Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <File.au3>
- #include <Array.au3>
- #cs
- I'm simple MYSQL watcher.
- My goal is to monitor mysql server for malicious queries which sits more than 30 seconds + which can cause Denial of Service
- (In eg: High CPU Load,High Memory Load etc.)
- (IN ex: select benchmark(500000000005,'!AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'); )
- I'm a Autoitscript file.
- (For compile http://autoitscript.com/)
- You can compile me to standalaone executable (x64 && x86).
- And you can use me on your server.
- But always make sure i'm not world readable or writeable plus is not spoofable by users.
- Finally i'm For Windows OS.
- No need to add me to task scheduler just Add me to Autostart i will loop every 30 seconds and monitor mysql server for
- malicious SQL statements and i will kill it for you.
- I'm from Scratch and a bit lame :)
- Tested on: MYSQL Server 5.5.17 Win (32bit)
- 1329588060
- #ce
- Dim $myarr,$arr
- ;######################################### SPECIFY MYSQL ROOT PASSWORD AND COMPILE ME THATS ALL #######################
- $mysqlrootuser='root';
- $mysqlrootpsswd='mysqlstrngpass';
- ;############################################## DO nOT CHANGE ANYTHING BELOW ##########################################
- While 1 ;getting to loop
- Sleep(30000) ; sleeping every 30 seconds
- $statement='mysql -bA -h 127.0.0.1 -u' & $mysqlrootuser & ' -p' & $mysqlrootpsswd & ' -e "show full processlist\G"'
- ;our statement
- Run(@ComSpec & " /c " & $statement & '>data.ini',@ScriptDir,@SW_HIDE)
- ;executing mysql from command line of OS
- Sleep(5000) ;sleeping 5 seconds(for filewrite if server high overloaded)
- _FileReadToArray(@ScriptDir &"\data.ini",$myarr) ;reading temp file to array
- if @error Then
- MsgBox(48,"Boo Boo:(","Unable to read temporary data.ini file (Will be created runtime please make sure i'm in writable directory",20)
- Run(@ComSpec & " /c " & '"' & @ScriptFullPath & '"',@ScriptDir,@SW_HIDE)
- FileDelete(@ScriptDir &"\data.ini"); deleting of our "temporary file"
- ; if any error occurs will launch new instance of application then exit from 1'st application.
- Exit
- Exit
- EndIf
- FileDelete(@ScriptDir &"\data.ini"); deleting of our "temporary file"
- for $i=0 To $myarr[0] ;going to enumerate array elements
- if StringMid($myarr[$i],1,8)=" Time:" Then ; searching for time
- ;$timevalue=StringMid($myarr[$i],9,-1)
- if StringMid($myarr[$i],9,-1) >=30 Then ;comparing it
- Run(@ComSpec & " /c " & 'mysql -bA -h 127.0.0.1 -u' & $mysqlrootuser & ' -p' & $mysqlrootpsswd & ' -e ' & '"kill ' & StringMid(StringStripWS($myarr[$i-5],8),4,-1) & '"',@ScriptDir,@SW_HIDE)
- ;and finally killing "malicious" query which sits more than 30 seconds.
- EndIf
- EndIf
- Next
- WEnd
Add Comment
Please, Sign In to add comment