public HttpResponseMessage VoteDown(int itemId) { var floodControl = new FloodControl(this.Request.FindModuleId(), this.Request.FindTabId(), this.Request.GetIPAddress(), this.UserInfo); if (floodControl.AllowVote(itemId)) { var currentDownVote = _repository .VoteDown(itemId); Log.DebugFormat("Vote down recorded, IP:{0}, itemId:{1}", this.Request.GetIPAddress(), itemId); return(Request.CreateResponse(new { success = true, data = new { voteDown = currentDownVote } })); } else { Log.WarnFormat("Flood control block the vote. The IP:{0} has already voted on this item:{1} in the time limit window", this.Request.GetIPAddress(), itemId); return(Request.CreateResponse(new { success = false })); } }
public static async Task ParseClientRequest(TcpClient client) { try { var clientEndpoint = ((IPEndPoint)client.Client.RemoteEndPoint).Address; //We only allow requests from the same client every 10 seconds if (!FloodControl.AllowRequest(clientEndpoint)) { ConsoleLogger.Log(LogLevels.Debug, $"Ignoring GET request from {client.Client.RemoteEndPoint}"); client.Close(); return; } ConsoleLogger.Log(LogLevels.Debug, $"Received a GET request from {client.Client.RemoteEndPoint}"); var processor = new HttpProcessor(client); await Task.Run(() => processor.Process()); } finally { client?.Dispose(); } }
public static void Evaluate(ib0tClient client, String ident, String args, ulong time) { if (!client.LoggedIn && !ident.StartsWith("LOGIN")) { throw new Exception("unordered login routine"); } if (client.LoggedIn && ident.StartsWith("LOGIN")) { return; } if (client.LoggedIn) { if (FloodControl.IsFlooding(client, ident, Encoding.UTF8.GetBytes(args), time)) { if (Events.Flooding(client, (byte)FloodControl.WebMsgToTCPMsg(ident))) { Events.Flooded(client); client.Disconnect(); return; } } } switch (ident) { case "LOGIN": Login(client, args, time); break; case "PUBLIC": Text(client, args, time); break; case "EMOTE": Emote(client, args, time); break; case "COMMAND": Command(client, args); break; case "PING": client.Time = time; break; case "PM": PM(client, args, time); break; case "IGNORE": Ignore(client, args); break; case "LAG": Lag(client, args); break; default: throw new Exception(); } }
private static void Login(ib0tClient client, String args, ulong time) { String[] arg_items = GetArgItems(args); client.Extended = int.Parse(arg_items[0]) >= 2000; byte[] g = new byte[16]; for (int i = 0; i < g.Length; i++) { g[i] = byte.Parse(arg_items[1].Substring((i * 2), 2), NumberStyles.HexNumber); } using (MD5 md5 = MD5.Create()) client.Guid = new Guid(md5.ComputeHash(g)); client.OrgName = arg_items[2].Trim(); Helpers.FormatUsername(client); client.Name = client.OrgName; client.FastPing = false; client.FileCount = 0; client.DataPort = 0; client.NodeIP = IPAddress.Parse("0.0.0.0"); client.NodePort = 0; client.Version = arg_items[4] + " [" + arg_items[3] + "]"; client._pmsg = arg_items[4]; client.CustomClient = true; client.LocalIP = client.ExternalIP; client.Browsable = false; client.Age = 0; client.Sex = 0; client.Country = 0; client.Region = String.Empty; IPAddress p_check = new IPAddress(client.ExternalIP.GetAddressBytes()); ObSalt.GetSalt(client); client.Captcha = !Settings.Get <bool>("captcha"); if (!client.Captcha) { client.Captcha = CaptchaManager.HasCaptcha(client); } if ((UserPool.AUsers.FindAll(x => x.ExternalIP.Equals(client.ExternalIP)).Count + UserPool.WUsers.FindAll(x => x.ExternalIP.Equals(client.ExternalIP)).Count) > 3) { Events.Rejected(client, RejectedMsg.TooManyClients); throw new Exception("too many clients from this ip"); } if (UserHistory.IsJoinFlooding(client, time)) { Events.Rejected(client, RejectedMsg.TooSoon); throw new Exception("joined too quickly"); } IClient hijack = UserPool.AUsers.Find(x => (x.Name == client.Name || x.OrgName == client.OrgName) && x.ID != client.ID && x.LoggedIn); if (hijack == null) { hijack = UserPool.WUsers.Find(x => (x.Name == client.Name || x.OrgName == client.OrgName) && x.ID != client.ID && x.LoggedIn); } if (hijack != null) { if (hijack.ExternalIP.Equals(client.ExternalIP)) { if (!hijack.WebClient) { ((AresClient)hijack).Disconnect(true); } else { ((ib0t.ib0tClient)hijack).Disconnect(); } client.Name = client.OrgName; } else { Events.Rejected(client, RejectedMsg.NameInUse); throw new Exception("name in use"); } } UserHistory.AddUser(client, time); if (BanSystem.IsBanned(client)) { if (!Helpers.IsLocalHost(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.Banned); throw new Exception("banned user"); } } if (Proxies.Check(p_check, client.DNS)) { if (!Helpers.IsLocalHost(client)) { if (Events.ProxyDetected(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.Proxy); throw new Exception("proxy detected"); } } } client.Quarantined = !client.Captcha && Settings.Get <int>("captcha_mode") == 1; if (!Events.Joining(client)) { if (!Helpers.IsLocalHost(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.UserDefined); throw new Exception("user defined rejection"); } } if (Helpers.IsLocalHost(client)) { client.Captcha = true; client.Quarantined = false; client.Registered = true; client.Owner = true; } if (!client.Quarantined) { if (hijack == null || !(hijack is AresClient)) { LinkLeaf.LinkUser other = null; if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { other = leaf.Users.Find(x => x.Vroom == client.Vroom && x.Name == client.Name && x.Link.Visible); if (other != null) { other.LinkCredentials.Visible = false; break; } } } UserPool.AUsers.ForEachWhere(x => x.SendPacket(other == null ? TCPOutbound.Join(x, client) : TCPOutbound.UpdateUserStatus(x, client)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => x.QueuePacket(other == null ? ib0t.WebOutbound.JoinTo(x, client.Name, client.Level) : ib0t.WebOutbound.UpdateTo(x, client.Name, client.Level)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); } client.LoggedIn = true; client.QueuePacket(WebOutbound.AckTo(client, client.Name)); client.QueuePacket(WebOutbound.TopicFirstTo(client, Settings.Get <String>("topic"))); client.QueuePacket(WebOutbound.UserlistItemTo(client, Settings.Get <String>("bot"), ILevel.Host)); UserPool.AUsers.ForEachWhere(x => client.QueuePacket(WebOutbound.UserlistItemTo(client, x.Name, x.Level)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => client.QueuePacket(WebOutbound.UserlistItemTo(client, x.Name, x.Level)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { leaf.Users.ForEachWhere(x => client.QueuePacket(WebOutbound.UserlistItemTo(client, x.Name, x.Level)), x => x.Vroom == client.Vroom && x.Link.Visible); } } client.QueuePacket(WebOutbound.UserlistEndTo(client)); client.QueuePacket(WebOutbound.UrlTo(client, Settings.Get <String>("link", "url"), Settings.Get <String>("text", "url"))); UserPool.AUsers.ForEachWhere(x => x.SendPacket(TCPOutbound.Avatar(x, client)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => x.QueuePacket(WebOutbound.AvatarTo(x, client.Name, client.Avatar)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && x.Extended); UserPool.AUsers.ForEachWhere(x => x.SendPacket(TCPOutbound.PersonalMessage(x, client)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => x.QueuePacket(WebOutbound.PersMsgTo(x, client.Name, client.PersonalMessage)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && x.Extended); if (client.Extended) { client.QueuePacket(WebOutbound.PerMsgBotTo(client)); if (Avatars.GotServerAvatar) { client.QueuePacket(Avatars.Server(client)); } UserPool.AUsers.ForEachWhere(x => client.QueuePacket(WebOutbound.AvatarTo(client, x.Name, x.Avatar)), x => x.LoggedIn && x.Vroom == client.Vroom && x.Avatar.Length > 0 && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => client.QueuePacket(WebOutbound.AvatarTo(client, x.Name, x.Avatar)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { leaf.Users.ForEachWhere(x => client.QueuePacket(WebOutbound.AvatarTo(client, x.Name, x.Avatar)), x => x.Vroom == client.Vroom && x.Link.Visible && x.Avatar.Length > 0); } } UserPool.AUsers.ForEachWhere(x => client.QueuePacket(WebOutbound.PersMsgTo(client, x.Name, x.PersonalMessage)), x => x.LoggedIn && x.Vroom == client.Vroom && x.PersonalMessage.Length > 0 && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => client.QueuePacket(WebOutbound.PersMsgTo(client, x.Name, x.PersonalMessage)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); UserPool.AUsers.ForEachWhere(x => { AresFont f = (AresFont)x.Font; client.QueuePacket(WebOutbound.FontTo(client, x.Name, f.oldN, f.oldT)); }, x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && x.Font.Enabled); if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { leaf.Users.ForEachWhere(x => client.QueuePacket(WebOutbound.PersMsgTo(client, x.Name, x.PersonalMessage)), x => x.Vroom == client.Vroom && x.Link.Visible && x.PersonalMessage.Length > 0); } } } FloodControl.Remove(client); if (client.SocketConnected) { IdleManager.Set(client); } if (ServerCore.Linker.Busy && ServerCore.Linker.LoginPhase == LinkLeaf.LinkLogin.Ready) { ServerCore.Linker.SendPacket(LinkLeaf.LeafOutbound.LeafJoin(ServerCore.Linker, client)); } Events.Joined(client); if (client.Owner) { client.Level = ILevel.Host; } } else { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } client.LoggedIn = true; client.QueuePacket(WebOutbound.AckTo(client, client.Name)); client.QueuePacket(WebOutbound.TopicFirstTo(client, Settings.Get <String>("topic"))); client.QueuePacket(WebOutbound.UserlistEndTo(client)); client.QueuePacket(WebOutbound.PerMsgBotTo(client)); client.QueuePacket(Avatars.Server(client)); CaptchaItem cap = Captcha.Create(); client.CaptchaWord = cap.Word; Events.CaptchaSending(client); client.QueuePacket(WebOutbound.NoSuchTo(client, String.Empty)); foreach (String str in cap.Lines) { client.QueuePacket(WebOutbound.NoSuchTo(client, str)); } client.QueuePacket(WebOutbound.NoSuchTo(client, String.Empty)); } }
public HttpResponseMessage NewPost(string post) { var success = false; var message = string.Empty; var userId = -1; var moduleId = this.Request.FindModuleId(); var tabId = this.Request.FindTabId(); var moduleSettings = new ShoutBoxModuleSettings(moduleId, tabId); if (this.UserInfo != null && this.UserInfo.UserID > 0) { userId = this.UserInfo.UserID; } //validate the post for profanity if (ValidatePostForProfanity(post)) { var floodControl = new FloodControl(this.Request.FindModuleId(), this.Request.FindTabId(), this.Request.GetIPAddress(), this.UserInfo); if (floodControl.AllowNewPost()) { success = true; _repository.AddPost(new ShoutPost() { ModuleId = moduleId, CreatedDate = DateTime.Now, VoteDown = 0, VoteUp = 0, UserId = userId > 0 ? (int?)userId : null, Message = post }); Log.Debug("New post has been saved"); } else { Log.WarnFormat("Flood control block the new post. The IP:{0} has already posted a new item in the time limit window", this.Request.GetIPAddress()); message = message = Localization.GetString("FloodControlNewPost.Text", SharedResource); } } else { Log.WarnFormat("The new post was not saved due to profanity. The IP:{0}", this.Request.GetIPAddress()); message = Localization.GetString("ProfanityBanned.Text", SharedResource); } var posts = _repository .GetDisplayPosts(moduleId, moduleSettings.NumberOfPostsToReturn); return(Request.CreateResponse(new { success = success, message = message, data = new { posts = posts.ToArray() } })); }