castlel1.txt 0100755 0000000 0000000 00000012063 07517105404 012036 0 ustar root root
#!/usr/bin/perl
#
# Author:
# Chip Castle
# Chip Castle Dot Com, Inc.
# http://www.chipcastle.com
# chip@chipcastle.com
#
$|=1;
#use strict;
#use diagnostics;
use DBI ();
use CGI qw(:standard center end_table);
use CGI::Carp qw(fatalsToBrowser);
use URI::Escape;
use constant DSN => 'dbi:mysql:httpdlog';
use constant DB_TABLE => 'requests';
use constant DB_AUTH => 'httpduser:secret';
use constant BG_COLOR => 'white';
use constant TABLE_BG_COLOR => '#cccc99';
use constant TABLE_DEF => '
';
use constant LIMIT => 10;
use constant TITLE => 'Access Log Viewer';
print header;
&display_form;
&display_report;
print('' . end_form() . end_table() . end_html());
sub display_form {
my %labels = (
"Choose a report" => "",
"Total hits" => "SELECT COUNT(*) FROM requests",
"Number of bytes transferred" => "SELECT SUM(bytes) FROM requests",
"Most popular url's" => "SELECT filename,COUNT(*) as count FROM requests GROUP BY filename ORDER BY count DESC",
"Broken links" => "SELECT filename,COUNT(filename) FROM requests WHERE status=404 GROUP BY filename",
"Most popular MIME type served" => "SELECT contenttype,COUNT(*) as count FROM requests GROUP BY contenttype ORDER BY count DESC",
"Largest documents served" => "SELECT filename,bytes FROM requests ORDER BY bytes DESC",
"Most recently served url's" => "SELECT filename, timeserved FROM requests ORDER BY timeserved DESC",
);
my %reversed_labels = reverse %labels;
print start_html(-bgcolor=>"${\BG_COLOR}", -title=>"${\TITLE}"),
'',
br,
br,
b(font({-size=>"+2", -face=>"arial,helvetica"}, "${\TITLE}")),
br,
br,
br,
br,
start_form(-action=>url()),
font({-size=>"+1", -face=>"arial,helvetica"}, "Select Report:"),
&spaces(3),
popup_menu(
-name => 'canned_report',
-values => [ values %labels ],
-default => "",
-labels => \%reversed_labels,
),
&spaces(3),
font({-size=>"+1", -face=>"arial,helvetica"}, "or"),
br,
br,
font({-size=>"+1", -face=>"arial,helvetica"}, "Enter SQL Query:"),
&spaces(3),
textfield(-name=>'sql', -size=>75),
&spaces(3),
br,
br,
submit(-name=>'submit', value=>'Display Results'),
br,
br;
}
sub display_report {
my $sql = param('canned_report') ne '' ? param('canned_report') :
param('sql') ne '' ? param('sql') : "SELECT * FROM requests";
my $num = defined param('num') ? param('num') : 0;
my $limit_sql = $sql . " LIMIT $num, ${\LIMIT}";
my ($dbh, $ra, $row_count, $results, $sth);
$dbh = DBI->connect(DSN, split ':', DB_AUTH, {-RaiseError=>1}) or die("ERROR: $DBI::errstr");
eval {
$ra = $dbh->selectall_arrayref($sql);
$row_count = scalar(@$ra);
$sth = $dbh->prepare($limit_sql);
$sth->execute();
};
die($@) if ($@);
$results = "result" . ($row_count > 1 ? 's' : '');
print hr({-width=>"80%"}),
br,
br,
font({-face=>"arial,helvetica"},
"Found $row_count $results for the following query:
$limit_sql"),
br,
br,
("${\TABLE_DEF}");
my $url = url() . '?sql=' . uri_escape($sql);
my $prev_url = $url . '&num=' . ($num - ${\LIMIT} > 0 ? ($num - ${\LIMIT}) : 0);
my $next_url = $url . '&num=' . ($num + ${\LIMIT});
$prev_url = ($num + 1 - ${\LIMIT} > 0) ?
a({-href=>$prev_url}, "<< Previous") . &spaces(10) : '';
$next_url = ($row_count - $num > ${\LIMIT}) ?
a({-href=>$next_url}, "Next >>") : '';
print &get_nav_table($prev_url, $next_url);
print br, "${\TABLE_DEF}";
my $rows = 0;
while (my $rh = $sth->fetchrow_hashref()) {
print(Tr({-bgcolor=>"${\BG_COLOR}"}, th([keys %$rh]) )) if $rows == 0;
$rows++;
my $curr_cell_color = ($rows % 2 == 1) ? "${\TABLE_BG_COLOR}" : "${\BG_COLOR}";
print(Tr({-bgcolor=>$curr_cell_color}, td({-nowrap=>1}, [values %$rh]) ));
}
print end_table, br, &get_nav_table($prev_url, $next_url);
$sth->finish;
$dbh->disconnect if defined $dbh;
}
sub get_nav_table {
my ($prev_url, $next_url) = @_;
my $nav = '' .
