From b6e134215e47aabf2454d2718421cf980b112856 Mon Sep 17 00:00:00 2001 From: KzAtharX Date: Wed, 17 Jul 2024 10:49:33 +0700 Subject: [PATCH] Upload files to "/" --- bot-tele.sh | 43 +++++++++++++++++++++++++++++++++++++++++++ cowrie.conf | 6 ++++++ snort.conf | 6 ++++++ telegram.py | 36 ++++++++++++++++++++++++++++++++++++ 4 files changed, 91 insertions(+) create mode 100644 bot-tele.sh create mode 100644 cowrie.conf create mode 100644 snort.conf create mode 100644 telegram.py diff --git a/bot-tele.sh b/bot-tele.sh new file mode 100644 index 0000000..c70587b --- /dev/null +++ b/bot-tele.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +#init +initCount=0 +logs=/home/kz/log-tele.txt + +#File +msg_caption=/tmp/telegram_msg_caption.txt + +#Chat ID dan bot token Telegram +chat_id="1395072041" +token="7215263729:AAE1F9r74VtmXF4cbM003v9Elq9GhG2Pyno" + +#kirim +function sendAlert +{ + curl -s -F chat_id=$chat_id -F text="$caption" https://api.telegram.org/bot$token/sendMessage #> /dev/null 2&>1 +} + +#Monitoring Server +while true +do + lastCount=$(wc -c $logs | awk '{print $1}') #getSizeFileLogs + #DEBUG ONLY + #echo before_last $lastCount #ex 100 #after reset 0 + #echo before_init $initCount #ex 0 + #echo "--------------------" + + if(($(($lastCount)) > $initCount)); + then + #DEBUG + #echo "Kirim Alert..." + msg=$(tail -n 2 $logs) #GetLastLineLog + echo -e "Hallo Bro\nTerjadi ada nya Penyerangan pada Server loh!!!\n\nServer Time : $(date +"%d %b %Y %T")\n\n"$msg > $msg_caption #set Caption / Pesan + caption=$(<$msg_caption) #set Caption + sendAlert #Panggil Fungsi di function + echo "Alert Terkirim" + initCount=$lastCount + rm -f $msg_caption + sleep 1 + fi + sleep 2 #delay if Not Indication +done \ No newline at end of file diff --git a/cowrie.conf b/cowrie.conf new file mode 100644 index 0000000..937b1e0 --- /dev/null +++ b/cowrie.conf @@ -0,0 +1,6 @@ +[program:cowrie] +command=/home/cowrie/cowrie/bin/cowrie start -n +directory=/home/cowrie/cowrie/ +user=cowrie +autorestart=true +redirect_stderr=true \ No newline at end of file diff --git a/snort.conf b/snort.conf new file mode 100644 index 0000000..0b40441 --- /dev/null +++ b/snort.conf @@ -0,0 +1,6 @@ +[program:snort] +command=/home/kz/Snort-Bot-Telegram-Shell/bot-tele.sh +directory=/home/kz/Snort-Bot-Telegram-Shell/ +user=kz +autorestart=true +redirect_stderr=true \ No newline at end of file diff --git a/telegram.py b/telegram.py new file mode 100644 index 0000000..0702eae --- /dev/null +++ b/telegram.py @@ -0,0 +1,36 @@ +# Simple Telegram Bot logger +from __future__ import absolute_import, division +import urllib3 +import certifi +from twisted.python import log +import cowrie.core.output +from cowrie.core.config import CowrieConfig +class Output(cowrie.core.output.Output): + """ + telegram output + """ + #api telegram +def start(self): + self.bot_id = CowrieConfig().get('output_telegram', 'bot_id') + self.chat_id = CowrieConfig().get('output_telegram', 'chat_id') +def stop(self): + pass + #mangimbil log +def write(self, logentry): + for i in list(logentry.keys()): + # remove twisted 15 legacy keys + if i.startswith('log_'): + del logentry[i] + #kirim pesan + if "login attempt" in logentry['message']: + msgtxt = "[cowrie] " + logentry['timestamp'] + msgtxt += " " + logentry['message'] + msgtxt += " (session " + logentry['session'] + ")" + #mengirim alert + try: + https = urllib3.PoolManager(cert_reqs='CERT_REQUIRED' , ca_certs=certifi.where()) + r = https.request('GET', 'https://api.telegram.org/bot' + self.bot_id + '/sendMessage?chat_id=' + str(self.chat_id) + '&text=' + msgtxt) + + except urllib3.exceptions.SSLError as err: + + print('[ERROR] Telegram SSL error', err) \ No newline at end of file