API tools faq
paste
Guest User

MYSQL Watcher

a guest
Feb 18th, 2012
155
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
AutoIt 2.70 KB | None | 0 0
raw download clone embed print report
  1. #include <File.au3>
  2. #include <Array.au3>
  3.  
  4. #cs
  5.  
  6. I'm simple MYSQL watcher.
  7. My goal is to monitor mysql server for malicious queries which sits more than 30 seconds + which can cause Denial of Service
  8. (In eg: High CPU Load,High Memory Load etc.)
  9. (IN ex:         select benchmark(500000000005,'!AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA');    )
  10. I'm a Autoitscript file.
  11. (For compile http://autoitscript.com/)
  12. You can compile me to standalaone executable (x64 && x86).
  13. And you can use me on your server.
  14. But always make sure i'm not world readable or writeable plus is not spoofable by users.
  15. Finally i'm For Windows OS.
  16. No need to add me to task scheduler just Add me to Autostart i will loop every 30 seconds and monitor mysql server for
  17. malicious SQL statements and i will kill it for you.
  18.  
  19. I'm from Scratch and a bit lame :)
  20.  
  21. Tested on: MYSQL Server 5.5.17 Win (32bit)
  22. 1329588060
  23.  
  24. #ce
  25.  
  26.  
  27.  
  28.  
  29. Dim $myarr,$arr
  30.  
  31.  
  32. ;######################################### SPECIFY MYSQL ROOT PASSWORD AND COMPILE ME THATS ALL #######################
  33.  
  34.  
  35. $mysqlrootuser='root';
  36. $mysqlrootpsswd='mysqlstrngpass';
  37.  
  38.  
  39.  
  40. ;############################################## DO nOT CHANGE ANYTHING BELOW ##########################################
  41.  
  42.  
  43. While 1 ;getting to loop
  44.     Sleep(30000) ; sleeping every 30 seconds
  45.  
  46. $statement='mysql -bA -h 127.0.0.1 -u' & $mysqlrootuser & ' -p' & $mysqlrootpsswd  & ' -e "show full processlist\G"'
  47. ;our statement
  48.  
  49. Run(@ComSpec & " /c " & $statement & '>data.ini',@ScriptDir,@SW_HIDE)
  50. ;executing mysql from command line of OS
  51. Sleep(5000) ;sleeping 5 seconds(for filewrite if server high overloaded)
  52.  
  53. _FileReadToArray(@ScriptDir &"\data.ini",$myarr) ;reading temp file to array
  54. if @error Then
  55.     MsgBox(48,"Boo Boo:(","Unable to read temporary data.ini file (Will be created runtime please make sure i'm in writable directory",20)
  56.     Run(@ComSpec & " /c " & '"' & @ScriptFullPath & '"',@ScriptDir,@SW_HIDE)
  57.     FileDelete(@ScriptDir &"\data.ini"); deleting of our "temporary file"
  58.     ; if any error occurs will launch new instance of application then exit from 1'st application.
  59.     Exit
  60.     Exit
  61.     EndIf
  62.  
  63.  
  64. FileDelete(@ScriptDir &"\data.ini"); deleting of our "temporary file"
  65.  
  66.  
  67.  
  68. for $i=0 To $myarr[0] ;going to enumerate array elements
  69.  
  70. if StringMid($myarr[$i],1,8)="   Time:" Then ; searching for time
  71.     ;$timevalue=StringMid($myarr[$i],9,-1)
  72.     if StringMid($myarr[$i],9,-1) >=30 Then ;comparing it
  73. Run(@ComSpec & " /c " & 'mysql -bA -h 127.0.0.1 -u' & $mysqlrootuser & ' -p' & $mysqlrootpsswd & ' -e '  & '"kill ' &  StringMid(StringStripWS($myarr[$i-5],8),4,-1) & '"',@ScriptDir,@SW_HIDE)
  74. ;and finally killing "malicious" query which sits more than 30 seconds.
  75.         EndIf
  76.  
  77. EndIf
  78.  
  79. Next
  80.  
  81.  
  82.  
  83. WEnd
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!