<?php
$pgtitle = "Services: Strikeback";
	//	TomSchaefer.org strikeback package 2011
	//
	//	Notes: Find: ^(.*)$
	//		Replace: ob_start();\n$results = exec("cat countries.txt | grep XX");\nob_end_clean();\n\tif ($results == 'XX')\n\t\techo "\1";\n\telse\n\t\techo "\1";\n
	//
	//
	//
	//
	//require_once('config.inc');
	require_once("functions.inc");
	require("guiconfig.inc");
	include("head.inc");

	//set the config as a global variable
	global $config;

	$global_usage = '/usr/local/www/packages/strikeback/global_usage';
	//$fh = fopen($global_usage, 'r');

	//phpinfo();
	
	/* read DB into array */
function strikeback_read_db() {
		global $g;

		$sbdb = array();

		$sbdblck = lock('strikebackdb');
		$fd = @fopen("{$g['vardb_path']}/strikeback.db", "r");
		if ($fd) {
			while (!feof($fd)) {
				$line = trim(fgets($fd));
				if ($line) 
						$sbdb[] = explode(",", $line);
			}
			fclose($fd);
		}
		unlock($sbdblck);
		return $sbdb;
}

/* write DB */
function strikeback_write_db($sbdb) {
		global $g;

		$sbdblck = lock('strikebackdb', LOCK_EX);
		$fd = @fopen("{$g['vardb_path']}/strikeback.db", "w");
		if ($fd) {
			//foreach ($sbdb as $cpent) {
					//fwrite($fd, join(",", $cpent) . "\n");
					fwrite($fd, join(",", $sbdb) . "\n");
			//}
			fclose($fd);
		}
	unlock($sbdblck);
}
if(isset($_GET[target])) {
	mwexec("mkdir /usr/local/www/packages/strikeback/reports");
	//mwexec("/usr/local/bin/nmap -oX /usr/local/www/packages/strikeback/reports/".$_GET[target].".xml -vvsS -sU -sY -O ".$_GET[target]."> /dev/null 2>&1 &");
	mwexec("/usr/local/bin/nmap -oX /usr/local/www/packages/strikeback/reports/".$_GET[target].".xml -vv -sS -sU -sY -O ".$_GET[target]);
	
	echo "<script type=\"text/javascript\">\n"; 
	echo "\n"; 
	echo "window.open( \"parse.php\" )\n"; 
	echo "</script> \n";
	
}
if (count($_POST)>0) {

	conf_mount_rw();

	$ent = array();

	if ($_POST['enable'] == 1) {
		//echo "enabled";
		$config['installedpackages']['strikeback_settings']['config'][0]['enable'] = 1;
		mwexec("/usr/bin/sed -i -e 's/iplog_enable=\"NO\"/iplog_enable=\"YES\"/g' /usr/local/etc/rc.d/iplog");
		mwexec("rm /usr/local/etc/rc.d/iplog-e");
		mwexec("/usr/local/etc/rc.d/iplog start");
		mwexec("touch /usr/local/www/packages/strikeback/ENABLED");
		
				
	}
	else {
		//echo "disabled";
		$config['installedpackages']['strikeback_settings']['config'][0]['enable'] = 0;
		mwexec("/usr/bin/sed -i -e 's/iplog_enable=\"YES\"/iplog_enable=\"NO\"/g' /usr/local/etc/rc.d/iplog");
		mwexec("rm /usr/local/etc/rc.d/iplog-e");
		mwexec("/usr/local/etc/rc.d/iplog stop");
		mwexec("rm /usr/local/www/packages/strikeback/ENABLED");
		
	}


	//write_config();
	//services_dnsmasq_configure();
	sleep(1);
	$savemsg_cb = "strikeback settings have been saved/updated. ";
	conf_mount_ro();
}
?>

<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>

<?php if ($input_errors) print_input_errors($input_errors); ?>
<?php if ($savemsg) print_info_box($savemsg); ?>
<form method=POST action="">
<?php

if (file_exists("/usr/local/www/packages/strikeback/ENABLED")){
	echo "<input name='enable' type='checkbox' value='1' checked>\n";
} else {
	echo "<input name='enable' type='checkbox' value='1'>\n";
}

//if ($config['installedpackages']['strikeback_settings']['config'][0]['enable'] == 1) {
	//echo('enabled');
	//echo "<input name='enable' type='checkbox' value='1' checked>\n";
//}
//elseif ($resultstop > '0') {
//echo "<input name='enable' type='checkbox' value='1' checked>\n";
//}
//else {
//	echo "<input name='enable' type='checkbox' value='1'>\n";
//}
?><strong>Enable Strikeback</strong><br><br>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr><td class="tabnavtbl">
<?php
	$tab_array = array();
	$tab_array[0] = array("Log Viewer", true, "strikeback.php");
	$tab_array[1] = array("Settings", false, "settings.php");
	//$tab_array[2] = array("Whitelist", false, "whitelist.php");
	//$tab_array[3] = array("Interfaces", false, "strikeback_if.php");
	$tab_array[4] = array("Help", false, "help.php");
	//$tab_array[5] = array("Email", false, "email.php");
	$tab_array[6] = array("Results", false, "parse.php\" target=\"_blank\"");
	display_top_tabs($tab_array);
?>  
  </td></tr>
  <tr> 
    <td>
	<div id="mainarea">
        <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
       <tr> 
	<td class="listhdrr">Main</td>
    
