in reply to Re: Increment frequency of attempts based on IP and login details combination
in thread Increment frequency of attempts based on IP and login details combination
I tried what you suggested but the argument for the loop was read from a file like so
#!/usr/bin/perl $log = "/home/tsec/prototype/logs/extractedlogs/cowrieresult.log"; open(DATA, $log) or die "Can't open '$log': $!"; sub tester(){ while(<DATA>){ if (/New connection: ([\d\.]+):(\d+)/){ ($ip,$port) = ($1,$2); next; } chomp; if (/login attempt\s+\[(.*)\]\s+(\w+)$/){ ($user_pass,$status) = ($1,$2); $HONEY{$ip}{$port}{$status}{$user_pass} +=1; print "DEBUG: Add ip=$ip:$port $status $user_pass\n"; } } for my $ip (keys %HONEY){ for my $port (keys %{$HONEY{$ip}}){ for my $user (keys %{$HONEY{$ip}{$port}}){ for my $status (keys %{$HONEY{$ip}{$port}}){ for my $user_pass (keys %{$HONEY{$ip}{ +$port}{$status}}){ $freq = $HONEY{$ip}{$port}{$st +atus}{$user_pass}; push(@DATA, "$port,$status,$fr +eq") ; } } } } } for my $data (sort @DATA){ print $data . "\n"; } }
Unfortunately nothing was outputted on the screen. Also if I use stict and warnings it says that variables requires explicit package name and other errors as well as shown below
Variable "@DATA" is not imported at ./test2.prg line 31. Variable "@DATA" is not imported at ./test2.prg line 38. Global symbol "$log" requires explicit package name at ./test2.prg lin +e 6. Global symbol "$log" requires explicit package name at ./test2.prg lin +e 8. Global symbol "$log" requires explicit package name at ./test2.prg lin +e 8. Global symbol "$ip" requires explicit package name at ./test2.prg line + 14. Global symbol "$port" requires explicit package name at ./test2.prg li +ne 14. Global symbol "$user_pass" requires explicit package name at ./test2.p +rg line 19. Global symbol "$status" requires explicit package name at ./test2.prg +line 19. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 20. Global symbol "$ip" requires explicit package name at ./test2.prg line + 20. Global symbol "$port" requires explicit package name at ./test2.prg li +ne 20. Global symbol "$status" requires explicit package name at ./test2.prg +line 20. Global symbol "$user_pass" requires explicit package name at ./test2.p +rg line 20. Global symbol "$ip" requires explicit package name at ./test2.prg line + 21. Global symbol "$port" requires explicit package name at ./test2.prg li +ne 21. Global symbol "$status" requires explicit package name at ./test2.prg +line 21. Global symbol "$user_pass" requires explicit package name at ./test2.p +rg line 21. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 25. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 26. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 27. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 28. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 29. Global symbol "$freq" requires explicit package name at ./test2.prg li +ne 30. Global symbol "%HONEY" requires explicit package name at ./test2.prg l +ine 30. Global symbol "@DATA" requires explicit package name at ./test2.prg li +ne 31. Global symbol "$freq" requires explicit package name at ./test2.prg li +ne 31. Global symbol "@DATA" requires explicit package name at ./test2.prg li +ne 38. Execution of ./test2.prg aborted due to compilation errors.
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re^3: Increment frequency of attempts based on IP and login details combination
by Athanasius (Archbishop) on May 02, 2016 at 04:00 UTC | |
|
Re^3: Increment frequency of attempts based on IP and login details combination
by afoken (Chancellor) on May 01, 2016 at 19:00 UTC |