#!/usr/bin/perl -w use strict; use XML::Simple; use Data::Dumper; # Date use POSIX qw(strftime); my $date = strftime "%d/%m/%Y %H:%M", localtime; # Functions sub uniq { my %seen; grep !$seen{$_}++, @_; } print "\033[36m \nDEFACEMENT CHECK [" . $date . "]\n\nSearching for suspects ...\n"; print "FOUND \t\t=> URLs\n"; # # Import config Website (LOAD domain in conf/websites.cfg) # my @scan; # my @search; # my $websites = 'conf/websites.cfg'; # if (open(my $f, '<:encoding(UTF-8)', $websites)) { # while (my $row = <$f>) { # chomp $row; # push @scan, $row; # } # } else { # warn "Could not open file '$websites' $!"; # } # # # Slurp Websites # my $site; # system("rm urls/*.urls"); # foreach $site (@scan) # { # system("/bin/bash slurp_urls.sh $site"); # } # Import config Website (LOAD domain in ARG : perl defacement_check.pl example.com) my @whitelist; my @search; my $site = $ARGV[0]; # Slurp Site system("rm urls/*.urls"); system("/bin/bash slurp_urls.sh $site"); # Import config Ignore my $ignores = 'conf/' . $site . '.ignore'; if (open(my $f, '<:encoding(UTF-8)', $ignores)) { while (my $row = <$f>) { chomp $row; push @whitelist, $row; } } else { warn "Could not open file '$ignores' $!"; } # Import config Keywords my $keywords = 'conf/keywords.cfg'; if (open(my $f, '<:encoding(UTF-8)', $keywords)) { while (my $row = <$f>) { chomp $row; push @search, $row; } } else { warn "Could not open file '$keywords' $!"; } # Open URLS files my @files = glob( "urls/*.urls" ); my $file; my $somme_total_found = 0; my $grand_total_found = 0; foreach $file (@files) { my @urls; my $url; my $somme_total_found = 0; open(FH, '<', $file) or die $!; while(){ my $survey = $_; # Create a user agent object use LWP::UserAgent; my $ua = LWP::UserAgent->new; # Create a request my $req = HTTP::Request->new(GET => $survey); # Pass request to the user agent and get a response back my $res = $ua->request($req); my $site = $res->content; my @found; my @clean; my $total_found = 0; # Find the Threat foreach my $s (@search) { foreach (grep(/$s/i, split(/\n/, $site))) { push @found, $_; } } # However, IGNORE this Threat please foreach my $i (@whitelist) { foreach (@found) { foreach (grep(/$i/i, split(/\n/))) { print "\033[35mIGNORE "; # VERBOSE pop @found; } } } # Views results foreach (uniq(@found)) { $total_found++; print "\033[33m[" . $total_found . "]\t\t" . $_ . "\n"; # VERBOSE } if ($total_found == 0) { print "\033[32m[" . $total_found . "]\t\t=> " . $survey. "\n"; # SAFE } else { print "\033[31mTREATH [" . $total_found . "]\t=> " . $survey. "\n"; # TREATH $somme_total_found = $somme_total_found + $total_found; } } close(FH); print "\033[36mTREATH detected on this site \t\t\t\t=> [" . $somme_total_found . "]\n\n"; # Total $grand_total_found = $somme_total_found + $grand_total_found; } # print "\033[36mGrand Total TREATH detected on ALL website \t\t=> [" . $grand_total_found . "]\n\n"; # Grand Total # Print just the last binaire results in output file open(my $out, '>', 'out.txt'); print $out $grand_total_found; close $out;