Administrators chain Posted 13 hours ago Administrators Report Share Posted 13 hours ago raw 352:*:{ proxy $4 } on *:snotice:*Client connecting*: { .who +I $9 } alias proxy { var %rand $rand(0,99999) sockopen $+(ktor,%rand) www.checkingtools.com 80 sockmark $+(ktor,%rand) $1 } on *:sockopen:ktor*: { var %komut sockwrite -nt $sockname, %post $+(ip=,$sock($sockname).mark,&GO%21=GO%21) %komut POST /ip_check HTTP/1.1 %komut Host: www.checkingtools.com %komut Connection: keep-alive %komut Content-Length: $len(%post) %komut Cache-Control: max-age=0 %komut Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 %komut Origin: http://www.checkingtools.com %komut User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31 %komut Content-Type: application/x-www-form-urlencoded %komut Accept-Encoding: gzip,deflate,sdch %komut Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.6,en;q=0.4 %komut Accept-Charset: ISO-8859-9,utf-8;q=0.7,*;q=0.3 %komut Cookie: PHPSESSID=90b5ae6ed385b312ea3dcccb50c126e1; ck_lang=en; __atuvc=18%7C1 %komut %komut %post } on *:sockread:ktor*: { var %x | sockread %x | tokenize 32 %x if $regex($1-,/(XBL|SBL|XBL|SPAMCOP|CBL|NJABL|SURBL|HTTP:BL).+red/i) { gzline $+(*@,$sock($sockname).mark) 1h 1IP adresinizde 4PROXY 1girişi tespit edilmiştir. if !$window(@prxy-tor) { window -neg1 @prxy-tor } | echo @prxy-tor ( $+ $time $+ ) $+(4 $chr(32),$sock($sockname).mark),$chr(32)) 1IP adresinizde 4PROXY 1girişi tespit edilmiştir. sockclose $sockname halt } } Quote Link to comment Share on other sites More sharing options...