Tr(td({-align=>'left'}, [ font({-face=>"arial,helvetica"}, $prev_url)]),
td({-align=>'right'}, [ font({-face=>"arial,helvetica"}, $next_url)])) .
end_table();
return $nav;
}
sub spaces {
my $num = shift or 1;
my $spaces;
for (1..$num) { $spaces .= ' '; }
return $spaces;
}
Castle 13
clowesl1.txt 0100755 0000000 0000000 00000002237 07422057246 012066 0 ustar root root Listing 1:
1 /* Compile with cc -g -o kvm kvm.c -lkvm -lelf */
2 #include
3 #include
4 #include
5 #include
6 #include
7
8 int main(int argc, char *argv[]) {
9 kvm_t *kmem;
10 struct dev_info *pdevnode, devnode;
11 struct nlist sym[] = { { "top_devinfo" }, { 0 } };
12
13 /* Open kernel memory */
14 kmem = kvm_open(NULL, NULL, NULL, O_RDONLY, argv[0]);
15
16 /* Find the top_devinfo symbol, a pointer to the root node */
17 kvm_nlist(kmem, sym);
18
19 /* Read in the pointer */
20 kvm_kread(kmem, sym[0].n_value, (char *) &pdevnode, sizeof(pdevnode));
21
22 /* Now read in the node itself */
23 kvm_kread(kmem, (unsigned long) pdevnode, (char *) &devnode, sizeof(devnode));
24
25 printf("Parent: 0x%08x Child: 0x%08x Sibling: 0x%08x\n",
26 devnode.devi_parent, devnode.devi_child, devnode.devi_sibling);
27
28 /* Close kernel memory */
29 kvm_close(kmem);
30 }
clowesl2.txt 0100755 0000000 0000000 00000006643 07422057274 012075 0 ustar root root Listing 2:
1 /* Compile with cc -g -o devinfo devinfo.c -ldevinfo */
2 #include
3 #include
4 #include
5 #include
6
7 void showstate(unsigned int state) {
8 static char outstate[100];
9
10 outstate[0] = '\0';
11 if (state & DI_DRIVER_DETACHED)
12 strcat(outstate, "drvdet,");
13 if (state & DI_DEVICE_OFFLINE)
14 strcat(outstate, "offline,");
15 if (state & DI_DEVICE_DOWN)
16 strcat(outstate, "down,");
17 if (state & DI_BUS_QUIESCED)
18 strcat(outstate, "busquiesced,");
19 if (state & DI_BUS_DOWN)
20 strcat(outstate, "busdown,");
21 if (outstate[0])
22 outstate[strlen(outstate) - 1] = '\0';
23
24 printf("state(%s) ", outstate);
25 }
26
27 void showprop(di_node_t tNode, di_prop_t tProp) {
28 if (DINO(tNode)->hw_prop &&
29 (DIPROP(tProp)->self >= DINO(tNode)->hw_prop))
30 printf("hw");
31 else if (DINO(tNode)->sys_prop &&
32 (DIPROP(tProp)->self >= DINO(tNode)->sys_prop))
33 printf("sys");
34 else
35 printf("drv");
36
37 printf("prop(%s) ", di_prop_name(tProp));
38 }
39
40 void showminor(di_minor_t tMinor) {
41 if (di_minor_spectype(tMinor) == S_IFCHR)
42 putc('c', stdout);
43 else
44 putc('b', stdout);
45
46 printf("minor(%s %s) ", di_minor_name(tMinor),
47 (di_minor_nodetype(tMinor) ? : "None"));
48 }
49
50 void examinenode (di_node_t tNode, int indent) {
51 di_minor_t tMinor;
52 di_prop_t tProp;
53 int i = indent++;
54
55 while (i--)
56 printf(" ");
57
58 /* Print basic information */
59 printf("%s bind(%s) bus(%s) drv(%s) inst(%d) ",
60 di_node_name(tNode),
61 di_binding_name(tNode),
62 (di_bus_addr(tNode) ? : ""),
63 (di_driver_name(tNode) ? : ""),
64 di_instance(tNode));
65
66 showstate(di_state(tNode));
67
68 /* Examine any properties */
69 tProp = DI_PROP_NIL;
70 while ((tProp = di_prop_next(tNode, tProp)) != DI_PROP_NIL)
71 showprop(tNode, tProp);
72
73 /* Examine any minor nodes */
74 tMinor = DI_MINOR_NIL;
75 while ((tMinor = di_minor_next(tNode, tMinor)) != DI_MINOR_NIL)
76 showminor(tMinor);
77
78 printf("\n");
79
80 /* Now examine all the child nodes */
81 tNode = di_child_node(tNode);
82 while (tNode != DI_NODE_NIL) {
83 examinenode(tNode, indent);
84 tNode = di_sibling_node(tNode);
85 }
86 }
87
88 int main() {
