GitHub/pbot
3
0
Fork 0
mirror of https://github.com/pragma-/pbot.git synced 2025-10-17 00:17:31 +02:00
Code Issues Projects Releases Wiki Activity

anti-flood: Now tracks if a user uses different NickServ accounts, and remembers each one for ban-evasion detection

Browse Source
This commit is contained in:
Pragmatic Software 2014-03-10 03:50:02 +00:00
parent e6e02259e4
commit e808286f24
2 changed files with 120 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
PBot/AntiFlood.pm
View File

@ -154,8 +154,10 @@ sub get_flood_account {
$self->{message_history}->{$mask}->{channels}->{$channel}{validated} = 0;
}
if(defined $self->{message_history}->{$mask}->{nickserv_account}) {
$self->check_nickserv_accounts($nick, $self->{message_history}->{$mask}->{nickserv_account});
if(exists $self->{message_history}->{$mask}->{nickserv_accounts}) {
foreach my $nickserv_account (keys $self->{message_history}->{$mask}->{nickserv_accounts}) {
$self->check_nickserv_accounts($nick, $nickserv_account);
}
}
return "$nick!$user\@$host";
@ -438,11 +440,14 @@ sub unbanme {
return "/msg $nick There is no temporary ban set for $mask in channel $channel.";
}
my $nickserv_account;
if(exists $self->{message_history}->{"$nick!$user\@$host"}->{nickserv_account}) {
$nickserv_account = $self->{message_history}->{"$nick!$user\@$host"}->{nickserv_account};
my $nickserv_accounts;
if(exists $self->{message_history}->{"$nick!$user\@$host"}->{nickserv_accounts}) {
$nickserv_accounts = $self->{message_history}->{"$nick!$user\@$host"}->{nickserv_accounts};
} else {
$nickserv_accounts->{0} = 0;
}
foreach my $nickserv_account (keys $nickserv_accounts) {
my $baninfos = $self->{pbot}->bantracker->get_baninfo("$nick!$user\@$host", $channel, $nickserv_account);
if(defined $baninfos) {
@ -458,6 +463,7 @@ sub unbanme {
}
}
}
}
my $account = $self->get_flood_account($nick, $user, $host);
if(defined $account and $self->message_history->{$account}->{channels}->{$channel}{offenses} > 2) {
@ -492,12 +498,12 @@ sub address_to_mask {
sub devalidate_accounts {
# remove validation on accounts in $channel that match a ban/quiet $mask
my ($self, $mask, $channel) = @_;
my ($nickserv_account, $ban_account);
my ($nickserv_accounts, $ban_account);
if($mask =~ m/^\$a:(.*)/) {
$ban_account = lc $1;
} else {
$ban_account = "";
$ban_account = undef;
}
my $mask_original = $mask;
@ -507,13 +513,23 @@ sub devalidate_accounts {
foreach my $account (keys %{ $self->{message_history} }) {
if(exists $self->{message_history}->{$account}->{channels}->{$channel}) {
if(exists $self->{message_history}->{$account}->{nickserv_account}) {
$nickserv_account = $self->{message_history}->{$account}->{nickserv_account};
if(defined $ban_account and exists $self->{message_history}->{$account}->{nickserv_accounts}) {
$nickserv_accounts = $self->{message_history}->{$account}->{nickserv_accounts};
} else {
$nickserv_account = undef;
$nickserv_accounts = undef;
}
if((defined $nickserv_account and $nickserv_account eq $ban_account) or $account =~ m/^$mask$/i) {
my $devalidate = 0;
if(defined $ban_account and defined $nickserv_accounts) {
foreach my $nickserv_account (keys $nickserv_accounts) {
if($nickserv_account eq $ban_account) {
$devalidate = 1;
last;
}
}
}
if($devalidate or $account =~ m/^$mask$/i) {
$self->{pbot}->logger->log("anti-flood: [devalidate-accounts] $account matches $mask_original in $channel, devalidating\n");
$self->message_history->{$account}->{channels}->{$channel}{validated} = 0;
}
@ -523,13 +539,15 @@ sub devalidate_accounts {
sub check_bans {
my ($self, $mask, $channel) = @_;
my ($bans, $nickserv_account, $nick, $host, $do_not_validate);
my ($bans, @nickserv_accounts, $nick, $host, $do_not_validate);
# $self->{pbot}->logger->log("anti-flood: [check-bans] checking for bans on $mask in $channel\n");
if(exists $self->{message_history}->{$mask}->{nickserv_account}) {
$nickserv_account = $self->{message_history}->{$mask}->{nickserv_account};
# $self->{pbot}->logger->log("anti-flood: [check-bans] $mask is using account $nickserv_account\n");
if(exists $self->{message_history}->{$mask}->{nickserv_accounts}) {
foreach my $account (keys $self->{message_history}->{$mask}->{nickserv_accounts}) {
# $self->{pbot}->logger->log("anti-flood: [check-bans] $mask is using account $account\n");
push @nickserv_accounts, $account;
}
delete $self->{message_history}->{$mask}->{channels}->{$channel}{needs_validation};
} else {
# mark this account as needing check-bans when nickserv account is identified
@ -542,26 +560,29 @@ sub check_bans {
foreach my $account (keys %{ $self->{message_history} }) {
if(exists $self->{message_history}->{$account}->{channels}->{$channel}) {
my $check_ban = 0;
my $target_nickserv_account;
my $target_nickserv_accounts;
# check if nickserv accounts match
if(defined $nickserv_account) {
