Raven
Site Admin/Owner

Joined: Aug 27, 2002
Posts: 17088
|
Posted:
Sun Dec 26, 2004 9:33 am |
|
NukeSentinel uses arin.net to look up information to include when sending the email to the admin. It appears that yesterday they have made some kind of a change in the query strings. You are still safe, but nothing gets written anywhere, nor do the get your redirect page. A quick fix until we decipher their new string is to find this block of code in includes/sentinel.phpCode: if ($blocker_row['email_lookup'] == 1) {
$message .= "--------------------\n"._AB_WHOISFOR."\n";
$ipToSearch = @get_ip();
// Copyright 2004(c) Raven PHP Scripts
$data = @file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$ipToSearch) or die('Unable to query WhoIs information for '.$ipToSearch.'.');
$data = explode('Search results for: ',$data);
$data = explode('#',$data[1]);
$data = explode('(NET-',strip_tags($data[0]));
if (empty($data[1])) $msg .= $data[0];
else {
$data = explode(')',$data[1]);
$data = @file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput="."!%20NET-".strip_tags($data[0])) or die('Unable to query WhoIs information for '.strip_tags($data[0]).'.');
$data = explode('Search results for: ',$data);
$data = explode('Name',$data[1],2);
$data = explode('# ARIN WHOIS ',$data[1]);
$msg .= 'OrgName'.nl2br($data[0]);
}
$message .= strip_tags($msg);
} elseif ($blocker_row['email_lookup'] == 2) {
$message .= "--------------------\n";
// Copyright 2004(c) NukeScripts
$ipToSearch = @get_ip();
$data = @file_get_contents("http://dnsstuff.com/tools/whois.ch?email=on&ip=".$ipToSearch) or die('Unable to query WhoIs information for '.$ipToSearch.'.');
$data = str_replace("</H1><H5>", "\n", $data);
$data = str_replace("status = \"Getting WHOIS results...\";", "\n", $data);
$data = str_replace("status = \"Done!\";", "\n", $data);
$message .= strip_tags($data);
}
|
and change it toCode: if ($blocker_row['email_lookup'] == 1) {
$message .= "--------------------\n"._AB_WHOISFOR."\n";
$ipToSearch = @get_ip();
// Copyright 2004(c) Raven PHP Scripts
$data = @file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$ipToSearch)/* or die('Unable to query WhoIs information for '.$ipToSearch.'.')*/;
$data = explode('Search results for: ',$data);
$data = explode('#',$data[1]);
$data = explode('(NET-',strip_tags($data[0]));
if (empty($data[1])) $msg .= $data[0];
else {
$data = explode(')',$data[1]);
$data = @file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput="."!%20NET-".strip_tags($data[0]))/* or die('Unable to query WhoIs information for '.strip_tags($data[0]).'.')*/;
$data = explode('Search results for: ',$data);
$data = explode('Name',$data[1],2);
$data = explode('# ARIN WHOIS ',$data[1]);
$msg .= 'OrgName'.nl2br($data[0]);
}
$message .= strip_tags($msg);
} elseif ($blocker_row['email_lookup'] == 2) {
$message .= "--------------------\n";
// Copyright 2004(c) NukeScripts
$ipToSearch = @get_ip();
$data = @file_get_contents("http://dnsstuff.com/tools/whois.ch?email=on&ip=".$ipToSearch)/* or die('Unable to query WhoIs information for '.$ipToSearch.'.')*/;
$data = str_replace("</H1><H5>", "\n", $data);
$data = str_replace("status = \"Getting WHOIS results...\";", "\n", $data);
$data = str_replace("status = \"Done!\";", "\n", $data);
$message .= strip_tags($data);
}
|
|
Last edited by Raven on Wed Dec 29, 2004 11:13 am; edited 1 time in total |
|