Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-07 22:06:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated script to support cleaner output

Browse Source
This commit is contained in:
Michael Ramsey
2020-02-15 22:36:26 -05:00
parent 8eb5faecad
commit 38697a0a16
1 changed files with 55 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
CPScripts/access-logparser.py
View File

@@ -1,6 +1,10 @@
#!/usr/bin/python #!/usr/bin/python
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Originally based on code from: https://leancrew.com/all-this/2013/07/parsing-my-apache-logs/ # Apache Regex portion original credits to: https://leancrew.com/all-this/2013/07/parsing-my-apache-logs/
__author__ = "Michael Ramsey"
__version__ = "0.1.0"
__license__ = "GPL-3.0"
import os import os
import re import re
@@ -21,10 +25,10 @@ def main():
# filenametest = "/home/example.com.access_log" # filenametest = "/home/example.com.access_log"
# username = 'server' # username = 'server'
username = str(sys.argv[1]) username = str(sys.argv[1])
# Define the day of interest in the Apache common log format. # Define the day of interest in the Apache common log format. Default if not specified
try: try:
daysago = int(sys.argv[2]) daysago = int(sys.argv[2])
# daysago = 4 # daysago = 0
except: except:
daysago = 0 daysago = 0
the_day = date.today() - timedelta(daysago) the_day = date.today() - timedelta(daysago)
@@ -37,7 +41,7 @@ def main():
try: try:
if os.path.isfile('/usr/local/cpanel/cpanel') | os.path.isfile(os.getcwd() + '/cpanel'): if os.path.isfile('/usr/local/cpanel/cpanel') | os.path.isfile(os.getcwd() + '/cpanel'):
controlpanel = 'cpanel' controlpanel = 'Cpanel'
datetime_dcpumon = date.today().strftime('%Y/%b/%d') # 2020/Feb/10 datetime_dcpumon = date.today().strftime('%Y/%b/%d') # 2020/Feb/10
# Current Dcpumon file # Current Dcpumon file
dcpumon_current_log = "/var/log/dcpumon/" + datetime_dcpumon # /var/log/dcpumon/2019/Feb/15 dcpumon_current_log = "/var/log/dcpumon/" + datetime_dcpumon # /var/log/dcpumon/2019/Feb/15
@@ -50,7 +54,7 @@ def main():
domlogs_path = "/usr/local/apache/domlogs/" + username domlogs_path = "/usr/local/apache/domlogs/" + username
elif os.path.isfile('/usr/bin/cyberpanel') | os.path.isfile(os.getcwd() + '/cyberpanel'): elif os.path.isfile('/usr/bin/cyberpanel') | os.path.isfile(os.getcwd() + '/cyberpanel'):
controlpanel = 'cyberpanel' controlpanel = 'CyberPanel'
acesslog_sed = ".access_log" acesslog_sed = ".access_log"
if username == 'server': if username == 'server':
# Needs updated to glob all /home/*/logs/ # Needs updated to glob all /home/*/logs/
@@ -228,13 +232,26 @@ def main():
continue continue
# print >> stats_output, log + "|" + line, # print >> stats_output, log + "|" + line,
# print(log + "|" + line, end="", file=stats_output) # print(log + "|" + line, end="", file=stats_output)
# print(wp_login_hit_count)
log = log.replace('-ssl_log', '', 1) log = log.replace('-ssl_log', '', 1)
log = log.replace('.access_log', '', 1) log = log.replace('.access_log', '', 1)
# wp_login_dict[log] = int(wp_login_hit_count)
# wp_cron_dict[log] = int(wp_cron_hit_count)
# wp_xmlrpc_dict[log] = int(wp_xmlrpc_hit_count)
# wp_admin_ajax_dict[log] = int(wp_admin_ajax_hit_count)
# Only add hit count to dictionary if not equal to '0'
if wp_login_hit_count != '0':
wp_login_dict[log] = int(wp_login_hit_count) wp_login_dict[log] = int(wp_login_hit_count)
if wp_cron_hit_count != '0':
wp_cron_dict[log] = int(wp_cron_hit_count) wp_cron_dict[log] = int(wp_cron_hit_count)
if wp_xmlrpc_hit_count != '0':
wp_xmlrpc_dict[log] = int(wp_xmlrpc_hit_count) wp_xmlrpc_dict[log] = int(wp_xmlrpc_hit_count)
if wp_admin_ajax_hit_count != '0':
wp_admin_ajax_dict[log] = int(wp_admin_ajax_hit_count) wp_admin_ajax_dict[log] = int(wp_admin_ajax_hit_count)
# print(log) # print(log)
@@ -250,7 +267,7 @@ def main():
print('============================================') print('============================================')
print('Snapshot for ' + username) print('Snapshot for ' + username)
print(time.strftime('%H:%M%p %Z on %b %d, %Y')) print(time.strftime('%H:%M%p %Z on %b %d, %Y'))
if controlpanel == 'cpanel' or controlpanel == 'cyberpanel': if controlpanel == 'Cpanel' or controlpanel == 'CyberPanel':
print(controlpanel + " detected") print(controlpanel + " detected")
else: else:
print('No control Panel detected') print('No control Panel detected')
@@ -297,7 +314,15 @@ def main():
print('============================================') print('============================================')
d = wp_login_dict d = wp_login_dict
# Using dictionary comprehension to find list
# keys having value in 0 will be removed from results
delete = [key for key in d if d[key] == 0]
# delete the key
for key in delete: del d[key]
# print(d) # print(d)
print('''Wordpress Bruteforce Logins for wp-login.php %s''' % the_day.strftime('%b %d, %Y')) print('''Wordpress Bruteforce Logins for wp-login.php %s''' % the_day.strftime('%b %d, %Y'))
print(' ') print(' ')
# sort by dictionary by the values and print top 10 {key, value} pairs # sort by dictionary by the values and print top 10 {key, value} pairs
@@ -307,6 +332,12 @@ def main():
print(' ') print(' ')
d = wp_cron_dict d = wp_cron_dict
# Using dictionary comprehension to find list
# keys having value in 0 will be removed from results
delete = [key for key in d if d[key] == 0]
# delete the key
for key in delete: del d[key]
print('''Wordpress Cron wp-cron.php(virtual cron) checks for %s''' % the_day.strftime('%b %d, %Y')) print('''Wordpress Cron wp-cron.php(virtual cron) checks for %s''' % the_day.strftime('%b %d, %Y'))
print(' ') print(' ')
@@ -317,6 +348,12 @@ def main():
print(' ') print(' ')
d = wp_xmlrpc_dict d = wp_xmlrpc_dict
# Using dictionary comprehension to find list
# keys having value in 0 will be removed from results
delete = [key for key in d if d[key] == 0]
# delete the key
for key in delete: del d[key]
print('''Wordpress XMLRPC Attacks checks for xmlrpc.php for %s''' % the_day.strftime('%b %d, %Y')) print('''Wordpress XMLRPC Attacks checks for xmlrpc.php for %s''' % the_day.strftime('%b %d, %Y'))
print(' ') print(' ')
@@ -327,6 +364,12 @@ def main():
print(' ') print(' ')
d = wp_admin_ajax_dict d = wp_admin_ajax_dict
# Using dictionary comprehension to find list
# keys having value in 0 will be removed from results
delete = [key for key in d if d[key] == 0]
# delete the key
for key in delete: del d[key]
print('''Wordpress Heartbeat API checks for admin-ajax.php for %s''' % the_day.strftime('%b %d, %Y')) print('''Wordpress Heartbeat API checks for admin-ajax.php for %s''' % the_day.strftime('%b %d, %Y'))
print(' ') print(' ')