예제 #1
0
def runPdfChartsLogs(filename):
    '''
	Run function for the 'Logs' table on the default database
	'''

    settings.init()
    sqlite.checkDb(db='output/LPD.db')
    run('Logs', 'SrcIp', 'aux/images/pdfChartLogs1.png', 'Source Ips')
    run('Logs', 'SrcCountry', 'aux/images/pdfChartLogs2.png',
        'Source Ips Countries')
    run('Logs', 'SrcCity', 'aux/images/pdfChartLogs3.png', 'Source Ips Cities')
    run('Logs', 'SrcSpecific', 'aux/images/pdfChartLogs4.png',
        'Source Ips Region')
    run('Logs', 'DstIp', 'aux/images/pdfChartLogs5.png', 'Destination Ips')
    run('Logs', 'DstCountry', 'aux/images/pdfChartLogs6.png',
        'Destination Ips Countries')
    run('Logs', 'DstCity', 'aux/images/pdfChartLogs7.png',
        'Destination Ips Cities')
    run('Logs', 'DstSpecific', 'aux/images/pdfChartLogs8.png',
        'Destination Ips Region')

    writePdf(0,
             filename,
             images=[
                 'aux/images/pdfChartLogs1.png',
                 'aux/images/pdfChartLogs2.png',
                 'aux/images/pdfChartLogs3.png',
                 'aux/images/pdfChartLogs4.png',
                 'aux/images/pdfChartLogs5.png',
                 'aux/images/pdfChartLogs6.png',
                 'aux/images/pdfChartLogs7.png',
                 'aux/images/pdfChartLogs8.png',
             ])
    sqlite.closeDb()
예제 #2
0
def geoIp(ip, db, csv, pdf):
	if db:
		settings.init()
		db = settings.getDatabaseStatus()



	print os.getcwd()
	reader = geoip2.database.Reader('aux/GeoIpDb.mmdb')
	returndata = reader.city(ip)
	country = returndata.country.iso_code
	city = returndata.city.name
	specific = returndata.subdivisions.most_specific.name
	print "***  Using Geolite2 Database of Cities ***"
	print "    Country       -->  ",country
	print "    City          -->  ",city
	print "    Specific      -->  ",specific


	#If db flag is active we put data in the database
	if db or csv or pdf:
		if db:
			print "Inserting data gathered in the database"
			sqlite.checkDb()
		now = datetime.datetime.now()
		now = str(now)
		now = now[:-7]

		if country is None:
			country = 'None'
		if city is None:
			city = 'None'
		if specific is None:
			specific = 'None'
		fields = ['Data', 'Script','Ip', 'Country', 'City', 'Specific']
		values = [now,'GeoIp', ip, country, city,specific ]

		if db:
			print "Writing to ", db

			sqlite.insertIntoTable('Script', fields, values)
			sqlite.closeDb()

		if csv:
			print "Writing to ", csv

			path = settings.getCsv()
			csv = path + csv
			if not os.path.exists(csv):
				writeCsv(fields, filename=csv)

			writeCsv( values, filename=csv)
		if pdf:
			print "Writing to ", pdf

			path = settings.getPdf()
			pdf = path + pdf
			toPdf = [fields, values]
			writePdf(toPdf, filename=pdf)
예제 #3
0
def runDbGeoMapS(filename):
    '''
	Run function for the 'Script' table on the default database
	'''
    sqlite.checkDb()

    runDbGeoMap('Script', 'Country', 'output/images/' + filename)
    sqlite.closeDb()
예제 #4
0
def runDbGeoMapL(filename):
    '''
	Run function for the 'Logs' table on the default database
	'''
    sqlite.checkDb()

    runDbGeoMap('Logs', 'SrcCountry', 'output/images/Src' + filename)
    runDbGeoMap('Logs', 'DstCountry', 'output/images/Dst' + filename)
    sqlite.closeDb()
예제 #5
0
def exportDbPdf(table):
    '''From the default database exports to pdf
	table:
		Table to export'''
    settings.init()
    sqlite.checkDb(db='output/LPD.db')

    sql = ''' select * from  {}'''.format(table)

    data = sqlite.executeSQL(sql)
    writePdf(data, 'output/pdf/' + table + '.pdf')
    sqlite.closeDb()
예제 #6
0
def exportDbCsv(table):
    '''From the default database exports to csv
	table:
		Table to export'''
    settings.init()
    sqlite.checkDb(db='output/LPD.db')

    sql = ''' select * from  {}'''.format(table)

    data = sqlite.executeSQL(sql)
    for i in range(len(data)):
        writeCsv(data[i], 'output/csv/' + table + '.csv')

    sqlite.closeDb()
예제 #7
0
def runPdfChartsScript(filename):
    '''
	Run function for the 'Script' table on the default database
	'''
    settings.init()
    sqlite.checkDb(db='output/LPD.db')
    run('Script', 'Ip', 'aux/images/pdfChartScript1.png', 'Ips')
    run('Script', 'Country', 'aux/images/pdfChartScript2.png', 'Countries')
    run('Script', 'City', 'aux/images/pdfChartScript3.png', 'Cities')
    run('Script', 'Specific', 'aux/images/pdfChartScript4.png', 'Region')
    run('Script', 'PortsOpen', 'aux/images/pdfChartScript5.png', 'Ports Open')
    writePdf(0,
             filename,
             images=[
                 'aux/images/pdfChartScript1.png',
                 'aux/images/pdfChartScript2.png',
                 'aux/images/pdfChartScript3.png',
                 'aux/images/pdfChartScript4.png',
                 'aux/images/pdfChartScript5.png'
             ])
    sqlite.closeDb()
예제 #8
0
def run():

