[原創](2.07~)打擊外掛(已加入於2.08中)

由 **New-TypeChobits** » 2004-08-08 8:16 am

已經證實有一部份Macro Script Software可以破解隨機問答題.. =.=
我為了打擊外掛不為餘力, 所以想了一個專用來打擊這類外掛的方法... (當然這並不是必要的,如你不熟悉PHP請不要嘗試!, 我是將數據儲存在SESSION的,但為了適合多數的使用者所以此文章是轉用COOKIE,如有問題可以在此回覆,我會盡量解答)
原理是利用圖片認證
圖片檔下載: http://www.hk-system.net/dev.temp/antibot_imgs.rar

涅魂 at 2007/02/10 寫:修復圖片下載：http://s540421.hp.infoseek.co.jp/share/anti-bot.exe

Sample:
介面:

支援建立圖片的模式:
不使用GD Gif圖檔
不使用GD Jpeg圖檔
使用GD Gif圖檔
使用GD Jpeg圖檔

代碼: 選擇全部: 請參照以下方法稍作修改... //#################### in wog_fight.php #################### //Gen Code SETTING $antibot["keylen"]=8; //Length of Secrity Code! /*if u not sure GD Lib is installed in your system. You can retrieve information about the currently installed GD library with gd_info() If your system not support GD then pls use NO in the $antibot["USE_GD"] var */ $antibot["USE_GD"]= "YES"; //ONLY FOR GD LIBARY, make sure the file name is writeable! $antibot["file_name"]="key"; /*Since all GIF support was removed from the GD library in version 1.6, this function is not available if you are using that version of the GD library. Support is expected to return in a version subsequent to the rerelease of GIF support in the GD library in mid 2004. For more information, see the GD Project site. */ $antibot["file_type"]="gif"; function event_start($user_id,$key) { global $DB_site,$antibot; $sql="select e_body from wog_event where e_id=".$key." "; $event=$DB_site->query_first($sql); $get_key=gen_key(); setcookie("wog_cookie_seckey",md5($get_key)); if ($antibot["USE_GD"] == "YES"){ if ($antibot["file_type"] =="jpg"){img_gd_jpeg($antibot["file_name"],$get_key);}else{img_gd_gif($antibot["file_name"],$get_key);} $image ="<img src=".$antibot["file_name"].".".$antibot["file_type"]."?".md5(microtime())." >"; }else{ $image=img_no_gd($get_key); } showscript("parent.event('".$event[e_body]."','".$image."');"); exit(); } function event_creat($user_id) { global $DB_site,$antibot; $sql="select e_id,e_body from wog_event ORDER BY RAND() LIMIT 1 "; $event=$DB_site->query_first($sql); $DB_site->query("update wog_player set p_key=".$event[e_id].", p_key_time=".time()." where p_id=".$user_id.""); $get_key=gen_key(); setcookie("wog_cookie_seckey",md5($get_key)); if ($antibot["USE_GD"] == "YES"){ if ($antibot["file_type"] =="jpg"){img_gd_jpeg($antibot["file_name"],$get_key);}else{img_gd_gif($antibot["file_name"],$get_key);} $image ="<img src=".$antibot["file_name"].".".$antibot["file_type"]."?".md5(microtime())." >"; }else{ $image=img_no_gd($get_key); } showscript("parent.event('".$event[e_body]."','".$image."');"); exit(); } //Gen Key. function gen_key() { global $antibot; $key = ""; //u can add your own image below here. $chars = array( "a","b","c","d","e","f","g","h","i","j","k","l","m", "n","o","p","q","r","s","t","u","v","w","x","y","z"); $count = count($chars) - 1; srand((double)microtime()*1000000); for($i = 0; $i < $antibot["keylen"]; $i++) { $key .= $chars[rand(0, $count)]; } return($key); } //#################### Gen Image with GD #################### //#################### GD JPEG #################### function img_gd_jpeg($name,$words){ $words_size=strlen($words); for($i=0;$i<$words_size;$i++) { $this_number[$i]=substr($words,$i,1); $this_size_temp=getimagesize("anti-bot/validation_".$this_number[$i].".jpg"); $this_width[$i]=$this_size_temp[0]; $this_height[$i]=$this_size_temp[1]; $image_width+=$this_size_temp[0]; } $image_height=max($this_height); $base=@imagecreate($image_width,$image_height); if(!$base){header("location:anti-bot/error2.jpg");exit;} for($i=0;$i<$words_size;$i++) { $image=imagecreatefromjpeg("anti-bot/validation_".$this_number[$i].".jpg") or die("false 2"); imagecopyresized($base,$image,0+$sum_width,0,0,0,$this_width[$i],$this_height[$i],$this_width[$i],$this_height[$i]) or die("false 3"); $sum_width+=$this_width[$i]; imagedestroy($image); } imagejpeg($base,"${name}.jpg"); imagedestroy($base); } //#################### GD GIF #################### function img_gd_gif($name,$words){ $words_size=strlen($words); for($i=0;$i<$words_size;$i++) { $this_number[$i]=substr($words,$i,1); $this_size_temp=getimagesize("anti-bot/validation_".