Anúncios

Security and Technology

squidmagic – Analyze a Web-Based Network Traffic to Detect Central Command and Control (C&C) Servers and Malicious Site

squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control (C&C) servers and Malicious site, using Squid proxy server and Spamhaus.usage

squidmagic # python squidmagic.py /var/log/squid3/access.log _ _ _ (_) | | (_) ___ __ _ _ _ _ __| |_ __ ___ __ _ __ _ _ ___ / __|/ _` | | | | |/ _` | ‘_ ` _ \ / _` |/ _` | |/ __|\__ \ (_| | |_| | | (_| | | | | | | (_| | (_| | | (__ |___/\__, |\__,_|_|\__,_|_| |_| |_|\__,_|\__, |_|\___| | | __/ | |_| |___/ Analyzing…Analyzing by SBL Advisory… Spam server detected, ip is 65.182.101.221Analyzing by SBL_CSS Advisory… safe server detected, host or ip is 65.182.101.221Analyzing by PBL Advisory… safe server detected, host or ip is 65.182.101.221

Run server

bannerAction();// Scans a directory for files$squidmagic->scandirs(‘squidmagic/Collector path’);// Checks if file exists in certain location $squidmagic->fileExists(‘Collector Path/server.php’);// run server$squidmagic->openInBackground(‘Collector Path/lib/bin/’);

squidmagic/lib # php squidmagic.php | | ___ __ _ _ _ _ __| |_ __ ___ __ _ __ _ _ ___ / __|/ _` | | | | |/ _` | ‘_ ` _ \ / _` |/ _` | |/ __| \__ \ (_| | |_| | | (_| | | | | | | (_| | (_| | | (__ |___/\__, |\__,_|_|\__,_|_| |_| |_|\__,_|\__, |_|\___| | | __/ | |_| |___/ squidmagic collector started

Download squidmagic http://ift.tt/2mU4md5 http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s