From 0d0402fbfd69a2978d43e7551319ba970a2d77ef Mon Sep 17 00:00:00 2001 From: Tom Schaefer Date: Fri, 27 May 2011 23:07:11 -0400 Subject: Push strikeback package --- config/strikeback/strikeback.tmp | 364 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 364 insertions(+) create mode 100644 config/strikeback/strikeback.tmp (limited to 'config/strikeback/strikeback.tmp') diff --git a/config/strikeback/strikeback.tmp b/config/strikeback/strikeback.tmp new file mode 100644 index 00000000..864e467b --- /dev/null +++ b/config/strikeback/strikeback.tmp @@ -0,0 +1,364 @@ + /dev/null 2>&1 &"); + mwexec("/usr/local/bin/nmap -oX /usr/local/www/packages/strikeback/reports/".$_GET[target].".xml -vv -sS -sU -sY -O ".$_GET[target]); + + echo " \n"; + +} +if (count($_POST)>0) { + + conf_mount_rw(); + + $ent = array(); + + if ($_POST['enable'] == 1) { + //echo "enabled"; + $config['installedpackages']['strikeback_settings']['config'][0]['enable'] = 1; + mwexec("/usr/bin/sed -i -e 's/iplog_enable=\"NO\"/iplog_enable=\"YES\"/g' /usr/local/etc/rc.d/iplog"); + mwexec("rm /usr/local/etc/rc.d/iplog-e"); + mwexec("/usr/local/etc/rc.d/iplog start"); + mwexec("touch /usr/local/www/packages/strikeback/ENABLED"); + + + } + else { + //echo "disabled"; + $config['installedpackages']['strikeback_settings']['config'][0]['enable'] = 0; + mwexec("/usr/bin/sed -i -e 's/iplog_enable=\"YES\"/iplog_enable=\"NO\"/g' /usr/local/etc/rc.d/iplog"); + mwexec("rm /usr/local/etc/rc.d/iplog-e"); + mwexec("/usr/local/etc/rc.d/iplog stop"); + mwexec("rm /usr/local/www/packages/strikeback/ENABLED"); + + } + + + //write_config(); + //services_dnsmasq_configure(); + sleep(1); + $savemsg_cb = "strikeback settings have been saved/updated. "; + conf_mount_ro(); +} +?> + + + + + + +

+\n"; +} else { + echo "\n"; +} + +//if ($config['installedpackages']['strikeback_settings']['config'][0]['enable'] == 1) { + //echo('enabled'); + //echo "\n"; +//} +//elseif ($resultstop > '0') { +//echo "\n"; +//} +//else { +// echo "\n"; +//} +?>Enable Strikeback

+ + + + + +

+ +

+

+ + + + + + + + + + + + + +

Main

+ + + + + + + + + + + +

+ + + + +

+

+ +

+

+ "); + $sbdb = strikeback_read_db(); + + //print just one element out of db + //print_r($sbdb[0][1]); + //print line out of db + //print_r($sbdb[0]); + + //$cpdbtest = array("blueT","yellow","testing","enddblineTom"); + //print_r($cpdbtest); + //strikeback_write_db($cpdbtest); + + + //echo("
END testing AREA
"); + //END TESTING + //mwexec("touch /var/log/iplog"); //suppress errors so noobs on forums won't bother me + if (file_exists("/var/log/iplog")){ + $lines = file('/var/log/iplog'); + } + + //arrays to catch the things you need + $ssh = array(); + $port_scan = array(); + $ip_addr = array(); + + // fill the arrays + if (file_exists("/var/log/iplog")){ + foreach($lines as $line){ + if(preg_match('/ssh connection attempt/',$line)){ $ssh[] = $line; } + if(preg_match('/(\d+).(\d+).(\d+).(\d+)/',$line)){ $ip_addr[] = $line; } + } + + foreach($lines as $line){ + if(preg_match('/ssh connection attempt/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/port.scan/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + echo("Execute Strikeback"); + //echo($out[0]); + + } + elseif(preg_match('/dgram/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/https/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/imaps/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/ftp/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/submission/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/auth.connection/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/netbios-ssn/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/smtp/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/pop3/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/telnet/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/blackjack/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/rap.connection/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + elseif(preg_match('/port.3389/',$line)){ + echo(""); + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + echo(""); + } + else { + echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','$1.$2.$3.$4',$line); + } + + echo("
"); + } + } + + ?> + +

+ +
+

+ +
+ + + +"; +?> + +

+

+

+
+ +

+

+

+

+

+ + + + + -- cgit v1.2.3