89 di_node_t tRootNode;
90
91 /* Get a snapshot of the device tree */
92 if (!(tRootNode = di_init("/", DINFOCPYALL))) {
93 perror("Failed to get root node");
94 return(1);
95 }
96
97 /* Recursively examine all nodes */
98 examinenode(tRootNode, 0);
99
100 /* Free the snapshot */
101 di_fini(tRootNode);
102
103 return(0);
104 }
clowesl3.txt 0100755 0000000 0000000 00000003407 07422057340 012063 0 ustar root root Listing 3:
1 /* Compile with cc -g -o listcds listcds.c -ldevinfo */
2 #include
3 #include
4 #include
5
6 di_minor_t srchminor;
7
8 int showpath(const char *fname, const struct stat *statbuf, int type) {
9 if (statbuf->st_rdev == di_minor_devt(srchminor)) {
10 printf("%s\n", fname);
11 return(1);
12 }
13 return(0);
14 }
15
16 int checknode(di_node_t node, void *dummy) {
17 di_minor_t minor = DI_MINOR_NIL;
18 char *path;
19
20 /* Check if any of the minor nodes are CD-ROMs */
21 while ((minor = di_minor_next(node, minor)) != DI_MINOR_NIL) {
22 if (di_minor_nodetype(minor) &&
23 ((!strcmp(di_minor_nodetype(minor), DDI_NT_CD) ||
24 (!strcmp(di_minor_nodetype(minor), DDI_NT_CD_CHAN))))) {
25 srchminor = minor;
26 if (ftw("/dev", &showpath, 10) == 0) {
27 printf("/devices%s:%s\n",
28 path = di_devfs_path(node), di_minor_name(minor));
29 di_devfs_path_free(path);
30 }
31 break;
32 }
33 }
34
35 return(DI_WALK_CONTINUE);
36 }
37
38 int main() {
39 di_node_t tRootNode;
40
41 if ((tRootNode = di_init("/", DINFOCPYALL)) == DI_NODE_NIL) {
42 perror("Failed to get root node");
43 return(1);
44 }
45
46 /* Examine all nodes */
47 di_walk_node(tRootNode, DI_WALK_CLDFIRST, NULL, &checknode);
48
49 di_fini(tRootNode);
50
51 return(0);
52 }
davidl1.txt 0100755 0000000 0000000 00000003631 07506140466 011660 0 ustar root root #!/usr/bin/perl
$Version = 'runmany v1.5 - last change 2001-08-24 11:37:07-04';
use Getopt::Std;
&getopts("dv") || &Usage;
&Usage if $#ARGV != 1; # sanity check on args present and accounted for
$proc = shift(@ARGV);
$limit = shift(@ARGV);
print STDERR "Cmd: \"$proc\"\nNum: $limit\n" if $opt_v || $opt_d;
while (<>) {
chop;
unless (fork()) {
if ($proc =~ m/%s/) {
($cmd = $proc) =~ s/%s/$_/g;
} else {
$cmd = "${proc} $_";
}
exec $cmd;
}
++$started;
$running = $started - $finished;
print STDERR "$started $finished\n" if $opt_d;
if ($limit <= $running) {
wait;
++$finished;
}
}
# wait for last children and exit clean
until ($finished == $started) {
print STDERR "Final wait: $started $finished\n" if $opt_d;
wait;
++$finished;
}
exit 0;
sub Usage
{
print "\n$Version\n\n"
. "Usage:\n"
. " runmany [options] \n"
. "\n"
. "lines are read from stdin, and the values read are used to replace\n"
. "any instances of \"%s\" in the . Copies of the modified\n"
. "command are started until copies are running, then a new copy\n"
. "is started every time a command process ends.\n"
. "\n"
. "This is useful when more than one item may be processed at a time, but\n"
. "processing all possible commands at once could / would overload the system.\n"
. "\n"
. "Options:\n"
. " -v Verbose, output the command and count when starting\n"
. " -d Debug. Output a bunch of data while running.\n"
. "\n"
. "Example:\n"
. " ls | grep '\.o\$' | runmany \"gzip -8v %s\" 3\n"
. "\n"
. "would compress three files at a time (presumable on a system with at\n"
. "least that many processors.\n"
. "\n"
. "Author: Bill Davidsen \n"
. "\n";
exit 1;
}
jacobsl1.txt 0100755 0000000 0000000 00000005142 07517621142 012026 0 ustar root root #!/bin/bash
