[RELEASE]IP-ban management script + new reg page

Zombe · 09/05/2009, 15:52

So, this is the 1st version of the script that has been promised a while back!
With this script, registration of banned IPs will be refused, and they won't be able to register!

How to install

Download

and install it.
It is recommended that you download and use

or NaviCat for MYSQL management, because it is nice to have a user interface.
I prefer navicat, but I can't post the link of it, as warez is forbidden, but you can find it if you google

Download banmanagement.rar and regpage.rar from he attachments.
You must use my reg page if you want this script to work at all!
Extract regpage.rar , set up my register page as you would a non-modified one, but this time open up bancheck.php and edit the IP, username and password. The default MYSQL username is root, so you will probably leave it like that.
Extrack banmanagement.rar and open up connect.php. Edit info where instructed.
NOTE: MYSQL and MSSQL connection data may be different, do not fill in MYSQL's info to MSSQL's spot or vice versa!
Save the page and exit.

Open up your manager that you are using (phpMyAdmin or NaviCat).
If you are using NaviCat, right click your connection and select console, then paste the MYSQL query and hit enter.
If you are using phpMyAdmin, go to the SQL section, paste the MYSQL query and press go.

Paste the regpage folder and the banmanagement folder into your xampp's htdocs folder. Go to the banmanagement/founderpanel.php with your browser and allow your IP to ban. After that, you may use the banpanel to ban IPs or get IPs from dekaron accounts from MSSQL.
NOTE: Accounts registered with the old regpage will not have the IP data stored in them, so you won't be able to retrieve IP data from them, so be sure to switch to my regpage immediately!

MYSQL query:

Code:

create database ban_info;

use ban_info;

CREATE TABLE `banip` (  
  `ID` BIGINT (10) NOT NULL AUTO_INCREMENT, 
  `IP` VARCHAR(50) NOT NULL, 
  `ip2long` INT(50) NOT NULL, 
  PRIMARY KEY (`ID`)  
);
CREATE TABLE `allowed` (  
  `ID` BIGINT (10) NOT NULL AUTO_INCREMENT, 
  `IP` VARCHAR(50) NOT NULL, 
  `ip2long` INT(50) NOT NULL, 
  PRIMARY KEY (`ID`)  
);

What else do I have to say?

READ!
This script has bugs. It is not perfect. I am now working on a Version nr 2, that will not require an altered regpage + will be more stable. In version 2, proxys will be eliminates, as you won't be able to use them to bypass it! I am also planning a version 3, that will use the built - in IP banning system + range ban, if I can get it to work... But version 2 for now!
Expected release date: no idea.

Pyrofol · 09/05/2009, 16:12

Nice job Zombeka

thelastbonbona · 09/05/2009, 17:09

ZOMBEKAS FTW

GO GO

~~~Kakkarot~~~ · 09/05/2009, 17:18

well here is a little tip for hackers, when creating account create 10-15 of them right away, and dont make them look alike beacuse if you make example, example2 example3 only an idiot wouldnt see what is happening there, so 15 accs and you are good :P, this will ban you from web site but not the game

janvier123 · 09/05/2009, 17:54

damit you posted before me, i was almost done, ah well trashcan it is

and i had to disable
banpanel.php

PHP Code:


			
//$IP=$_SERVER["REMOTE_ADDR"];

//$allow="SELECT * from allowed where IP='$IP'";

//$allow2=mysql_query($allow);

//while($allow3=mysql_fetch_array($allow2))

//{

//    $allowed=$allow3[IP];

//}

//

//if ($allowed)

//{

//}

//else

//{

//    print "You have no access to the ban management panel";

//    die();

//}

the other script works but this want wont, its fixed for me

Pyrofol · 09/05/2009, 17:58

nice job also

~~bagiman~~ · 09/05/2009, 18:44

**** noobs now u fked hackers life -,,,- with ur noob release

~~~Kakkarot~~~ · 09/05/2009, 18:50

Quote:

