Advertisement:

Author Topic: Strange characters when trying to include a file.  (Read 1214 times)

Offline Klajdi

  • Semi-Newbie
  • *
  • Posts: 33
Strange characters when trying to include a file.
« on: August 06, 2017, 11:51:51 AM »
Hello,
I am having this weird text: https://i.imgur.com/dc0HgZr.png whenever I include a file at the top of index.php file.
I am using this to include
Code: [Select]
include_once($_SERVER['DOCUMENT_ROOT'] . "/dir/ddos.php");
The script/code is: https://pastebin.com/4Y6M0Yfp

Accessing the script directly works fine, including it on other projects (outside smf) works also fine.


I have been trying to figure out the issue for the last couple of hours and I'm left clueless. Id really appreciate some help.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 69,326
    • StoryBB/StoryBB on GitHub
Re: Strange characters when trying to include a file.
« Reply #1 on: August 06, 2017, 02:08:28 PM »
By putting it inside index.php, you interfere with certain operations in SMF, namely the avatar loader - and that's the result of an avatar trying to be loaded and mangled through that script.

What, exactly, are you trying to achieve? DDOS protection? Are you legitimately having issues with bots hitting your site that quickly?
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline Klajdi

  • Semi-Newbie
  • *
  • Posts: 33
Re: Strange characters when trying to include a file.
« Reply #2 on: August 06, 2017, 02:16:39 PM »
By putting it inside index.php, you interfere with certain operations in SMF, namely the avatar loader - and that's the result of an avatar trying to be loaded and mangled through that script.

What, exactly, are you trying to achieve? DDOS protection? Are you legitimately having issues with bots hitting your site that quickly?

In general, trying to run a script before anything loads.
In particular, trying to block flooders. Im getting like 100 requests per minute from same ip.

Either way, im more concerned about the general function/purpose.

Offline vbgamer45

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 20,483
    • smfhacks on Facebook
    • VBGAMER45 on GitHub
    • @createaforum on Twitter
    • SMF For Free
Re: Strange characters when trying to include a file.
« Reply #3 on: August 06, 2017, 02:49:33 PM »
I would try blocking at the server level with a firewall or .htaccess that way it doesn't hit your php code at all.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Offline Klajdi

  • Semi-Newbie
  • *
  • Posts: 33
Re: Strange characters when trying to include a file.
« Reply #4 on: August 06, 2017, 05:08:58 PM »
I would try blocking at the server level with a firewall or .htaccess that way it doesn't hit your php code at all.
Well, not really, the way im trying it wont reach php code as it will be blocked by htaccess. But either way, im more interested on how I can include it.

Offline Klajdi

  • Semi-Newbie
  • *
  • Posts: 33
Re: Strange characters when trying to include a file.
« Reply #5 on: August 07, 2017, 07:52:00 AM »
By putting it inside index.php, you interfere with certain operations in SMF, namely the avatar loader - and that's the result of an avatar trying to be loaded and mangled through that script.

What, exactly, are you trying to achieve? DDOS protection? Are you legitimately having issues with bots hitting your site that quickly?
http://i.imgur.com/uSQd48r.png
Thats 648 requests from same ip, in the course of 2 minutes, keep in mind that the attack was going for around 30 minutes.
And this would have been a very efficient use of that script, thats 0.03 seconds between requests, which would have denied the ip in the first 30-40 requests.

Ofc this is not always easy as most of the time the attacks are decentralized, meaning I get that much (and more) from 10+ IPs,

Offline dougiefresh

  • SMF Hero
  • ******
  • Posts: 2,772
  • Mod King
    • XPtsp.com Community
Re: Strange characters when trying to include a file.
« Reply #6 on: August 07, 2017, 10:08:50 AM »
Try this mod: Forum Hard Hit Preventer and let me know if it works for you.

Offline bestnow

  • Semi-Newbie
  • *
  • Posts: 23
Re: Strange characters when trying to include a file.
« Reply #7 on: August 07, 2017, 10:19:10 AM »
Try this mod: Forum Hard Hit Preventer and let me know if it works for you.

that mod will automatically place a ban in the .htaccess file.


He wrote:

I would try blocking at the server level with a firewall or .htaccess that way it doesn't hit your php code at all.
Well, not really, the way im trying it wont reach php code as it will be blocked by htaccess. But either way, im more interested on how I can include it.


Offline Klajdi

  • Semi-Newbie
  • *
  • Posts: 33
Re: Strange characters when trying to include a file.
« Reply #8 on: August 07, 2017, 10:50:24 AM »
Well, as i said it would be better for me to know how to include a file before anything loads.

As for your mod, i havent checked the code, but i am supposing it needs smf to be loaded first.
But still, I was thinking to use cloudflare api to add the ips.

As i said my main priority now i loading scripts before anything else, but i might try your mod.

Offline Klajdi

  • Semi-Newbie
  • *
  • Posts: 33
Re: Strange characters when trying to include a file.
« Reply #9 on: August 07, 2017, 04:48:18 PM »
Apparently the issue doesn't occur if I include the file after ob_start(),
So far so good, but I have another question, is it certain that it wont mess anything else up?
Considering that session hasn't started yet, i'm going to remove the last line in the script (echo 'xxxxxx';).
So, will it cause anything else to break (sth i cant see)?