mirror of
https://github.com/xai-org/grok-1.git
synced 2024-11-24 12:39:54 +03:00
73 lines
2.4 KiB
Plaintext
73 lines
2.4 KiB
Plaintext
|
import re
|
||
|
import numpy as np
|
||
|
from datetime import datetime
|
||
|
|
||
|
# Fonction pour scanner plusieurs entrées
|
||
|
def scan_entries(entries):
|
||
|
results = []
|
||
|
for entry in entries:
|
||
|
scan_result = scan_entry(entry)
|
||
|
results.append(scan_result)
|
||
|
return results
|
||
|
|
||
|
# Fonction pour scanner une seule entrée
|
||
|
def scan_entry(entry):
|
||
|
scam_patterns = [
|
||
|
re.compile(r'scam_offer'),
|
||
|
re.compile(r'login\.php\?username=admin&password=admin'),
|
||
|
re.compile(r'transfer\.php')
|
||
|
]
|
||
|
scam_activities = detect_scams(entry, scam_patterns)
|
||
|
return scam_activities
|
||
|
|
||
|
# Fonction pour détecter des scams dans les logs
|
||
|
def detect_scams(log_data, patterns):
|
||
|
lines = log_data.split('\n')
|
||
|
scam_lines = []
|
||
|
for line in lines:
|
||
|
for pattern in patterns:
|
||
|
if pattern.search(line):
|
||
|
scam_lines.append(line)
|
||
|
break
|
||
|
return scam_lines
|
||
|
|
||
|
# Fonction pour calculer les dérivées
|
||
|
def calculate_derivatives(data):
|
||
|
data = np.array(data)
|
||
|
derivatives = np.diff(data)
|
||
|
return derivatives
|
||
|
|
||
|
# Exemple d'utilisation
|
||
|
log_entries = [
|
||
|
"""
|
||
|
192.168.1.1 - - [28/May/2024:10:32:55 +0000] "GET /index.html HTTP/1.1" 200 2326
|
||
|
192.168.1.2 - - [28/May/2024:10:33:12 +0000] "GET /login.php?username=admin&password=admin HTTP/1.1" 200 1420
|
||
|
192.168.1.3 - - [28/May/2024:10:34:23 +0000] "POST /transfer.php HTTP/1.1" 200 5320
|
||
|
192.168.1.4 - - [28/May/2024:10:35:00 +0000] "GET /scam_offer HTTP/1.1" 200 221
|
||
|
""",
|
||
|
# Ajoutez d'autres entrées ici
|
||
|
]
|
||
|
|
||
|
scanned_results = scan_entries(log_entries)
|
||
|
|
||
|
# Supposons que chaque scan_result contient le nombre d'activités suspectes détectées
|
||
|
activity_counts = [len(result) for result in scanned_results]
|
||
|
|
||
|
# Calculer les dérivées des activités suspectes détectées
|
||
|
activity_derivatives = calculate_derivatives(activity_counts)
|
||
|
|
||
|
# Afficher les résultats
|
||
|
print("Scanned Results:", scanned_results)
|
||
|
print("Activity Counts:", activity_counts)
|
||
|
print("Activity Derivatives:", activity_derivatives)
|
||
|
|
||
|
# Sauvegarder les résultats dans un fichier
|
||
|
timestamp = datetime.now().strftime("%Y-%m-%d_%H-%M-%S")
|
||
|
output_filename = f"scan_results_{timestamp}.txt"
|
||
|
with open(output_filename, 'w', encoding='utf-8') as file:
|
||
|
file.write(f"Scanned Results: {scanned_results}\n")
|
||
|
file.write(f"Activity Counts: {activity_counts}\n")
|
||
|
file.write(f"Activity Derivatives: {activity_derivatives}\n")
|
||
|
|
||
|
print(f"Results saved to {output_filename}")
|