Linux iad1-shared-b7-18 6.6.49-grsec-jammy+ #10 SMP Thu Sep 12 23:23:08 UTC 2024 x86_64
Apache
: 67.205.6.31 | : 216.73.216.47
Cant Read [ /etc/named.conf ]
8.2.29
fernandoquevedo
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
etc /
fail2ban /
action.d /
[ HOME SHELL ]
Name
Size
Permission
Action
abuseipdb.conf
3.66
KB
-rw-r--r--
apf.conf
587
B
-rw-r--r--
badips.conf
629
B
-rw-r--r--
badips.py
11.27
KB
-rw-r--r--
blocklist_de.conf
2.65
KB
-rw-r--r--
bsd-ipfw.conf
3.15
KB
-rw-r--r--
cloudflare.conf
2.9
KB
-rw-r--r--
complain.conf
4.65
KB
-rw-r--r--
dshield.conf
7.49
KB
-rw-r--r--
dummy.conf
1.68
KB
-rw-r--r--
failcentral-dreamhost.conf
415
B
-rw-r--r--
firewallcmd-allports.conf
1.47
KB
-rw-r--r--
firewallcmd-common.conf
2.59
KB
-rw-r--r--
firewallcmd-ipset.conf
2.66
KB
-rw-r--r--
firewallcmd-multiport.conf
1.29
KB
-rw-r--r--
firewallcmd-new.conf
1.9
KB
-rw-r--r--
firewallcmd-rich-logging.conf
1021
B
-rw-r--r--
firewallcmd-rich-rules.conf
1.76
KB
-rw-r--r--
helpers-common.conf
592
B
-rw-r--r--
hostsdeny.conf
1.62
KB
-rw-r--r--
ipfilter.conf
1.54
KB
-rw-r--r--
ipfw.conf
1.47
KB
-rw-r--r--
iptables-allports.conf
1.48
KB
-rw-r--r--
iptables-common.conf
2.67
KB
-rw-r--r--
iptables-ipset-proto4.conf
2.04
KB
-rw-r--r--
iptables-ipset-proto6-allports...
2.68
KB
-rw-r--r--
iptables-ipset-proto6.conf
2.72
KB
-rw-r--r--
iptables-multiport-log.conf
2.12
KB
-rw-r--r--
iptables-multiport.conf
1.47
KB
-rw-r--r--
iptables-new.conf
1.55
KB
-rw-r--r--
iptables-string.conf
1.34
KB
-rw-r--r--
iptables-xt_recent-echo.conf
2.61
KB
-rw-r--r--
iptables.conf
1.39
KB
-rw-r--r--
mail-buffered.conf
2.37
KB
-rw-r--r--
mail-whois-common.conf
1.03
KB
-rw-r--r--
mail-whois-lines.conf
2.39
KB
-rw-r--r--
mail-whois.conf
1.8
KB
-rw-r--r--
mail.conf
1.67
KB
-rw-r--r--
mynetwatchman.conf
5.2
KB
-rw-r--r--
ndn-central-action.conf
291
B
-rw-r--r--
ndn-fail2ban-central.pl
3.82
KB
-rwxr-xr-x
netscaler.conf
1.46
KB
-rw-r--r--
nftables-allports.conf
383
B
-rw-r--r--
nftables-multiport.conf
384
B
-rw-r--r--
nftables.conf
6.17
KB
-rw-r--r--
nginx-block-map.conf
3.66
KB
-rw-r--r--
npf.conf
1.49
KB
-rw-r--r--
nsupdate.conf
3.16
KB
-rw-r--r--
osx-afctl.conf
497
B
-rw-r--r--
osx-ipfw.conf
2.25
KB
-rw-r--r--
pf.conf
3.66
KB
-rw-r--r--
route.conf
1023
B
-rw-r--r--
sendmail-buffered.conf
2.74
KB
-rw-r--r--
sendmail-common.conf
1.89
KB
-rw-r--r--
sendmail-geoip-lines.conf
1.72
KB
-rw-r--r--
sendmail-whois-ipjailmatches.c...
1.03
KB
-rw-r--r--
sendmail-whois-ipmatches.conf
1.01
KB
-rw-r--r--
sendmail-whois-lines.conf
1.27
KB
-rw-r--r--
sendmail-whois-matches.conf
1000
B
-rw-r--r--
sendmail-whois.conf
950
B
-rw-r--r--
sendmail.conf
829
B
-rw-r--r--
shorewall-ipset-proto6.conf
3.44
KB
-rw-r--r--
shorewall.conf
2.11
KB
-rw-r--r--
smtp.py
6.13
KB
-rw-r--r--
symbiosis-blacklist-allports.c...