if(exists $self->{message_history}->{$account}->{nickserv_account} and $self->{message_history}->{$account}->{nickserv_account} eq $nickserv_account) {
foreach my $nickserv_account (@nickserv_accounts) {
if(exists $self->{message_history}->{$account}->{nickserv_accounts}) {
foreach my $key ($self->{message_history}->{$account}->{nickserv_accounts}) {
if($key eq $nickserv_account) {
#$self->{pbot}->logger->log("anti-flood: [check-bans] nickserv account for $account matches $nickserv_account\n");
$target_nickserv_account = $self->{message_history}->{$account}->{nickserv_account};
$target_nickserv_accounts = $self->{message_history}->{$account}->{nickserv_accounts};
$check_ban = 1;
goto CHECKBAN;
}
}
}
}
# check if hosts match
my ($account_host) = $account =~ m/\@(.*)$/;
if($host eq $account_host) {
#$self->{pbot}->logger->log("anti-flood: [check-bans] host for $account matches $mask\n");
if(exists $self->{message_history}->{$account}->{nickserv_account}) {
$target_nickserv_account = $self->{message_history}->{$account}->{nickserv_account};
if(exists $self->{message_history}->{$account}->{nickserv_accounts}) {
$target_nickserv_accounts = $self->{message_history}->{$account}->{nickserv_accounts};
}
$check_ban = 1;
goto CHECKBAN;
@ -572,9 +593,8 @@ sub check_bans {
if($nick eq $account_nick) {
#$self->{pbot}->logger->log("anti-flood: [check-bans] nick for $account matches $mask\n");
if(exists $self->{message_history}->{$account}->{nickserv_account}) {
$target_nickserv_account = $self->{message_history}->{$account}->{nickserv_account};
if(exists $self->{message_history}->{$account}->{nickserv_accounts}) {
$target_nickserv_accounts = $self->{message_history}->{$account}->{nickserv_accounts};
}
$check_ban = 1;
goto CHECKBAN;
@ -582,6 +602,11 @@ sub check_bans {
CHECKBAN:
if($check_ban) {
if(not defined $target_nickserv_accounts) {
$target_nickserv_accounts->{0} = 0;
}
foreach my $target_nickserv_account (keys $target_nickserv_accounts) {
# $self->{pbot}->logger->log("anti-flood: [check-bans] checking for bans in $channel on $account using $target_nickserv_account\n");
my $baninfos = $self->{pbot}->bantracker->get_baninfo($account, $channel, $target_nickserv_account);
@ -613,10 +638,17 @@ sub check_bans {
next;
}
if(defined $nickserv_account and $baninfo->{type} eq '+q' and $baninfo->{banmask} =~ /^\$a:(.*)/ and lc $1 eq lc $nickserv_account) {
my $skip_quiet_nickserv_mask = 0;
foreach my $nickserv_account (@nickserv_accounts) {
if($baninfo->{type} eq '+q' and $baninfo->{banmask} =~ /^\$a:(.*)/ and lc $1 eq $nickserv_account and $nickserv_account eq $self->{message_history}->{$mask}->{nickserv_account}) {
$self->{pbot}->logger->log("anti-flood: [check-bans] Hostmask ($mask) matches account ($nickserv_account), disregarding\n");
next;
$skip_quiet_nickserv_mask = 1;
} elsif($baninfo->{type} eq '+b' and $baninfo->{banmask} =~ /^\$a:(.*)/ and lc $1 eq $nickserv_account) {
$skip_quiet_nickserv_mask = 0;
last;
}
}
next if $skip_quiet_nickserv_mask;
if(not defined $bans) {
$bans = [];
@ -630,6 +662,7 @@ sub check_bans {
}
}
}
}
if(defined $bans) {
$mask =~ m/[^!]+!([^@]+)@(.*)/;
@ -649,19 +682,19 @@ sub check_bans {
sub check_nickserv_accounts {
my ($self, $nick, $account) = @_;
$account = lc $account;
foreach my $mask (keys %{ $self->{message_history} }) {
if(exists $self->{message_history}->{$mask}->{nickserv_account}) {
# has nickserv account
if(lc $self->{message_history}->{$mask}->{nickserv_account} eq lc $account) {
if(exists $self->{message_history}->{$mask}->{nickserv_accounts} and exists $self->{message_history}->{$mask}->{nickserv_accounts}->{$account}) {
# pre-existing mask found using this account previously
#$self->{pbot}->logger->log("anti-flood: [check-account] $nick [nickserv: $account] seen previously as $mask.\n");
}
}
else {
# no nickserv account set yet
if($mask =~ m/^\Q$nick\E!/i) {
# nick matches, must belong to account
$self->{pbot}->logger->log("anti-flood: $mask: setting nickserv account to [$account]\n");
$self->message_history->{$mask}->{nickserv_accounts}->{$account} = gettimeofday;
$self->message_history->{$mask}->{nickserv_account} = $account;
# check to see if any channels need check-ban validation
@ -679,7 +712,7 @@ sub check_nickserv_accounts {
sub on_whoisaccount {
my ($self, $conn, $event) = @_;
my $nick = $event->{args}[1];
my $account = $event->{args}[2];
my $account = lc $event->{args}[2];
$self->{pbot}->logger->log("$nick is using NickServ account [$account]\n");
$self->check_nickserv_accounts($nick, $account);

4
PBot/VERSION.pm
View File

@ -13,8 +13,8 @@ use warnings;
# These are set automatically by the build/commit script
use constant {
BUILD_NAME => "PBot",
BUILD_REVISION => 516,
BUILD_DATE => "2014-03-08",
BUILD_REVISION => 517,
BUILD_DATE => "2014-03-09",
};
1;