# vim:tw=72:ts=8:sw=4:ai
##
## Name:
## ntp_packets.sh
##
## Version:
## $Revision: 1.4 $
##
## Purpose:
## Show boolean received status of the last 8 packets for each NTP
## server or peer.
##
## Usage:
## ntp_packets.sh [ -u | -h ]
##
## Options:
## -h = show documentation
## -u = show usage
##
## Copyright:
## Copyright (c) 2002 by Todd A. Jacobs
## All Rights Reserved
##
## License:
## Released under the GNU General Public License (GPL)
## http://www.gnu.org/copyleft/gpl.html
##
## This program is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License
## as published by the Free Software Foundation; either version 2
## of the License, or (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
# Show brief help on usage.
function ShowUsage {
echo -n "Usage: "
egrep -A1 "^## Usage" $0 | tail -n1 | sed -e 's/^##[[:space:]]*//'
exit 2
}
while getopts ":hu" opt; do
case $opt in
h)
# If passed "-h" for help, use egrep to show the
# help comments designated by an inital
# double-octothorpe and exit with errorlevel 2.
egrep '^##[^#]' $0 | sed 's/##//'
exit 2
;;
\? | u)
ShowUsage
;;
esac # End "case $opt"
done # End "while getopts"
# Convert circular buffer's octal value to decimal, and then compute the
# binary value that represents the boolean received status for the past
# 8 NTP packets.
display_buffer () {
IP=$1
unset packets
let buffer=0$2
while [ $buffer -ne 0 ]; do
packets=$(( buffer % 2 ))$packets
buffer=$(( buffer >> 1 ))
done
# EOF flag must be preceeded only by a tab, or the script breaks.
cat <<-EOF
Last 8 packets received from $IP:
8......1
$packets
EOF
}
# Parse the output of ntpq to get the IP address and reachability value
# for all peers and servers. xargs won't exec functions, so we'll store
# the values as positional parameters instead.
set -- $(
/usr/sbin/ntpq -pn | awk '{print $1, $7}' | sed -e 's/^[*+-]//' | \
grep '^[[:digit:]]'
)
# Display output.
while [ $# -ge 2 ]; do
display_buffer $1 $2
shift 2
done
nsrxref.py 0100755 0000000 0000000 00000031233 07506754464 011644 0 ustar root root # Accept an .nsr file as argv[1], and print an HTML cross-reference table to STDOUT.
# The target IP addresses are across the top, and the found vulnerabilities are
# down the left side.
#
# 11 Mar. 2002 - Initial implementation - works as advertised.
#
# 12 Mar. 2002 - Cleaned up the comments.
# - Removed the ---- in the clear cells - now they're just lime green.
# - Added code to display multiple tables of 5 ip addresses each. This
# makes the output much more readable on smaller screens at lower
# resolution.
#
# 13 Mar. 2002 - Cleaned up the commenting for the multiple tables part.
# - Got rid of the temporary variable x that had been used as part of
# calculating the number of tables in the output.
# - Right justified the numbers in the Summary table.
#
# 19 Mar. 2002 - Added a function, sortip, to sort IP addresses in the correct order.
# It accepts a list as an argument, and returns a list, sorted
# by address, not lexically. This function assumes the addresses
# are unique, and that each entry in the list is an IP address with
# four octets.
# - Removed the custom replace code based on vulnerability ID, and
# replaced it with a standard replacing of semi-colons (what Nessus
# uses to represent linebreaks in the vulnerability description)
# with spaces.
# - In an effort to pull realistic, short descriptions from the Nessus
# vulnerabilities, I added code to look for a ;; from the right, and
# a : from the left. Whichever is closest to the left of the string
# is used as the right hand side of the displayed description.
#
# NOTE 00: The NSR file is pipe delimited, and each line has either 2 or 5 columns
# Column 1 - Subscript 0 - IP Address of the scanned host
# Column 2 - Subscript 1 - Service Name - Port - Protocol
# Column 3 - Subscript 2 - Nessus Plugin ID #
# Column 4 - Subscript 3 - INFO, NOTE, or REPORT - Reports=holes, Infos=warnings
# Column 5 - Subscript 4 - Description - semi-colons indicate EOL in display
#
import sys # Command line argument processing
import string # Split, strip, etc.
