Synchronet now requires the libarchive development package (e.g. libarchive-dev on Debian-based Linux distros, libarchive.org for more info) to build successfully.

Commit 63b68301 authored by rswindell's avatar rswindell

Created hacklog() function to log intrusion attempts to data/hack.log.

parent 24b1afe4
......@@ -2642,6 +2642,7 @@ static void ctrl_thread(void* arg)
success=FALSE;
lprintf("%04d !%s illegal filename attempt: %s"
,sock,user.alias,p);
hacklog(&scfg, "FTP", user.alias, cmd, host_name, &ftp.client_addr);
} else {
if(fexist(fname)) {
success=TRUE;
......@@ -2792,6 +2793,7 @@ static void ctrl_thread(void* arg)
lprintf("%04d !%s illegal filename attempt: %s"
,sock,user.alias,p);
sockprintf(sock,"553 Illegal filename attempt");
hacklog(&scfg, "FTP", user.alias, cmd, host_name, &ftp.client_addr);
continue;
}
sprintf(fname,"%s%s",scfg.dir[dir]->path,p);
......@@ -2946,6 +2948,11 @@ static void ctrl_thread(void* arg)
,scfg.lib[curlib]->sname,scfg.dir[curdir]->code);
continue;
}
if(!strnicmp(cmd, "MKD", 3) ||
!strnicmp(cmd,"XMKD",4) ||
!strnicmp(cmd,"SITE EXEC",9))
hacklog(&scfg, "FTP", user.alias, cmd, host_name, &ftp.client_addr);
sockprintf(sock,"500 Syntax error: '%s'",cmd);
lprintf("%04d !FTP: UNSUPPORTED COMMAND: '%s'",sock,cmd);
......
......@@ -37,6 +37,35 @@
#include "sbbs.h"
extern "C" BOOL hacklog(scfg_t* cfg, char* prot, char* user, char* text, char* host, SOCKADDR_IN* addr)
{
char hdr[512];
char fname[MAX_PATH+1];
int file;
time_t now=time(NULL);
sprintf(fname,"%shack.log",cfg->data_dir);
if((file=sopen(fname,O_CREAT|O_WRONLY|O_BINARY|O_APPEND,SH_DENYWR))==-1)
return(FALSE);
sprintf(hdr,"SUSPECTED %s HACK ATTEMPT from %s on %.24s\r\nUsing port %u at %s [%s]\r\nDetails: "
,prot
,user
,ctime(&now)
,addr->sin_port
,host
,inet_ntoa(addr->sin_addr)
);
write(file,hdr,strlen(hdr));
write(file,text,strlen(text));
write(file,crlf,2);
write(file,crlf,2);
close(file);
return(TRUE);
}
void sbbs_t::logentry(char *code, char *entry)
{
char str[512];
......
......@@ -762,6 +762,10 @@ extern "C" {
/* seconds to HH:MM:SS */
DLLEXPORT char * DLLCALL sectostr(uint sec, char *str);
/* logfile.cpp */
DLLEXPORT BOOL DLLCALL hacklog(scfg_t* cfg, char* prot, char* user, char* text,
char* host, SOCKADDR_IN* addr);
#ifdef SBBS /* These aren't exported */
/* misc.c */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment