HEX
Server: Apache
System: Linux viper.innovativeinternet.net 4.18.0-553.80.1.lve.el8.x86_64 #1 SMP Wed Oct 22 19:29:36 UTC 2025 x86_64
User: thetradingroom (1095)
PHP: 8.3.25
Disabled: exec,passthru,shell_exec,system
$ pwd: /ibin/
Upload Files
File: //ibin/apalog.bw-brian
#!/usr/bin/perl
#
# Written 9/27/2001 - Jack Sasportas -  Jack@innovativeinternet.com
#########################################################################################################


# This provides CPU benchmark stuff
#use Benchmark;
#$start_time = new Benchmark;
# -----------------------------


# This provides Date & Time Stamp
#use Date::Format;
#@lt = localtime(time);
# -----------------------------

$file = "apache_log";
$lines = "60";

#$file      = @ARGV[0];
#$lines      = @ARGV[1];
#print @ARGV[2];
$lgreen = "\033[1;32m";
$white = "\033[0m";
$dblue  = "\033[0;34m";
$virus=0;
$formm=0;
$hit=0;
$percent=0;
$col=0;

%bh_bytes_by_domain = ();
$bh_total_bytes = 0.1;

my $pv    = "";
my %hosts = ();


open(APALOG,"tail -f -n".$lines." /var/log/httpd/".$file." |") or die;

while($line = <APALOG>) {
  # bhoran
  $bh_current_line = $line;
  @arz = split(/\s+/,$bh_current_line);
  $bh_host = $arz[0];
  $bh_total_bytes += $arz[10];
  if(exists $bh_bytes_by_domain{$bh_host}) {
    $bh_bytes_by_domain{$bh_host} += $arz[10];
  } else {
    $bh_bytes_by_domain{$bh_host}  = $arz[10];
  }
 # /bhoran
 ($domain, $host, $month, $year) = $line =~ m|^(.*?) (.*?) .*? \[.*?/(.*?)/(.*?)\:|;

  if ($line =~ /default.ida/) {$domain  = "V-ida - ".$domain;  $virus++ ;$on="y"; }
  if ($line =~ /root.exe/)    {$domain  = "V-root- ".$domain; $virus++ ;$on="y"; }
  if ($line =~ /cmd.exe/)     {$domain  = "V-cmd - ".$domain;  $virus++ ;$on="y"; }
  if ($line =~ /formmail/)     {$domain = "FormM - ".$domain;  $fromm++ ;$on="y"; }
  if ($line =~ /FormMail/)     {$domain = "FormM - ".$domain;  $formm++ ;$on="y"; }

  if ($on ne "y") { $hit++ };
  if ($on ne "y") { $domain = "      - ".$domain; };


  $hosts{"$domain"}++; 
  $pv = $hosts{"$domain"};


if ( $hit > 1 ) {
   if ( $virus => 1 ) { $percent = round((100*((($hit+$virus+$formm)-$hit -$formm)/$hit)),2); }
   if ( $formm => 1 ) { $percent2 = round((100*((($hit+$virus+$formm)-$hit -$virus)/$hit)),2); }
}

# This provides CPU benchmark stuff
#  $current_time = new Benchmark;
#  $amount_of_time = timestr(timediff($current_time, $start_time));
# -----------------------------


# Standard Output
#  print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) . "Virus-$virus" . pad($virus,5) . "$percent%\n";
# -----------------------------

# Prints Date & Time Stamp
#  print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) .  "FormM-$formm" . pad($formm,5) . "$percent2% " . "Virus-$virus" . pad($virus,5) . "$percent% ". time2str('%C',time) . "\n";

if ( $domain ne $old_domain ) {
	#  print $domain . pad($domain,38) . " SHT: $hit" . pad($hit,6) .  " IHT: $pv" . pad($pv,6) . " FM: $formm" . pad($formm,3) . "$percent2% " . "V: $virus" . pad($virus,3) . "$percent% ". "H: $host" . pad($host,30) . "\n";

   if ( $hit => 1 ) { $percent = round(($pv/$hit*100),2); }

if ($live_mode eq "y") {
  if ($col eq 0) {
    $col++;
    print $lgreen . $domain . pad($domain,38) . " SHT: $hit" . pad($hit,8) .  " IHT: $pv" . pad($pv,8) . "$percent% " . "     H: $host" . pad($host,30) . "BW: ". sprintf(" %.2f%%",($bh_bytes_by_domain{$bh_host}/$bh_total_bytes) * 100)."\n";
  } else {
    print $white . $domain . pad($domain,38) . " SHT: $hit" . pad($hit,8) .  " IHT: $pv" . pad($pv,8) . "$percent% " . "     H: $host" . pad($host,30) . "BW: ". sprintf(" %.2f%%",($bh_bytes_by_domain{$bh_host}/$bh_total_bytes) * 100)."\n";
    $col=0;
  }
} else {
  if ($col eq 0) {
    $col++;
    print $lgreen . $domain . pad($domain,38) . " SHT: $hit" . pad($hit,6) .  " IHT: $pv" . pad($pv,6) . "$percent% " . "     H: $host" . pad($host,30) . "BW%: ". sprintf(" %.2f%%",($bh_bytes_by_domain{$bh_host}/$bh_total_bytes) * 100)."\n";
  } else {
    print $white . $domain . pad($domain,38) . " SHT: $hit" . pad($hit,6) .  " IHT: $pv" . pad($pv,6) . "$percent% " . "     H: $host" . pad($host,30) . "BW%: ". sprintf(" %.2f%%",($bh_bytes_by_domain{$bh_host}/$bh_total_bytes) * 100)."\n";
    $col=0;
  }

}


  $old_domain = $domain;
}

# Detail Print
#    print $dblue . "\t" . $domain . pad($domain,38) . " SHT: $hit" . pad($hit,6) .  " IHT: $pv" . pad($pv,6) . "$percent% " . "     H: $host" . pad($host,30) . "\n";


#   print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) .  "FormM-$formm" . pad($formm,5) . "$percent2% " . "Virus-$virus" . pad($virus,5) . "$percent% ". "\n";
# -----------------------------

# This prints CPU time
#  print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) . "Virus-$virus" . pad($virus,5) . "$percent% ". $amount_of_time ."\n";
# -----------------------------

  $on="n"

}

sub pad {

  my $text   = $_[0];
  my $length = length($text);
  my $spaces = $_[1] - $length;
  my $blank  = "";

  for($i = 1; $i <= $spaces; $i++) {
    $blank .= " ";
  }
   
  return("$blank");
}

 sub round{

               $float = shift; # the number to round
               $intgr = int($float + 0.5);
               return $intgr;
  
             }

close(APALOG);
exit;
@ Telegram