Jyan blog

import smbclient

def scan_smb_server(server, username, password):
    files_dict = {}
    with smbclient.SambaClient(server, username=username, password=password) as client:
        for entry in client.listdir(''):
            if client.isdir(entry):
                for root, dirs, files in client.walk(entry):
                    for f in files:
                        file_path = root + '/' + f
                        files_dict[file_path] = f
            else:
                files_dict[entry] = entry
    return files_dict

# Example usage
files = scan_smb_server('smb://myserver/myshare', 'myusername', 'mypassword')
print(files)

- 토큰값은 telegram 내 botfather 채널을 통해 봇생성후 발급

- 토큰ID는 해당 봇을 초대한 방의 ID 인데 Get My ID 를 초대하여 발급

import telegram
 
telegram_token = '5978653330:AAFBbq5TzOVT2ARdUK61dSI0pZl7P8FPxZU'
telegram_id = -676063172
 

def send_telegram_message(message):
    try:
        bot = telegram.Bot(telegram_token)
        res = bot.sendMessage(chat_id=telegram_id, text=message)
 
        return res
 
    except Exception:
        raise

send_telegram_message('EmergingThreat Blacklist IP ''{{vars.Attacker_ip}}''  12시간 차단(Qurantine)하였습니다.')

import json

data = """
{
    "devname": "FAC3KE3R16000005",       
    "devid": "FAC3KE3R16000005",
    "vd": "root",
    "faclogindex": "38867",
    "logid": "10001",
    "logdesc": "GUI_ENTRY_ADDITION",     
    "type": "event",
    "subtype": "Admin",
    "level": "information",
    "user": "admin",
    "action": "Add",
    "msg": "Added Local User: siemtest3",
    "tz": "+0900"
}
"""

# Load JSON data
json_data = json.loads(data)

# Find key that contains the string "GUI" in its value
key_with_gui = None
for key, value in json_data.items():
    if 'GUI' in value:
        key_with_gui = key
        break

if key_with_gui:
    print("The key that contains the string 'GUI' in its value is:", key_with_gui)
else:
    print("No key contains the string 'GUI' in its value.")

import re
import json

syslog = "<190>date=2023-01-20 time=14:13:18 timestamp=1674191598 devname='FAC3KE3R16000005' devid='FAC3KE3R16000005' vd='root' itime=1674191598 faclogindex='38867' logid='10001' logdesc='GUI_ENTRY_ADDITION' type='event' subtype='Admin' level='information' user='admin' nas='' userip= action='Add' status='' msg='Added Local User: siemtest3' tz='+0900'"

# Use regular expression to extract key-value pairs from syslog
pattern = re.compile(r"(\w+)='([^']+)'")
syslog_data = re.findall(pattern, syslog)

# Convert key-value pairs to a dictionary
data = {}
for key, value in syslog_data:
    data[key] = value

# Output dictionary in JSON format
print(json.dumps(data, indent=4))

import pyautogui
import random
import time

# 이미지 파일 경로
image_path = 'path/to/image.png'

# 이미지 찾기
while True:
    try:
        # 이미지 위치 찾기
        image_location = pyautogui.locateOnScreen(image_path)
        # 이미지 중심 좌표
        image_center = pyautogui.center(image_location)
        # 이미지 크기
        image_width, image_height = pyautogui.size(image_location)
        # 랜덤 좌표 구하기
        random_x = random.randint(image_center.x - image_width // 2, image_center.x + image_width // 2)
        random_y = random.randint(image_center.y - image_height // 2, image_center.y + image_height // 2)
        # 좌클릭
        pyautogui.click(random_x, random_y, button='left')
        # 1~2초 랜덤한 시간 갭
        time.sleep(random.uniform(1, 2))
        break
    except:
        pass

import paramiko
import csv

# SSH 접속 정보
host = "remote_server_ip"
username = "user"
password = "password"

# SSH 접속
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, username=username, password=password)

# invoke_shell 을 사용해 명령어 전달
channel = client.invoke_shell()
channel.send("your_command")
time.sleep(30)
output = channel.recv(9999).decode('utf-8')

# output 을 csv 파일로 저장
file_name = "output.csv"
with open(file_name, 'w', newline='') as file:
    writer = csv.writer(file)
    writer.writerow(["output"])
    for line in output:
        writer.writerow([line.strip()])

# SSH 접속 종료
client.close()