1.38
KB
-rw-r--r--
ufw.conf
1.02
KB
-rw-r--r--
xarf-login-attack.conf
6.29
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : ndn-fail2ban-central.pl
#!/usr/bin/env perl # #Nightmare Labs central fail2ban database action. # #Writes and Query central fail2ban database. # use strict; use warnings; use DBI; use v5.10; use Getopt::Long qw(GetOptions); #Global Variables my ($sql, $hostname, $jail, $ip, $report, $table); #MySQL related my $db = 'failcentral'; my $host = '69.163.136.9'; my $user = 'f2b_user'; my $password = 'nightmarelabs'; my $dsn = "DBI:mysql:database=$db;host=$host"; my $dbh = DBI->connect($dsn, $user, $password); GetOptions ( "help|h" => sub { _help2() }, "report|r=i" => \$report, ) or _help(); #Usage information sub _help { print "Tool to log fail2ban actions to a database. Usage: ndn-fail2ban-central.pl [--help|-h] [--report| -r <seconds> <cluster>] <cluster> <jail name> <IP address> Options: --help|-h This help page. --report|-r <interval in seconds> <cluster> Examples: ndn-fail2ban-central.pl fail2ban_loadbalancer ssh-bruteforce 1.2.3.4 ndn-fail2ban-central.pl --report|-r 60 (Shows entries from the last 60 seconds) fail2ban_loadbalancer\n"; exit 0; } #Running report if ($report) { ($table) = @ARGV; query_fail2ban($report, $table); exit 0; } sub query_fail2ban{ ($report, $table) = @_; my $sql = "SELECT date, hostname, jail, ip from $table where date>DATE_ADD(NOW(), interval -$report SECOND)"; my $sth = $dbh->prepare($sql); $sth->execute(); while (my @row = $sth->fetchrow_array()){ print "@row\n"; } $sth->finish(); } sub _insert { ($table, $hostname, $jail, $ip) = @_; my $sql = "INSERT INTO $table set hostname='$hostname', jail='$jail',ip='$ip', date=NOW()"; my $fail_data = _get_fail_data(); $sql .= ", fail_data='$fail_data'" if $fail_data; my $sth = $dbh->prepare($sql); $sth->execute(); $sth->finish(); } sub _get_fail_data { my $users_ref = _process_log(); if (!$users_ref) { my $second_attempt = 1; $users_ref = _process_log($second_attempt); return if !$users_ref; } my %users = %$users_ref; my $fail_data; # TODO: for jails like wp and 418, we probably want to do something else.. figure that out later. # user with the highest fail count should be first since the list length is max 15 users. my @sorted_users = sort { $users{$a} <=> $users{$b} } keys %users; my $i = 0; for my $user (reverse @sorted_users) { $fail_data .= "$user:$users{$user},"; $i++; last if $i > 14; # cutting it off here else the list would be truncated in the db. } return $fail_data; } sub _process_log { my ($second_attempt) = @_; # TODO: we're always going to try a second attempt for the other jails, like ssh, ftp, etc. add those later. # TODO: put these regex's somewhere? my $config = { 'dovecot' => { log_file => '/var/log/auth.log', fail_regex => 'dovecot.*fail', user_regex => 'ruser=(.*) rhost', }, 'postfix-sasl' => { log_file => '/var/log/auth.log', fail_regex => 'dovecot.*fail', user_regex => 'ruser=(.*) rhost', }, }; my $log = $config->{$jail}->{log_file}; $log .= '.1' if $second_attempt; my $fail_re = $config->{$jail}->{fail_regex}; my $user_re = $config->{$jail}->{user_regex}; if ($log && $fail_re && $user_re) { open my $fh, '<', $log || return; my %users; while (<$fh>) { my $line = $_; chomp($line); next unless $line =~ /$ip/; next unless $line =~ /$fail_re/; my ($user) = $line =~ /$user_re/; next unless $user; $users{$user}++; } close $fh; return \%users if keys %users > 0; } return; } sub main { ($table, $jail, $ip) = @ARGV; $hostname = `hostname`; #if required values are missing exit if ($table and $jail and $ip) { chomp ($table, $hostname, $jail, $ip); } else { print "Valid options required\n"; _help(); } if ($ip =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)$/) { } else { print "Valid IP address required\n"; _help(); } _insert($table, $hostname, $jail, $ip); } main();
Close
