diff options
| author | Tom Schaefer <tom@tomschaefer.org> | 2011-05-27 23:07:11 -0400 |
|---|---|---|
| committer | Tom Schaefer <tom@tomschaefer.org> | 2011-05-27 23:07:11 -0400 |
| commit | 0d0402fbfd69a2978d43e7551319ba970a2d77ef (patch) | |
| tree | 005f8181ac8c5e7470441a8e4a3a19b0edabda42 /config/strikeback/strikeback.tmp | |
| parent | 51e31652e2c03e4de2c852cefc637bf394df359b (diff) | |
| download | pfsense-packages-0d0402fbfd69a2978d43e7551319ba970a2d77ef.tar.gz pfsense-packages-0d0402fbfd69a2978d43e7551319ba970a2d77ef.tar.bz2 pfsense-packages-0d0402fbfd69a2978d43e7551319ba970a2d77ef.zip | |
Push strikeback package
Diffstat (limited to 'config/strikeback/strikeback.tmp')
| -rw-r--r-- | config/strikeback/strikeback.tmp | 364 |
1 files changed, 364 insertions, 0 deletions
diff --git a/config/strikeback/strikeback.tmp b/config/strikeback/strikeback.tmp new file mode 100644 index 00000000..864e467b --- /dev/null +++ b/config/strikeback/strikeback.tmp @@ -0,0 +1,364 @@ +<?php +$pgtitle = "Services: Strikeback"; + // TomSchaefer.org strikeback package 2011 + // + // Notes: Find: ^(.*)$ + // Replace: ob_start();\n$results = exec("cat countries.txt | grep XX");\nob_end_clean();\n\tif ($results == 'XX')\n\t\techo "\1";\n\telse\n\t\techo "\1";\n + // + // + // + // + //require_once('config.inc'); + require_once("functions.inc"); + require("guiconfig.inc"); + include("head.inc"); + + //set the config as a global variable + global $config; + + $global_usage = '/usr/local/www/packages/strikeback/global_usage'; + //$fh = fopen($global_usage, 'r'); + + //phpinfo(); + + /* read DB into array */ +function strikeback_read_db() { + global $g; + + $sbdb = array(); + + $sbdblck = lock('strikebackdb'); + $fd = @fopen("{$g['vardb_path']}/strikeback.db", "r"); + if ($fd) { + while (!feof($fd)) { + $line = trim(fgets($fd)); + if ($line) + $sbdb[] = explode(",", $line); + } + fclose($fd); + } + unlock($sbdblck); + return $sbdb; +} + +/* write DB */ +function strikeback_write_db($sbdb) { + global $g; + + $sbdblck = lock('strikebackdb', LOCK_EX); + $fd = @fopen("{$g['vardb_path']}/strikeback.db", "w"); + if ($fd) { + //foreach ($sbdb as $cpent) { + //fwrite($fd, join(",", $cpent) . "\n"); + fwrite($fd, join(",", $sbdb) . "\n"); + //} + fclose($fd); + } + unlock($sbdblck); +} +if(isset($_GET[target])) { + mwexec("mkdir /usr/local/www/packages/strikeback/reports"); + //mwexec("/usr/local/bin/nmap -oX /usr/local/www/packages/strikeback/reports/".$_GET[target].".xml -vvsS -sU -sY -O ".$_GET[target]."> /dev/null 2>&1 &"); + mwexec("/usr/local/bin/nmap -oX /usr/local/www/packages/strikeback/reports/".$_GET[target].".xml -vv -sS -sU -sY -O ".$_GET[target]); + + echo "<script type=\"text/javascript\">\n"; + echo "\n"; + echo "window.open( \"parse.php\" )\n"; + echo "</script> \n"; + +} +if (count($_POST)>0) { + + conf_mount_rw(); + + $ent = array(); + + if ($_POST['enable'] == 1) { + //echo "enabled"; + $config['installedpackages']['strikeback_settings']['config'][0]['enable'] = 1; + mwexec("/usr/bin/sed -i -e 's/iplog_enable=\"NO\"/iplog_enable=\"YES\"/g' /usr/local/etc/rc.d/iplog"); + mwexec("rm /usr/local/etc/rc.d/iplog-e"); + mwexec("/usr/local/etc/rc.d/iplog start"); + mwexec("touch /usr/local/www/packages/strikeback/ENABLED"); + + + } + else { + //echo "disabled"; + $config['installedpackages']['strikeback_settings']['config'][0]['enable'] = 0; + mwexec("/usr/bin/sed -i -e 's/iplog_enable=\"YES\"/iplog_enable=\"NO\"/g' /usr/local/etc/rc.d/iplog"); + mwexec("rm /usr/local/etc/rc.d/iplog-e"); + mwexec("/usr/local/etc/rc.d/iplog stop"); + mwexec("rm /usr/local/www/packages/strikeback/ENABLED"); + + } + + + //write_config(); + //services_dnsmasq_configure(); + sleep(1); + $savemsg_cb = "strikeback settings have been saved/updated. "; + conf_mount_ro(); +} +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> + +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<form method=POST action=""> +<?php + +if (file_exists("/usr/local/www/packages/strikeback/ENABLED")){ + echo "<input name='enable' type='checkbox' value='1' checked>\n"; +} else { + echo "<input name='enable' type='checkbox' value='1'>\n"; +} + +//if ($config['installedpackages']['strikeback_settings']['config'][0]['enable'] == 1) { + //echo('enabled'); + //echo "<input name='enable' type='checkbox' value='1' checked>\n"; +//} +//elseif ($resultstop > '0') { +//echo "<input name='enable' type='checkbox' value='1' checked>\n"; +//} +//else { +// echo "<input name='enable' type='checkbox' value='1'>\n"; +//} +?