|
|
|
#!/usr/bin/perl -w
|
|
|
|
use strict;
|
|
|
|
use XML::Simple;
|
|
|
|
use Data::Dumper;
|
|
|
|
|
|
|
|
# Date
|
|
|
|
use POSIX qw(strftime);
|
|
|
|
my $date = strftime "%d/%m/%Y %H:%M", localtime;
|
|
|
|
|
|
|
|
# Functions
|
|
|
|
sub uniq {
|
|
|
|
my %seen;
|
|
|
|
grep !$seen{$_}++, @_;
|
|
|
|
}
|
|
|
|
|
|
|
|
# print "\033[36m \nDEFACEMENT CHECK [" . $date . "]\n\nSearching for suspects ...\n";
|
|
|
|
# print "FOUND \t\t=> URLs\n";
|
|
|
|
|
|
|
|
# # Import config Website (LOAD domain in conf/websites.cfg)
|
|
|
|
# my @scan;
|
|
|
|
# my @search;
|
|
|
|
# my $websites = 'conf/websites.cfg';
|
|
|
|
# if (open(my $f, '<:encoding(UTF-8)', $websites)) {
|
|
|
|
# while (my $row = <$f>) {
|
|
|
|
# chomp $row;
|
|
|
|
# push @scan, $row;
|
|
|
|
# }
|
|
|
|
# } else {
|
|
|
|
# warn "Could not open file '$websites' $!";
|
|
|
|
# }
|
|
|
|
#
|
|
|
|
# # Slurp Websites
|
|
|
|
# my $site;
|
|
|
|
# system("rm urls/*.urls");
|
|
|
|
# foreach $site (@scan)
|
|
|
|
# {
|
|
|
|
# system("/bin/bash slurp_urls.sh $site");
|
|
|
|
# }
|
|
|
|
|
|
|
|
# Import config Website (LOAD domain in ARG : perl defacement_check.pl example.com)
|
|
|
|
my @whitelist;
|
|
|
|
my @search;
|
|
|
|
my $site = $ARGV[0];
|
|
|
|
|
|
|
|
# Slurp Site
|
|
|
|
system("rm urls/*.urls");
|
|
|
|
system("/bin/bash slurp_urls.sh $site");
|
|
|
|
|
|
|
|
# Import config Ignore
|
|
|
|
my $ignores = 'conf/' . $site . '.ignore';
|
|
|
|
if (open(my $f, '<:encoding(UTF-8)', $ignores)) {
|
|
|
|
while (my $row = <$f>) {
|
|
|
|
chomp $row;
|
|
|
|
push @whitelist, $row;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
warn "Could not open file '$ignores' $!";
|
|
|
|
}
|
|
|
|
|
|
|
|
# Import config Keywords
|
|
|
|
my $keywords = 'conf/keywords.cfg';
|
|
|
|
if (open(my $f, '<:encoding(UTF-8)', $keywords)) {
|
|
|
|
while (my $row = <$f>) {
|
|
|
|
chomp $row;
|
|
|
|
push @search, $row;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
warn "Could not open file '$keywords' $!";
|
|
|
|
}
|
|
|
|
|
|
|
|
# Open URLS files
|
|
|
|
my @files = glob( "urls/*.urls" );
|
|
|
|
my $file;
|
|
|
|
my $somme_total_found = 0;
|
|
|
|
my $grand_total_found = 0;
|
|
|
|
|
|
|
|
foreach $file (@files)
|
|
|
|
{
|
|
|
|
my @urls;
|
|
|
|
my $url;
|
|
|
|
my $somme_total_found = 0;
|
|
|
|
open(FH, '<', $file) or die $!;
|
|
|
|
while(<FH>){
|
|
|
|
my $survey = $_;
|
|
|
|
# Create a user agent object
|
|
|
|
use LWP::UserAgent;
|
|
|
|
my $ua = LWP::UserAgent->new;
|
|
|
|
# Create a request
|
|
|
|
my $req = HTTP::Request->new(GET => $survey);
|
|
|
|
# Pass request to the user agent and get a response back
|
|
|
|
my $res = $ua->request($req);
|
|
|
|
my $site = $res->content;
|
|
|
|
|
|
|
|
my @found;
|
|
|
|
my @clean;
|
|
|
|
my $total_found = 0;
|
|
|
|
|
|
|
|
# Find the Threat
|
|
|
|
foreach my $s (@search) {
|
|
|
|
foreach (grep(/$s/i, split(/\n/, $site))) {
|
|
|
|
push @found, $_;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# However, IGNORE this Threat please
|
|
|
|
foreach my $i (@whitelist) {
|
|
|
|
foreach (@found) {
|
|
|
|
foreach (grep(/$i/i, split(/\n/))) {
|
|
|
|
# print "\033[35mIGNORE "; # VERBOSE
|
|
|
|
pop @found;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# Views results
|
|
|
|
foreach (uniq(@found)) {
|
|
|
|
$total_found++;
|
|
|
|
# print "\033[33m[" . $total_found . "]\t\t" . $_ . "\n"; # VERBOSE
|
|
|
|
}
|
|
|
|
if ($total_found == 0) {
|
|
|
|
# print "\033[32m[" . $total_found . "]\t\t=> " . $survey. "\n"; # SAFE
|
|
|
|
} else {
|
|
|
|
# print "\033[31mTREATH [" . $total_found . "]\t=> " . $survey. "\n"; # TREATH
|
|
|
|
$somme_total_found = $somme_total_found + $total_found;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
close(FH);
|
|
|
|
# print "\033[36mTREATH detected on this site \t\t\t\t=> [" . $somme_total_found . "]\n\n"; # Total
|
|
|
|
print $somme_total_found; # Total
|
|
|
|
$grand_total_found = $somme_total_found + $grand_total_found;
|
|
|
|
}
|
|
|
|
|
|
|
|
# print "\033[36mGrand Total TREATH detected on ALL website \t\t=> [" . $grand_total_found . "]\n\n"; # Grand Total
|
|
|
|
|
|
|
|
# Print just the last binaire results in output file
|
|
|
|
open(my $out, '>', 'out.txt');
|
|
|
|
print $out $grand_total_found;
|
|
|
|
close $out;
|