From 16e5ede13027487d483ffc5bf9de4441def3799a Mon Sep 17 00:00:00 2001 From: bunkerity Date: Wed, 19 May 2021 16:37:28 +0200 Subject: [PATCH] antibot - custom templates --- Dockerfile | 1 + Dockerfile-amd64 | 1 + Dockerfile-arm32v7 | 1 + Dockerfile-arm64v8 | 1 + Dockerfile-i386 | 1 + antibot/captcha.data | 5 ++++ antibot/captcha.html | 24 +++++++++++++++++++ antibot/javascript.data | 21 ++++++++++++++++ antibot/javascript.html | 43 +++++++++++++++++++++++++++++++++ antibot/recaptcha-body.data | 11 +++++++++ antibot/recaptcha-head.data | 1 + antibot/recaptcha.html | 44 ++++++++++++++++++++++++++++++++++ confs/global/init-lua.conf | 2 +- lua/captcha.lua | 28 ++++++++++++---------- lua/javascript.lua | 48 +++++++++++++------------------------ lua/recaptcha.lua | 39 +++++++++++++++--------------- 16 files changed, 206 insertions(+), 65 deletions(-) create mode 100644 antibot/captcha.data create mode 100644 antibot/captcha.html create mode 100644 antibot/javascript.data create mode 100644 antibot/javascript.html create mode 100644 antibot/recaptcha-body.data create mode 100644 antibot/recaptcha-head.data create mode 100644 antibot/recaptcha.html diff --git a/Dockerfile b/Dockerfile index fe17563..434a82b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,6 +15,7 @@ COPY entrypoint/ /opt/entrypoint COPY confs/ /opt/confs COPY scripts/ /opt/scripts COPY lua/ /usr/local/lib/lua +COPY antibot/ /antibot COPY prepare.sh /tmp/prepare.sh RUN chmod +x /tmp/prepare.sh && \ diff --git a/Dockerfile-amd64 b/Dockerfile-amd64 index 4f3eb3d..fc0735c 100644 --- a/Dockerfile-amd64 +++ b/Dockerfile-amd64 @@ -15,6 +15,7 @@ COPY entrypoint/ /opt/entrypoint COPY confs/ /opt/confs COPY scripts/ /opt/scripts COPY lua/ /usr/local/lib/lua +COPY antibot/ /antibot COPY prepare.sh /tmp/prepare.sh RUN chmod +x /tmp/prepare.sh && \ diff --git a/Dockerfile-arm32v7 b/Dockerfile-arm32v7 index 8cc9c3b..a3cc5e3 100644 --- a/Dockerfile-arm32v7 +++ b/Dockerfile-arm32v7 @@ -22,6 +22,7 @@ COPY entrypoint/ /opt/entrypoint COPY confs/ /opt/confs COPY scripts/ /opt/scripts COPY lua/ /usr/local/lib/lua +COPY antibot/ /antibot COPY prepare.sh /tmp/prepare.sh RUN chmod +x /tmp/prepare.sh && \ diff --git a/Dockerfile-arm64v8 b/Dockerfile-arm64v8 index 7f62f5a..927917c 100644 --- a/Dockerfile-arm64v8 +++ b/Dockerfile-arm64v8 @@ -22,6 +22,7 @@ COPY entrypoint/ /opt/entrypoint COPY confs/ /opt/confs COPY scripts/ /opt/scripts COPY lua/ /usr/local/lib/lua +COPY antibot/ /antibot COPY prepare.sh /tmp/prepare.sh RUN chmod +x /tmp/prepare.sh && \ diff --git a/Dockerfile-i386 b/Dockerfile-i386 index 28d5542..67d706a 100644 --- a/Dockerfile-i386 +++ b/Dockerfile-i386 @@ -15,6 +15,7 @@ COPY entrypoint/ /opt/entrypoint COPY confs/ /opt/confs COPY scripts/ /opt/scripts COPY lua/ /usr/local/lib/lua +COPY antibot/ /antibot COPY prepare.sh /tmp/prepare.sh RUN chmod +x /tmp/prepare.sh && \ diff --git a/antibot/captcha.data b/antibot/captcha.data new file mode 100644 index 0000000..1b0d063 --- /dev/null +++ b/antibot/captcha.data @@ -0,0 +1,5 @@ +
+
+ Captcha :
+ +
diff --git a/antibot/captcha.html b/antibot/captcha.html new file mode 100644 index 0000000..1f2a8c7 --- /dev/null +++ b/antibot/captcha.html @@ -0,0 +1,24 @@ + + + Website protection + + + +
+

As a security measure, we ask you to complete this captcha to access our website :

+ %CAPTCHA% +
🛡️ this website is protected with bunkerized-nginx 🛡️
+
+ + diff --git a/antibot/javascript.data b/antibot/javascript.data new file mode 100644 index 0000000..03962a9 --- /dev/null +++ b/antibot/javascript.data @@ -0,0 +1,21 @@ + diff --git a/antibot/javascript.html b/antibot/javascript.html new file mode 100644 index 0000000..10be2f7 --- /dev/null +++ b/antibot/javascript.html @@ -0,0 +1,43 @@ + + + Website protection + + + +
+
+ +

Please wait while we are doing some security checks...