def usage(): # Display usage information
print 'USAGE: nsrxref.py NSRFILE'
print ' NSRFILE is the fully qualified filename of a NESSUS report'
print ' By: Paul Trout - V0.3A - 19 Mar. 2002'
sys.exit()
def sortip(srclist): # Takes a list of IP addresses as an argument
ipdict={} # Dictionary used for temporary workplace
for ip in srclist: # Loop through all the addresses
srcoctets=string.split(ip,'.') # Split the address into separate octets
paddedip='' # Padded IP starts as a blank string
for octet in srcoctets: # For each octet
paddedip=paddedip+str(string.zfill(octet,3))+'.' # The extra trailing . won't hurt
ipdict[paddedip]=ip # Make a dictionary entry keyed by the padded ip address
keylist=ipdict.keys() # Extract the padded ip address keys
keylist.sort() # Which will now sort properly with a lexical sort
retlist=[] # List of sorted ip addresses in non-paddded form
for ip in keylist: # Step through the padded keys
retlist.append(ipdict[ip]) # And append the next IP address to the end of the list
return retlist # Return the sorted list of IP addresses
try: # Trap errors accessing argv[1]
nsrfile=open(sys.argv[1],'r') # Open the file for read
except IndexError: # If no argv[1] was passed
usage() # Display usage and exit
except IOError: # If error opening argv[1]
print 'Error opening', sys.argv[1], 'for reading' # Display error message
print 'Terminating'
sys.exit() # And Exit
vulninfo={} # Dictionary of vulnerabilities - indexed by ID#
host_addr={} # Dictionary of host addresses
vulnbyhost={} # Dictionary of host/vulnerability combinations
linecounter=0 # Idiot check
twoflds=0 # Lines that don't have anything to process
notecounter=0 # Note lines
warncounter=0 # Warning lines
holecounter=0 # Hole lines
currentline=nsrfile.readline() # Read the first line
while len(currentline)>0: # As long as there is data to process
fields=string.split(currentline,'|') # The file is pipe delimited
if len(fields)==3: # If there were only two fields
twoflds=twoflds+1 # Increment the twoflds counter
else: # Otherwise there were five flds
if fields[3]=='NOTE': # We just count notes
notecounter=notecounter+1
else: # Warnings and Holes we process
eovuln0=string.rfind(fields[4],';;') # Find the last double ; in the description
eovuln1=string.find(fields[4],':') # Find the first colon in the description
if eovuln1' # Very simple HTML output
print ' ' # The header has only a title
print ' ', sys.argv[1], 'XREF' # And that has the name of the original NSR file
print ' '
print ' ' # The body is multiple tables - the xref(s) and the summary
y=int(len(hostip)/5) # Calc number of tables by dividing number of hosts by 5
if (len(hostip)%5)>0: # Adding 1 to that if there was any remainder
y=int(y+1)
for counter in range(y): # We're going to have y number of output tables
tableip=hostip[counter*5:(counter*5)+5] # Slice off the next five each time
print ' ' # Emit the table code
print ' '
print ' | ' # The cell over the vulenrabilities is blank
for ipaddr in tableip: # Populate the first row of the table with the IP Addresses
print ' ',ipaddr,' | '
print '
'
for vuln in vulnid:
print ' '
print ' ',vuln,':',vulninfo[vuln],' | '# The leftmost column of the table is the vulnerability info
for ipaddr in tableip: # Then loop through the host IP addresses
if vulnbyhost.has_key(ipaddr+vuln)==1: # Checking to see if that host has that vulnerability
print ' FOUND | ' # If it does, print FOUND in the cell and make the BGCOLOR red
else: # Otherwise
print ' | ' # It's an empty cell with the BGCOLOR lime green
print '
'
print '
' # Close the current host table
print ' ' # Space each table vertically - 1 empty line apart
print ' ' # The summary table is really for
print ' ' # Idiot checking purposes.
print ' SUMMARY' # Ignored+NOTES+HOLES+WARNINGS should
print ' |
' # Equal the total. If they don't, there
print ' ' # Is a bug, somewhere in the code
print ' ',twoflds,' | '
print ' Lines were ignored | '
print '
'
print ' '
print ' ',notecounter,' | '
print ' Lines were NOTES | '
print '
'
print ' '
print ' ',warncounter,' | '
print ' Lines were WARNINGS | '
print '
'
print ' '
print ' ',holecounter,' | '
print ' Lines were HOLES | '
print '
'
print ' '
print ' ',linecounter,' | '
print ' Lines Total | '
print '
'
print '
' # Close the summary table
print ' ' # Close the body
print '