Kippo scripts

Standard

This is to gather the IP addresses and the USERNAME and PASSWORDS that were used in the attempts to login to my machines.

# Only read todays and loop each line in the string
grep -i $todays_date /home/kris/kippo-0.5/log/kippo.log | while read -r line; do

# Only read the lines that contain login auths and IPs. All in one line in this case.
if [[

]]; then
# Cut out the different parts.
inIP=

inUSER=

inPASS=

# Throw it all in together for outputing to a log of my own.
output=”$inIP|$inUSER|$inPASS”
echo $output

# IF we do not already have it in the log, append the info to it.
if [ !

]; then
echo “$inIP|$inUSER|$inPASS” >> /root/kippo_ssh_auths.log
fi
fi
done
[/crayon]


592 total views, 2 views today

Loading Comments…
more
Allowed HTML tags and attributes: <a href="" title=""> <blockquote> <code> <em> <strong>