YAPS for CSstudio and CCcamPHPInfo

Nice tool.
Any information on the databse itself?
Is it just user reported payservers or do you have a clever way to track them down?

I've just modified this to work with CS Studio :-)
It's showing 5 of my servers as !RISK! but i'm assuming that means one of their peers could be a payserver.
If thats the case, then that should show to others on my server that i'm at !RISK! of being payserver!

Can one of my peers please try this, so we can see how it works, as if it flags people up becuase of their peers, this could be quite damaging to honest servers.

Here's how to make it work with CS Studio.

Edit the yaps.php file and change $yaps['secure'] = true; on line 19 to
$yaps['secure'] = false;

Copy this file to %Program Files%\CS Studio\www\cccam

Now backup your original meniu.php file from the same above folder and edit it (Don't use the one supplied with yaps)
Find this line (Line 30 in my file):
<li><a href="http://soft-dream.net/portal/rss/exyu_vesti.php"><img id="cbi_cbindex_9" src="index_files/ebbtcbindex9_0.gif" name="ebbcbindex_9" width="111" height="38" style="vertical-align: bottom;" border="0" alt="EXYU vesti" title="" /></a></li>

and change it to:
<li><a href="yaps.php"><img id="cbi_cbindex_9" src="index_files/ebbtcbindex9_0.gif" name="ebbcbindex_9" width="111" height="38" style="vertical-align: bottom;" border="0" alt="YAPS" title="" /></a></li>

Copy it back to the CS Studio folder that it came from.

Now when you run CS Studio, click on the last button which is labelled as 'EXYU vesti' and it'll run the yaps addon.

I think the important thing for people that use this, is contact your peers if they are flagged up and dont just remove them.
I'd hate to think honest servers will be losing peers because they have been removed from others for doing nothing wrong.
If they understand whats happening, they can use this to find out which of their peers could be the payserver and remove them.

Right, I have just read through the source code and the database and I sussed it.
When you run this, you get 2 columns. Status & Public.

Status OK means their not in the database as being a payserver (All mine show OK)
The 2nd column means that server is in the public domain. Put the server into Google and you'll see it show up.
Thats what this program is doing. Googling all the servers.
So if you get !RISK! under public, you might want to inform your peer they may want to change their dyndns address and update all their peers with their new address.

Will try when I get home

Works for me ;-) all my peers show status 'ok' but 3 show public 'risk'

Here's my piss poor attempt at a new button for CS Studio.
Simply extract the files to %Program Files%\CS Studio\www\cccam\index_files

:download:

Just tried it out ,,works a treat in cs studio ,,but a word,,,,if you simply google the host of the peer "at risk" and CHECK the date of publication it will give you a better idea if the peer was simply indirectly exploited SO........ if it doesnt show up as exploited ,then time to ask the peer what the story is... then decide what to do ;)
caz

I don't really see the point of the 'Public' test as it makes no difference if your host is Google'able or not.
Unless maybe if your dns is in public domain you may be more susceptible to hacking?

the "public test" will give you a better chance to decide about whether or not you want to continue with the peer in question..
I don?t think the "payserver" will pop up unless it has already got negative publicity...
caz

I agree ddaddy, make very little, if any, sense at all. So your dns is in the public domain - if you take sensible precautions you will be safe from hackers. Attaching your peers dns addresses to their fline ensures that only they can access their cline + firewalls, password changes ect, common sense really.

I guess it's a good idea to add more payservers to the list, but how will they verify them and how many innocents will be falsely tagged.

Yeah! I think the way it works is that if your dns becomes public because of someones server or Dreambox being hacked and the address becoming available for all to see on the free server sections of some Sh*ty forums it adds to yaps list also! I installed it and a couple of the main people that use this site and i know for a fact they aren't pay servers came up as a RISK in yaps! To be honest Yaps is crap! Your better keeping an eye on how high the ECM's are for each user and making your mind up for yourself if they are a pay server and taking the P*ss or not!

If you read the first page of this thread, I dissected the code and first it checks a yaps database to see if it's a reported payserver, then it googles the dns to see if it's in the public domain. That's what your seeing with the Risks. It just means google has turned up results for the dns.

my mistake! sorry friend!