><strong>Enable Strikeback</strong><br><br> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> +<?php + $tab_array = array(); + $tab_array[0] = array("Log Viewer", true, "strikeback.php"); + $tab_array[1] = array("Settings", false, "settings.php"); + //$tab_array[2] = array("Whitelist", false, "whitelist.php"); + //$tab_array[3] = array("Interfaces", false, "strikeback_if.php"); + $tab_array[4] = array("Help", false, "help.php"); + //$tab_array[5] = array("Email", false, "email.php"); + $tab_array[6] = array("Results", false, "parse.php\" target=\"_blank\""); + display_top_tabs($tab_array); +?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="listhdrr">Main</td> + + </tr> + + <tr> + <td class="listlr" valign="middle"> + +<?php + +conf_mount_rw(); + +if (file_exists("/var/log/iplog")){ + +}else{ +echo("iplog not started"); + +} + + if(isset($_POST['formSubmit'])) + { + + mwexec("mkdir /var/run/iplog"); + mwexec("rm /var/log/iplog"); + mwexec("touch /var/log/iplog"); + mwexec("/usr/local/etc/rc.d/iplog restart"); + + + } +conf_mount_ro(); +?> +<style type="text/css"> + +a img {border:none; } + +</style> +</head> + + + +<table width="100%" border="0" cellpadding="0" cellspacing="0"> +<tr> + <td > + + + </form> + + <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post"> + <p> + + </p> + <h3><p style="font-family:Arial, Helvetica, sans-serif"> + <?php + //TESTING AREA + //echo("testing AREA <br />"); + $sbdb = strikeback_read_db(); + + //print just one element out of db + //print_r($sbdb[0][1]); + //print line out of db + //print_r($sbdb[0]); + + //$cpdbtest = array("blueT","yellow","testing","enddblineTom"); + //print_r($cpdbtest); + //strikeback_write_db($cpdbtest); + + + //echo("<br />END testing AREA <br />"); + //END TESTING + //mwexec("touch /var/log/iplog"); //suppress errors so noobs on forums won't bother me + if (file_exists("/var/log/iplog")){ + $lines = file('/var/log/iplog'); + } + + //arrays to catch the things you need + $ssh = array(); + $port_scan = array(); + $ip_addr = array(); + + // fill the arrays + if (file_exists("/var/log/iplog")){ + foreach($lines as $line){ + if(preg_match('/ssh connection attempt/',$line)){ $ssh[] = $line; } + if(preg_match('/(\d+).(\d+).(\d+).(\d+)/',$line)){ $ip_addr[] = $line; } + } + + foreach($lines as $line){ + if(preg_match('/ssh connection attempt/',$line)){ + echo("<font color='#" . $sbdb[0][14] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/port.scan/',$line)){ + echo("<font color='#" . $sbdb[0][12] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + echo("<a href=strikeback.php?target="); + $ipaddress = preg_match_all('/(\d+)\.(\d+)\.(\d+)\.(\d+)/', $line, $out); + print_r($out[0][0]); + echo("><font style='text-decoration:underline;' color='#9933CC'>Execute Strikeback</font></a>"); + //echo($out[0]); + + } + elseif(preg_match('/dgram/',$line)){ + echo("<font color='#" . $sbdb[0][13] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/https/',$line)){ + echo("<font color='#" . $sbdb[0][0] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/imaps/',$line)){ + echo("<font color='#" . $sbdb[0][1] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/ftp/',$line)){ + echo("<font color='#" . $sbdb[0][2] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/submission/',$line)){ + echo("<font color='#" . $sbdb[0][3] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/auth.connection/',$line)){ + echo("<font color='#" . $sbdb[0][4] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/netbios-ssn/',$line)){ + echo("<font color='#" . $sbdb[0][5] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/smtp/',$line)){ + echo("<font color='#" . $sbdb[0][6] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/pop3/',$line)){ + echo("<font color='#" . $sbdb[0][7] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/telnet/',$line)){ + echo("<font color='#" . $sbdb[0][8] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/blackjack/',$line)){ + echo("<font color='#" . $sbdb[0][9] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/rap.connection/',$line)){ + echo("<font color='#" . $sbdb[0][10] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + elseif(preg_match('/port.3389/',$line)){ + echo("<font color='#" . $sbdb[0][11] . "'>"); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + echo("</font>"); + } + else { + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line); + } + + echo("<br />"); + } + } + + ?> + <font color="#9933CC" > + <br/><br/> + <input type="submit" name="formSubmit" value="Clear Log" /> + </p> +</h3> +</form> +<br/> + + +</div> +<?php + //This input guarantees that a POST is sent + echo "<input type='hidden' name='zzz' value='required'>"; +?> + +</td> +</tr> +</table> + </td> + + + </tr> + + +</table> +</div> +<br> + +<br><br> +<input type="submit" value="Save"><br><br> +<p> +</p> +</td> + </tr> +</table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> + |