    if Geo_ip != 0:
        
        geoip.geoIp(Geo_ip, WriteDb, WriteCsv, WritePdf)
        
    if PortIp != 0:
        portScan.portScan(PortIp, Ports, WriteDb, WriteCsv, WritePdf)
    if UdpFloodIp != 0:
        udpFlood.udpFlood(UdpFloodIp, Verbouse)
    if EstablishedConnections:
        #encrypt.EnDecript(False, 'scripts/establishedConnections.py'+'.crypt')
        establishedConnections.establishedConn(WriteDb, WriteCsv, WritePdf)
        #encrypt.EnDecript(True, 'scripts/establishedConnections.py')
        #encrypt.EnDecript(True, 'scripts/establishedConnections.py')
        #print "encripted"

    if RSA_do == 1:
        for y in range(len(RSA_files)):
            RSA.runEncrypt(RSA_files[y], keyFile=settings.getKeyPublic())
    if RSA_do == 2:
        for y in range(len(RSA_files)):
            RSA.runDecrypt(RSA_files[y], keyFile=settings.getKeyPrivate())
    if RSA_do == 3:
        keys_filename = raw_input("Enter the filename of the keys -->  ")
        RSA_create.run(keys_filename)

    if AES_do == 1:
        for y in range(len(AES_files)):
            AES.encrypt_file(settings.getKey(),AES_files[y],(AES_files[y]+".crypt"))
            Popen(['rm', AES_files[y]])
    if AES_do == 2:
        for y in range(len(AES_files)):
            AES.decrypt_file(settings.getKey(),AES_files[y],AES_files[y][:-6])
            Popen(['rm', AES_files[y]])
    if ProcessLogs:

        processLogs.run(ProcessLogs_File, ProcessLogs_Protocol, 'db')
    if Database:
        sqlite.checkDb()
        if DatabaseAction==DatabaseParameters[0]:
            sqlite.checkDb
        elif DatabaseAction==DatabaseParameters[1]:
            sqlite.userExecuteSql()
        elif DatabaseAction==DatabaseParameters[2]:
            sqlite.userCreateTable()
        elif DatabaseAction==DatabaseParameters[3]:
            sqlite.userDropTable()
        elif DatabaseAction==DatabaseParameters[4]:
            sqlite.userInsertTable()
        elif DatabaseAction==DatabaseParameters[5]:
            sqlite.userSelectTable()
        elif DatabaseAction==DatabaseParameters[6]:
            sqlite.userUpdateId()
        elif DatabaseAction==DatabaseParameters[7]:
            sqlite.userDeleteId()

        sqlite.closeDb()
    if analyzeLogs:
        analyze.runPdfChartsLogs('output/pdf/'+ analyzeLogs)
    if analyzeScripts:
        analyze.runPdfChartsScript('output/pdf/'+analyzeScripts)
    if geoMapS:
        GeoMap.runDbGeoMapS(geoMapS)
    if geoMapL:
        GeoMap.runDbGeoMapL(geoMapL)
    if dbPdf:
        analyze.exportDbPdf(dbPdf)
    if dbCsv:
        analyze.exportDbCsv(dbCsv)
예제 #9
0
def run(filename, protocol, output):
    if output == 'db':
        settings.init()
        sqlite.checkDb()
    months = []
    days = []
    times = []
    if protocol == 'http':

        print "Inserting data gathered in the database"
        info = getInfo(filename)
        srcIps = getAllSrcIp(info)
        dstIps = getAllDstIp(info)
        dates = getAllDate(info)
        for i in range(len(dates)):
            months.append(dates[i][0])
            days.append(dates[i][1])
            times.append(dates[i][2])

        locationsSrc = getLocation(srcIps)
        locationsDst = getLocation(dstIps)
        citySrc = getCity(srcIps)
        cityDst = getCity(dstIps)
        specificSrc = getSpecific(srcIps)
        specificDst = getSpecific(dstIps)

        for i in range(len(months)):
            fields = [
                'LogName', 'Protocol', 'Month', 'Day', 'Time', 'SrcIp',
                'SrcCountry', 'SrcCity', 'SrcSpecific', 'DstIp', 'DstCountry',
                'DstCity', 'DstSpecific'
            ]
            values = [
                filename, protocol, months[i], days[i], times[i], srcIps[i],
                locationsSrc[i], citySrc[i], specificSrc[i], dstIps[i],
                locationsDst[i], cityDst[i], specificDst[i]
            ]

            if output == 'db':
                sqlite.insertIntoTable('Logs', fields, values)

    elif protocol == 'ssh':
        print "Inserting data gathered in the database"
        info = getInfo(filename)
        #print info
        dates = getAllDate(info)
        ips = getIps(info)
        notes = getNotes(info)
        locationsSrc = getLocation(ips)
        citySrc = getCity(ips)
        specificSrc = getSpecific(ips)
        for i in range(len(dates)):
            months.append(dates[i][0])
            days.append(dates[i][1])
            times.append(dates[i][2])

        for i in range(len(months)):
            fields = [
                'LogName', 'Protocol', 'Month', 'Day', 'Time', 'SrcIp',
                'SrcCountry', 'Notes'
            ]
            values = [
                filename, protocol, months[i], days[i], times[i], ips[i],
                locationsSrc[i], notes[i]
            ]
            if output == 'db':
                sqlite.insertIntoTable('Logs', fields, values)

    if output == 'db':
        sqlite.closeDb()