	  </tr>
      
    <tr> 
	<td class="listlr" valign="middle">
    
<?php

conf_mount_rw();

if (file_exists("/var/log/iplog")){
	
}else{
echo("iplog not started");	

}

	if(isset($_POST['formSubmit'])) 
    {
		
			mwexec("mkdir /var/run/iplog");
            mwexec("rm /var/log/iplog");
			mwexec("touch /var/log/iplog");
			mwexec("/usr/local/etc/rc.d/iplog restart");
			
		
	}
conf_mount_ro();
?>
<style type="text/css">

a img {border:none; }

</style>
</head>



<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
	<td >
	

	</form>
	
	<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
	<p>
    	
        </p>
		<h3><p style="font-family:Arial, Helvetica, sans-serif">
        <?php
		//TESTING AREA
		//echo("testing AREA <br />");
		$sbdb = strikeback_read_db();
		
		//print just one element out of db
		//print_r($sbdb[0][1]);
		//print line out of db
		//print_r($sbdb[0]);
		
		//$cpdbtest = array("blueT","yellow","testing","enddblineTom");
		//print_r($cpdbtest);
		//strikeback_write_db($cpdbtest);
		
		
		//echo("<br />END testing AREA <br />");
		//END TESTING
		//mwexec("touch /var/log/iplog"); //suppress errors so noobs on forums won't bother me
		if (file_exists("/var/log/iplog")){
			$lines = file('/var/log/iplog');
		}
		
		//arrays to catch the things you need
		$ssh = array();
		$port_scan = array();
		$ip_addr = array();
		
		// fill the arrays
		if (file_exists("/var/log/iplog")){
			foreach($lines as $line){
				if(preg_match('/ssh connection attempt/',$line)){ $ssh[] = $line; }
				if(preg_match('/(\d+).(\d+).(\d+).(\d+)/',$line)){ $ip_addr[] = $line; }
			}
		
			foreach($lines as $line){
				if(preg_match('/ssh connection attempt/',$line)){
					echo("<font color='#" . $sbdb[0][14] . "'>");
					echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
					echo("</font>");
				}
				elseif(preg_match('/port.scan/',$line)){
						echo("<font color='#" . $sbdb[0][12] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
						echo("<a href=strikeback.php?target=");
						$ipaddress = preg_match_all('/(\d+)\.(\d+)\.(\d+)\.(\d+)/', $line, $out);
						print_r($out[0][0]);
						echo("><font style='text-decoration:underline;' color='#9933CC'>Execute Strikeback</font></a>");
						//echo($out[0]);
						
				}
				elseif(preg_match('/dgram/',$line)){
						echo("<font color='#" . $sbdb[0][13] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/https/',$line)){
						echo("<font color='#" . $sbdb[0][0] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/imaps/',$line)){
						echo("<font color='#" . $sbdb[0][1] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/ftp/',$line)){
						echo("<font color='#" . $sbdb[0][2] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/submission/',$line)){
						echo("<font color='#" . $sbdb[0][3] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/auth.connection/',$line)){
						echo("<font color='#" . $sbdb[0][4] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/netbios-ssn/',$line)){
						echo("<font color='#" . $sbdb[0][5] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/smtp/',$line)){
						echo("<font color='#" . $sbdb[0][6] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/pop3/',$line)){
						echo("<font color='#" . $sbdb[0][7] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/telnet/',$line)){
						echo("<font color='#" . $sbdb[0][8] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/blackjack/',$line)){
						echo("<font color='#" . $sbdb[0][9] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/rap.connection/',$line)){
						echo("<font color='#" . $sbdb[0][10] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				elseif(preg_match('/port.3389/',$line)){
						echo("<font color='#" . $sbdb[0][11] . "'>");
						echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
						echo("</font>");
				}
				else {
					echo preg_replace('/(\d+)\.(\d+)\.(\d+)\.(\d+)/','<a target="_blank" href=\'http://dnstools.com/?count=1&lookup=on&wwwhois=on&portNum=80&all=on&target=$1.$2.$3.$4&submit=Go%21\'>$1.$2.$3.$4</a>',$line);
				}
				
				echo("<br />");
			}
		}
		
		?>
        <font color="#9933CC" >
        <br/><br/>
	  <input type="submit" name="formSubmit" value="Clear Log" />
	  </p>
</h3>
</form>
<br/>


</div>
<?php
	//This input guarantees that a POST is sent
	echo "<input type='hidden' name='zzz' value='required'>";
?>

</td>
</tr>
</table>
    </td>
	  
	 
    </tr>
   
  
</table>
</div>
<br>

<br><br>
<input type="submit" value="Save"><br><br>
<p>
</p>
</td>
	</tr>
</table>
</form>
<?php include("fend.inc"); ?>
</body>
</html>