1 (edited by Nonante 2010-11-29 12:04)

Topic: PunBB 1.3.4 - Encrypt IPs in sha1

Following this topic, I'm leaning a little on PunBB 1.3.4 to establish the same system,
even if some find it useless as the only "protection".

Since I have found nothing for PunBB ips, I'll file the amendments to do if you're interested.
I warn, I have not used the Hooks, the changes are in direct files.

From what I saw, a feature not available anymore, "@gethostbyaddr($ip)" in file moderate.php line 55.
For the rest, everything is functional.

[---][---][---]

Note 1: It is advisable to make a backup before making changes.
Furthermore, this operation is at your own risk, I can not be held responsible blahblahblah in case of bug .

Note2: Put the same key if you change $encrypted_key = "put_your_key_here";.

Note3: If I spent my time doing this topic is that it works, I'm not crazy http://www.wareziens.info/forums/img/smilies/siffle.gif

In Phpmyadmin :
1) In the structure of the table "posts", colonne "poster_id", change "type" to "varchar(40)"
2) In the structure of the table "users", colonne "registration_ip"
    a) change "type" to "varchar(40)"
    b) change "Défaut2"  as defined: "ab3a723bf153e72986de993c39f2eaabc9a122b7"

On your server,:
1) add this function:

function hash_ip($ip)
{
    // change with your own key
    $encrypted_key = "put_your_key_here";

    return sha1($ip.$encrypted_key.sha1($ip.sha1($encrypted_key)));
   
}

1) Update ips of the table posts with query :

$query = array(
                'SELECT'    => 'id, poster_ip',
                'FROM'        => 'posts'
            );


    $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
   
    while($row = $forum_db->fetch_assoc($result))
    {
        $query2 = array(
                'UPDATE'    => 'posts',
                'SET'        => 'poster_ip=\''.hash_ip($row['poster_ip']).'\'',
                'WHERE'        => 'id='.$row['id'].' LIMIT 1'
            );
        $forum_db->query_build($query2) or error(__FILE__, __LINE__);
    }

2) Update ips of the table users with query :

$query = array(
                'SELECT'    => 'id, registration_ip',
                'FROM'        => 'users'
            );


    $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
   
    while($row = $forum_db->fetch_assoc($result))
    {
        $query2 = array(
                'UPDATE'    => 'users',
                'SET'        => 'registration_ip=\''.hash_ip($row['registration_ip']).'\'',
                'WHERE'        => 'id='.$row['id'].' LIMIT 1'
            );
        $forum_db->query_build($query2) or error(__FILE__, __LINE__);
    }

Possibly, if you have any banned users, do this also:
3) Update ips of the table bans with query :

$query = array(
                'SELECT'    => 'id, ip',
                'FROM'        => 'bans'
            );


    $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
   
    while($row = $forum_db->fetch_assoc($result))
    {
        $query2 = array(
                'UPDATE'    => 'bans',
                'SET'        => 'ip=\''.hash_ip($row['ip']).'\'',
                'WHERE'        => 'id='.$row['id'].' LIMIT 1'
            );
        $forum_db->query_build($query2) or error(__FILE__, __LINE__);
    }

[---][---][---]

In your files :

[---]

In FORUM_ROOT.'moderate.php', line 30 change:

// Is get_host an IP address or a post ID?
    if (preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $_GET['get_host']) || preg_match('/^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$/', $_GET['get_host']))

to

// Is get_host an IP address or a post ID?
    if (preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $_GET['get_host']) || preg_match('/^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$/', $_GET['get_host']) || preg_match('/^[0-9A-Fa-f]{40}$/', $_GET['get_host']))

Yet in FORUM_ROOT.'moderate.php', line 55 change:

message(sprintf($lang_misc['Hostname lookup'], $ip, @gethostbyaddr($ip), '<a href="'.forum_link($forum_url['admin_users']).'?show_users='.$ip.'">'.$lang_misc['Show more users'].'</a>'));

to :

message(sprintf($lang_misc['Hostname lookup'], $ip, '<ins><em>Information encrypted, impossible to determine.</em></ins>', '<a href="'.forum_link($forum_url['admin_users']).'?show_users='.$ip.'">'.$lang_misc['Show more users'].'</a>'));

Note: This is gethostbyaddr($ip) is no longer usable, so I substituted a sentence, if you want to change anything.
[---]

In FORUM_ROOT.'admin/users.php', line 180 change:

if (empty($ip) || (!preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip) && !preg_match('/^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$/', $ip))))

to

if (empty($ip) || (!preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip) && !preg_match('/^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$/', $ip)) && (!preg_match('/[0-9A-Fa-f]{40}/', $ip)))

[---]

In FORUM_ROOT.'include/functions.php', line 1003 change:

// Try to determine the correct remote IP-address
function get_remote_address()
{
    $return = ($hook = get_hook('fn_get_remote_address_start')) ? eval($hook) : null;
    if ($return != null)
        return $return;

    return $_SERVER['REMOTE_ADDR'];
}

to

// Try to determine the correct remote IP-address
function get_remote_address()
{
    // change with your own key
    $encrypted_key = "put_your_key_here";
   
    $return = ($hook = get_hook('fn_get_remote_address_start')) ? eval($hook) : null;
    if ($return != null)
        return sha1($return.$encrypted_key.sha1($return.sha1($encrypted_key)));

    return sha1($_SERVER['REMOTE_ADDR'].$encrypted_key.sha1($_SERVER['REMOTE_ADDR'].sha1($encrypted_key)));
   
}

[---]

In FORUM_ROOT.'include/url/' + your url scheme + '/rewrite_rules.php, line 58 change:

'/^get_host[\/_-]?([0-9]+|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(\.html?|\/)?$/i'    =>    'moderate.php?get_host=$1',

to :

'/^get_host[\/_-]?([0-9]+|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[0-9A-Fa-f]{40})(\.html?|\/)?$/i'    =>    'moderate.php?get_host=$1',

[---][---][---]

That is, if it can be useful http://www.wareziens.info/forums/img/smilies/wink.png


EDIT: I add an encryption key because it is too easy to compare IP with this script:

for ($i=0;$i<255;$i++) {
    for ($j=0;$j<255;$j++) {
        for ($k=0;$k<255;$k++) {
            for ($l=0;$l<255;$l++) {
                $ip = $i.".". $j .".". $k .".".$l;
                    mysql_query("INSERT INTO `ips` (`ip`, `sha`) VALUES ('". $ip ."', '". sha1($ip) ."')");
            }
        }
    }
}

Thanks to TheAssassin185.

Now if only access to the database is compromised, it is not possible to retrieve the IP.

Result :
http://prezup.eu/images/punbb/sha1ip.png

I don't speak English, but Google Translate is doing pretty good.

Re: PunBB 1.3.4 - Encrypt IPs in sha1

Thank you for publishing this!

Btw: What had happened (hack) exactely to make you want to encrypt the IPs?

Re: PunBB 1.3.4 - Encrypt IPs in sha1

Personally, I have had no problems, but other people I know have been pirated,
and their database was released, so with the IP of their members displayed in clear.

It is above all in order to "protect" sensitive information
as well as members only "protection", this is not a truly effective solution.

Personally I would not want my IP to appear in a release of a database to a porn site.
For example tongue

I don't speak English, but Google Translate is doing pretty good.

Re: PunBB 1.3.4 - Encrypt IPs in sha1

Updated, thanks to TheAssassin185.

I don't speak English, but Google Translate is doing pretty good.