$this_number[$i].".gif"); $this_width[$i]=$this_size_temp[0]; $this_height[$i]=$this_size_temp[1]; $image_width+=$this_size_temp[0]; } $image_height=max($this_height); $base=@imagecreate($image_width,$image_height); if(!$base){header("location:anti-bot/error2.gif");exit;} for($i=0;$i<$words_size;$i++) { $image=imagecreatefromgif("anti-bot/validation_".$this_number[$i].".gif") or die("false 2"); imagecopyresized($base,$image,0+$sum_width,0,0,0,$this_width[$i],$this_height[$i],$this_width[$i],$this_height[$i]) or die("false 3"); $sum_width+=$this_width[$i]; imagedestroy($image); } imagegif($base,"${name}.gif"); imagedestroy($base); } //#################### Gen Image without GD #################### function img_no_gd($words) { global $antibot; $words_size=strlen($words); for($i = 0; $i < $words_size; $i++) { $validation_images .= "<img src=" . 'anti-bot/validation_' . $words{$i} .".". $antibot["file_type"] . '>'; } return $validation_images; } //#################### in wog_act.php #################### function event_ans($user_id) { global $DB_site,$_POST,$HTTP_COOKIE_VARS; if ($_POST["pay_id"] == ""){ showscript("alert('忘記輸入安全認證碼!');parent.ad_view()"); } $p=$DB_site->query_first("select p_key from wog_player where p_id=".$user_id." "); if(!$p) { alertWindowMsg("請重新登入"); } $ans=$DB_site->query_first("select e_ans from wog_event where e_id=".$p[p_key].""); if(!$ans) { alertWindowMsg("無事件產生"); } if($p[p_key]==12) { $ans=$DB_site->query_first("SELECT SUM(forum_posts) AS e_ans FROM phpbb_forums"); } if($p[p_key]==9) { $ans=$DB_site->query_first("SELECT COUNT(user_id) AS e_ans FROM phpbb_users WHERE user_id <> -1"); } if($p[p_key]==11) { $ans=$DB_site->query_first("SELECT p_name AS e_ans FROM wog_player order by p_money desc LIMIT 1 "); } if($p[p_key]==3) { $ans=$DB_site->query_first("select c.d_name as e_ans from wog_sale a,wog_df c where a.d_id=c.d_id and c.d_type=0 ORDER BY a.s_id desc LIMIT 1 "); } if($ans[e_ans]==$_POST["temp_id"]) { if ($HTTP_COOKIE_VARS["wog_cookie_seckey"] == md5(trim(strtolower($_POST["pay_id"])))) { $DB_site->query("update wog_player set p_key=0,p_key_time=0,p_money=p_money+1000 where p_id=".$user_id.""); if($p[p_key]==10) { $a=rand(1,1000); $b=rand(1,100); $c=0; $body_str=""; switch (rand(1,3)) { case 1: $c=$a+$b; $body_str=$a."+".$b."=?"; break; case 2: $c=$a-$b; $body_str=$a."-".$b."=?"; break; case 3: $c=$a*$b; $body_str=$a."*".$b."=?"; break; } $DB_site->query("update wog_event set e_body='".$body_str."',e_ans='".$c."' where e_id=".$p[p_key].""); } setcookie("wog_cookie_seckey",""); showscript("alert('恭喜答對了,賞你一仟元作獎勵吧!');parent.ad_view()"); }else{ showscript("alert('安全認證碼不正確!');parent.ad_view()"); } }else { showscript("alert('答錯了,重新作答吧!!豬頭!!');parent.ad_view()"); } unset($s); unset($packs); } //#################### in wog_act.js #################### function event(s,fname) { var view_name=parent.wog_view; message_cls(); view_name.document.write(temp_table1); view_name.document.write('<form action="wog_act.php" method="post" target="mission">'); view_name.document.write('<tr><td>站長要考驗大家是否有認真在玩</td></tr>'); view_name.document.write('<tr><td>↓問題↓<br>'+s+'</td></tr>'); view_name.document.write('<tr><td><input type="text" name="ans" size="25"></td></tr>'); view_name.document.write('<tr><td>Security Code:<input type="text" name="sec_code" size="8"></td></tr>'); view_name.document.write('<tr><td colspan="2"><input class="text" type="button" value="填好答案了,放我過關吧!!" onClick="parent.foot_trun(\'event\',\'\',this.form.sec_code.value,this.form.ans.value)"></td></tr>'); view_name.document.write('<tr><td colspan="2">'+fname+'</td></tr>'); view_name.document.write('</form>'); view_name.document.write(temp_table2); }

[原創](2.07~)打擊外掛(已加入於2.08中)

[原創](2.07~)打擊外掛(已加入於2.08中)

[原創](2.07~)打擊外掛(已加入於2.08中)

誰在線上