+ 🛡️ this website is protected with bunkerized-nginx 🛡️ +
+ %JAVASCRIPT% + + diff --git a/antibot/recaptcha-body.data b/antibot/recaptcha-body.data new file mode 100644 index 0000000..401320f --- /dev/null +++ b/antibot/recaptcha-body.data @@ -0,0 +1,11 @@ +
+ +
+ diff --git a/antibot/recaptcha-head.data b/antibot/recaptcha-head.data new file mode 100644 index 0000000..f4e2c5b --- /dev/null +++ b/antibot/recaptcha-head.data @@ -0,0 +1 @@ + diff --git a/antibot/recaptcha.html b/antibot/recaptcha.html new file mode 100644 index 0000000..e52a9cb --- /dev/null +++ b/antibot/recaptcha.html @@ -0,0 +1,44 @@ + + + Website protection + + %RECAPTCHA_HEAD% + + +
+
+ +

Please wait while we are doing some security checks...

+ 🛡️ this website is protected with bunkerized-nginx 🛡️ +
+ %RECAPTCHA_BODY% + + diff --git a/confs/global/init-lua.conf b/confs/global/init-lua.conf index b95d844..f947cc6 100644 --- a/confs/global/init-lua.conf +++ b/confs/global/init-lua.conf @@ -37,7 +37,7 @@ if use_crowdsec then logger.log(ngx.ERR, "CROWDSEC", err) error() end - logger.log(ngx.ERR, "CROWDSEC" "*NOT AN ERROR* initialisation done") + logger.log(ngx.ERR, "CROWDSEC", "*NOT AN ERROR* initialisation done") end } diff --git a/lua/captcha.lua b/lua/captcha.lua index 7244791..6196190 100644 --- a/lua/captcha.lua +++ b/lua/captcha.lua @@ -10,19 +10,21 @@ function M.get_challenge () end function M.get_code (img, antibot_uri) - return string.format([[ - - - - -
- Img =
- Enter captcha :
- -
- - - ]], antibot_uri, base64.encode(img)) + -- get template + local f = io.open("/antibot/captcha.html", "r") + local template = f:read("*all") + f:close() + + -- get captcha code + f = io.open("/antibot/captcha.data", "r") + local captcha_data = f:read("*all") + f:close() + + -- edit captcha code + captcha_data = string.format(captcha_data, antibot_uri, base64.encode(img)) + + -- return template + edited captcha code + return template:gsub("%%CAPTCHA%%", captcha_data) end function M.check (captcha_user, captcha_valid) diff --git a/lua/javascript.lua b/lua/javascript.lua index e2e032a..5dde85c 100644 --- a/lua/javascript.lua +++ b/lua/javascript.lua @@ -7,42 +7,28 @@ function M.get_challenge () local random = "" local rand = 0 for i = 1, 20 do - rand = math.random(1, #charset) - random = random .. charset:sub(rand, rand) + rand = math.random(1, #charset) + random = random .. charset:sub(rand, rand) end return random end function M.get_code (challenge, antibot_uri, original_uri) - return string.format([[ - - - - - - - - ]], challenge, antibot_uri, original_uri) + -- get template + local f = io.open("/antibot/javascript.html", "r") + local template = f:read("*all") + f:close() + + -- get JS code + f = io.open("/antibot/javascript.data", "r") + local javascript = f:read("*all") + f:close() + + -- edit JS code + javascript = string.format(javascript, challenge, antibot_uri, original_uri) + + -- return template + edited JS code + return template:gsub("%%JAVASCRIPT%%", javascript) end function M.check (challenge, user) diff --git a/lua/recaptcha.lua b/lua/recaptcha.lua index 2816a40..1bbef61 100644 --- a/lua/recaptcha.lua +++ b/lua/recaptcha.lua @@ -3,26 +3,25 @@ local http = require "resty.http" local cjson = require "cjson" function M.get_code (antibot_uri, recaptcha_sitekey) - return string.format([[ - - - - - -
- -
- - - - ]], recaptcha_sitekey, antibot_uri, recaptcha_sitekey) + -- get template + local f = io.open("/antibot/recaptcha.html", "r") + local template = f:read("*all") + f:close() + + -- get recaptcha code + f = io.open("/antibot/recaptcha-head.data", "r") + local recaptcha_head = f:read("*all") + f:close() + f = io.open("/antibot/recaptcha-body.data", "r") + local recaptcha_body = f:read("*all") + f:close() + + -- edit recaptcha code + recaptcha_head = string.format(recaptcha_head, recaptcha_sitekey) + recaptcha_body = string.format(recaptcha_body, antibot_uri, recaptcha_sitekey) + + -- return template + edited recaptcha code + return template:gsub("%%RECAPTCHA_HEAD%%", recaptcha_head):gsub("%%RECAPTCHA_BODY%%", recaptcha_body) end function M.check (token, recaptcha_secret)