How many bots do you get from that I.P. range how many? is it worth blocking all of the UK that use Virgin media like me.

Virgin Media is blocked because the mobile service, nothing personal.. don't get angry, neither 0,5% of faucets will use this because it block a lot of IP's, and if you find someone using this, just PM the faucet owner and ask to remove the ASNs from Virgin Media(50534, 5089 and 13076).

I'm doing this because I have a lot of bot attacks, it's nothing personal Grin

What a coincidence, the other day I had written a post about it.
https://bitcointalksearch.org/topic/--1577717

Yeap, in some cases you just need to reset your modem, or use VPN/proxy, you can easily find free or paid services and browser extensions too...
That's why I'm trying to block all this services, they are killing the faucets..
member
Activity: 82
Merit: 10
TUX Exchange - NEW- Try IT!!
August 08, 2016, 03:48:03 PM
#3
What a coincidence, the other day I had written a post about it.
https://bitcointalksearch.org/topic/--1577717

Use carefully! thats a laugh, why ban virgin media at all? You banned me, this listing is wrong imo, I am no bot, nor do I hide behind a proxy.
How many bots do you get from that I.P. range how many? is it worth blocking all of the UK that use Virgin media like me.
legendary
Activity: 1134
Merit: 1000
Soon, I have to go away.
August 08, 2016, 02:11:31 PM
#2
Use carefully! thats a laugh, why ban virgin media at all? You banned me, this listing is wrong imo, I am no bot, nor do I hide behind a proxy.
How many bots do you get from that I.P. range how many? is it worth blocking all of the UK that use Virgin media like me.
legendary
Activity: 2688
Merit: 2297
August 08, 2016, 11:07:20 AM
#1


READ IT ALL
This method will ban 15.000 ASNs, each one contains a lot of IP ranges.
For example it will ban more then 350 IP ranges(0 to 255) from Virgin Media.
The list contain services like mobile, and will ban then all, use carefully!
You can find the ASNs you want and delete then from the list.

It will stop all access from VPN/Proxy? No!
However it will block a LOT of then and will help others anti-bots services.

The list is BIG and don't will fit on the original sql settings,
so I make a tutorial with images, ask for more help.
I'll put the list in a .txt file, so you can download it or open in you browser.
Here's the link: http://www.bitcoinamerica.com.br/portfolio/botkiller.txt

Note: Maybe the ASN block from NastyHosts only have on faucetinabox version 64
Enable the NastyHosts before you paste the list in sql table.
I have no idea how it can be put in Xapo or other, maybe someone find a way.

If it work's for you and you wanna send some tip, here's my address, I got a lot of work
1BvaPs1b6dXrciYEBDAXabcKzMkrKWg3tm

Again: Use carefully, maybe you will block some good users too
If you want to remove the all content, just delete the list from asn_ban_list.

You can test your proxy/vpn here: http://www.bitcoinamerica.com.br/faucet
It will not block the pageview, just the CLAIM.
PS: I put more credits now.. waiting 3 confirmations
Give a feedback!

Pages:
Jump to: