Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical

Re: Brute Force Attacks

by onelesd (Pilgrim)
on Nov 06, 2011 at 02:05 UTC ( #936215=note: print w/replies, xml ) Need Help??

in reply to Brute Force Attacks

Please edit your post or re-post altogether, as something went horribly wrong. Make sure to use the "preview" button.

Replies are listed 'Best First'.
Brute Force Attacks
by AbCraig (Initiate) on Nov 06, 2011 at 02:23 UTC

    I am relatively new to perl and would like some assistance. I have been at this for quite some time. What I am looking for is a way to extract certain information from a log file. I have attached a sample of the log file and the desired output as well as the code I have thus far

    ======================================= Request: - - Tue Mar 9 22:27:46 2004 "GET HTTP/1.0" 200 566 Handler: proxy-server Error: mod_security: pausing for 50000 ms ---------------------------------------- GET HTTP/1.0 Accept: */* Accept-Language: en Connection: Keep-Alive mod_security-message: Access denied with code 200. Pattern match "passwd=" at THE_REQUEST. mod_security-action: 200 HTTP/1.0 200 OK Connection: close

    Attackerís address

    I have been extracting data from the log file for example, the Top 10 results of mod_security-message header. I am looking for something similar. Thanks

    open (LOGFILE2,"audit_log") || die " Error opening log file $logFile. +\n"; #printf "<pre>\n"; while (<LOGFILE2>) { if (/mod_security-message[:](.*)\./) { $MOD_SEC{$1}++ } close (LOGFILE); #--------------------------------------# # Output the number of hits per file # #--------------------------------------# print "TOP $NUM_RECS_TO_PRINT PATTERN MATCH:\n"; print "-----------------------------\n\n"; $count=1; foreach my $modsec (sort {$MOD_SEC{$b} <=> $MOD_SEC{$a}} (keys(%MOD +_SEC))) { last if ($count > $NUM_RECS_TO_PRINT); print "$count\t$modsec= $MOD_SEC{$modsec} \n"; $count++; } print "\n\n";
      Is this a log file format that you came up with? If so, and if it's a format you can modify, I suggest you change the format to better fit your needs. Logs are usually meant to be read (easily) by humans and yours is giving me a headache.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://936215]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (3)
As of 2018-11-18 14:03 GMT
Find Nodes?
    Voting Booth?
    My code is most likely broken because:

    Results (205 votes). Check out past polls.