Login   Register  
PHP Classes
elePHPant
Icontem

File: cnimda.inc.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Felix-Gabriel Gangu  >  CNimda  >  cnimda.inc.php  >  Download  
File: cnimda.inc.php
Role: ???
Content type: text/plain
Description: The class file
Class: CNimda
Author: By
Last change:
Date: 2001-09-20 04:57
Size: 5,375 bytes
 

Contents

Class file image Download
<?
/*****************************************************************************/
/*                                                                           */
/*  Class:      CNimda.inc.php                                               */
/*                                                                           */
/*  Content:    Class for grepping your (Apache) Logfile                     */
/*              and showing the Nimda-Worm attempts                          */
/*                                                                           */
/*  Requires:   NONE              																				   */
/*                                                                           */
/*  Copyrights: This class was created by Felix-Gabriel Gangu                */
/*              for the ForeverNET Media GmbH, Germany.                      */
/*                                                                           */
/*              Questions? Take a look @ http://www.forevernet.de            */
/*              or drop a line to fgangu@forevernet.de!                      */
/*                                                                           */
/*              Please let me know, if you make some modifications!          */
/*              What about a better error handling?                          */
/*                                                                           */
/*  Hints:      For usage see the included file "nimda_show.php"             */
/*                                                                           */
/*---------------------------------------------------------------------------*/
/*  Version History:                                                         */
/*                                                                           */
/*  19.09.01  Date of creation                                               */
/*  20.09.01  Method CNimda::_Doit() optimized                           	   */
/*            (Now also scanning after "MSADC/root.exe","scripts/root.exe" 	 */
/*            when scanning the log file                                     */
/*  20.09.01  New Methods:                                                   */
/*                        - CNimda::GetNumNimdaRequests()                    */
/*                        - CNimda::GetRefreshJavaScript()                   */
/*****************************************************************************/
	
class CNimda
{
	// public:

	// private:
	
	var $_cLogFile;
	var $_iRefresh;
	var $_iNumLines;
	var $_fp;
	var $_aLines;
	
  /*.............................................................*/ 
	function CNimda($cLogFile,$iRefresh,$iNumLines)
	{
		$this->_cLogFile=$cLogFile;
		$this->_iRefresh=$iRefresh;
		$this->_iNumLines=$iNumLines;
	}
	
	
	/*.............................................................*/ 
	function _Doit()
	{
		$this->_FileOpen();
		while (!feof ($this->_fp)) 
		{
    	$cLine = fgets($this->_fp, 4096);
    	if (stristr($cLine,"winnt/system32/cmd.exe") 
    							|| stristr($cLine,"MSADC/root.exe") 
    							|| stristr($cLine,"scripts/root.exe"))
    		$aLines[]=$cLine;
		}	
		$this->_FileClose();
		$this->_aLines=$aLines;
	}
	
	/*.............................................................*/ 
	function ShowPage($bRefresh=TRUE)
	{
		$this->_Doit();
		if ($bRefresh)
			$cRet.=$this->_MakeJavaScript();
		
		$cRet.="Last ".$this->_iNumLines." Nimda attempts on this server:"."<br>";
		$cRet.="(Total requests in logfile: ".count($this->_aLines).")"."<br><br>";
		
		$aLines=array_reverse($this->_aLines);	
		for ($i=0; $i<$this->_iNumLines; $i++)
			$cRet.=$aLines[$i]."<br><br>";
		
		return $cRet;
	}
	
	/*.............................................................*/ 
	function GetNumNimdaRequests()
	{
		return count($this->_aLines);
	}
	
	/*.............................................................*/ 
	function GetRefreshJavaScript()
	{
		return $this->_MakeJavaScript();
	}
	
	/*.............................................................*/ 
	function GetResultArray()
	{
		$this->_Doit();
			
		$aLines=array_reverse($this->_aLines);	
		for ($i=0; $i<$this->_iNumLines; $i++)
			$aRet[]=$aLines[$i];
			
		return $aRet;
	}
	
	/*.............................................................*/ 
	function _FileOpen()
	{
		$this->_fp=@fopen($this->_cLogFile,"r");
	}	

	/*.............................................................*/ 
	function _FileClose()
	{
		@fclose($this->_fp);
	}
	
	/*.............................................................*/ 
	function _MakeJavaScript()
	{
		$cRet="<script>\n";
		$cRet.="var interval;\n";
		$cRet.="RefreshStart();\n";
					
		$cRet.="function RefreshStart()\n";
		$cRet.="{\n";
		$cRet.="interval=setInterval(\"location.reload()\",".$this->_iRefresh.");\n";
		$cRet.="}\n";
					
		$cRet.="function RefreshStop()\n";
		$cRet.="{\n";
		$cRet.="clearInterval(interval);\n";
		$cRet.="}\n";
		$cRet.="</script>\n";
		$cRet.="<form>\n";
		$cRet.="<input type=\"button\" value=\"Refresh Start\" onClick=\"RefreshStart()\">\n";
		$cRet.="<input type=\"button\" value=\"Refresh Stop\" onClick=\"RefreshStop()\">\n";
		$cRet.="</form>\n";
		
		return $cRet;
	}
} // EOC
?>