Originally Posted by bagiman

**** noobs now u fked hackers life -,,,- with ur noob release

...that is the freakin point of the script

Zombe · 09/05/2009, 19:06

Listen up, everybody! Read the end of the 1st post! There will be a version 2 that will use a completely another system and will be more stable!

~~~Kakkarot~~~ · 09/05/2009, 19:48

even after eliminating proxies and adding range IP bann it still can be bypassed very simple :P, all you need is a new CPU, register several accs on it, then go and play back on your old comp and if you get banned your cpu that you are playing on will be banned from the site...again but the cpu that u used to register will still be able to register

Zombe · 09/05/2009, 20:18

Quote:

Originally Posted by ~Kakkarot~

even after eliminating proxies and adding range IP bann it still can be bypassed very simple :P, all you need is a new CPU, register several accs on it, then go and play back on your old comp and if you get banned your cpu that you are playing on will be banned from the site...again but the cpu that u used to register will still be able to register

Mhm, there is no way to achieve a 100% ban and everyone knows it.

janvier123 · 09/07/2009, 05:38

maybe CPU ID / Mobo ID ban ? i heard about it, but not sure if it exists

Quote:

garfield is correct, each device that you are using has it own unique mac address, the nic, routher and modem all have different macs
it is also very possable to ban a mac address of any of those devices thought from what you have said it sounds like they banned the mac address of your nic inside your laptop.
there are programs to change your mac address but you would need a valid mac address for this to work and i dont recommend you to try this, however read up on mac spoofing there are a few tutorials out there that can help you.

caper · 09/07/2009, 06:27

Quote:

Originally Posted by janvier123

maybe CPU ID / Mobo ID ban ? i heard about it, but not sure if it exists

Possible but you would have to rewrite the exe to collect and broadcast the info to the server and store it.

janvier123 · 09/07/2009, 15:26

PHP Code:


			
function returnmacaddress() { 

// This code is under the GNU Public Licence 

// Written by michael_stankiewicz {don't spam} at yahoo {no spam} dot com 

// Tested only on linux, please report bugs 



// WARNING: the commands 'which' and 'arp' should be executable 

// by the apache user; on most linux boxes the default configuration 

// should work fine 



// get the arp executable path 

$location = `which arp`; 

$location = rtrim($location); 

// Execute the arp command and store the output in $arpTable 

$arpTable = `$location -n`; 

// Split the output so every line is an entry of the $arpSplitted array 

$arpSplitted = split("\n",$arpTable); 

// get the remote ip address (the ip address of the client, the browser) 

$remoteIp = $GLOBALS['REMOTE_ADDR']; 

$remoteIp = str_replace(".", "\\.", $remoteIp); 

// Cicle the array to find the match with the remote ip address 

foreach ($arpSplitted as $value) { 

// Split every arp line, this is done in case the format of the arp 

// command output is a bit different than expected 

$valueSplitted = split(" ",$value); 

foreach ($valueSplitted as $spLine) { 

if (preg_match("/$remoteIp/",$spLine)) { 

$ipFound = true; 

} 

// The ip address has been found, now rescan all the string 

// to get the mac address 

if ($ipFound) { 

// Rescan all the string, in case the mac address, in the string 

// returned by arp, comes before the ip address 

// (you know, Murphy's laws) 

reset($valueSplitted); 

foreach ($valueSplitted as $spLine) { 

if (preg_match("/[0-9a-f][0-9a-f][:-]". 

"[0-9a-f][0-9a-f][:-]". 

"[0-9a-f][0-9a-f][:-]". 

"[0-9a-f][0-9a-f][:-]". 

"[0-9a-f][0-9a-f][:-]". 

"[0-9a-f][0-9a-f]/i",$spLine)) { 

return $spLine; 

} 

} 

} 

$ipFound = false; 

} 

} 

return false; 

}

EliteWarrior · 09/07/2009, 19:45

Nice script waiting for version 2.