# -*- coding: utf-8 -*-
# Zararlı URL Duyuru istemcisi
# Author: Mert SARICA
# E-mail: mert [ . ] sarica [ @ ] gmail [ . ] com
# URL: http://www.mertsarica.com
# Consumer key:
# Consumer secret:
# Access Token key:
# Access Token secret:
import feedparser
import re
import urllib, urllib2, urlparse
import time
import datetime
import sys
import os
import oauth
import socket
import twitter
default_timeout = 30
socket.setdefaulttimeout(default_timeout)
reload(sys)
sys.setdefaultencoding('iso-8859-9')
debug = 0
updated = 0
score = 0
virus = ""
url = ""
published = 0
waittime = 24*60*60
proxy_info = {
'user' : '',
'pass' : '',
'host' : "",
'port' : 8080 # or 8080 or whatever
}
# build a new opener that uses a proxy requiring authorization
proxy_support = urllib2.ProxyHandler({"http" : \
"http://%(user)s:%(pass)s@%(host)s:%(port)d" % proxy_info})
if proxy_info['host'] != "":
opener = urllib2.build_opener(proxy_support, urllib2.HTTPHandler)
else:
opener = urllib2.build_opener(urllib2.HTTPHandler)
# install it
urllib2.install_opener(opener)
def log(txt):
now = datetime.datetime.now()
time = now.strftime("%d-%m-%Y %H:%M")
file = open("/logs.txt", "a")
txt = str(time + ":" + txt.encode("cp1254") + "\n")
file.write(txt)
file.close()
def tweet(txt):
if debug:
print "Tweet:", txt
api = twitter.Api(consumer_key='key',
consumer_secret='key',
access_token_key='key',
access_token_secret='key')
if debug:
print "Twitter:", twitter
user_timeline = api.PostUpdate(txt.encode("utf-8"))
if debug:
print "Timeline:", user_timeline
def direct_message(user, txt):
consumer_key = "key"
consumer_secret = "key"
now = datetime.datetime.now()
time = now.strftime("%d-%m-%Y %H:%M")
log = ""
file = open("/tweets.txt", "a")
log = str(time + ":" + user + ":" + txt + "\n")
file.write(log)
file.close()
twitter = OAuthApi(consumer_key, consumer_secret)
# Do a test API call using our new credentials
twitter = OAuthApi(consumer_key, consumer_secret, 'key', 'key')
txt = "d " + user + " " + txt
user_timeline = twitter.UpdateStatus(status=txt.encode("utf-8"))
def get_score(txt):
global score
re1='(vt_score)' # Variable Name 1
re2='.*?' # Non-greedy match on filler
re3='(\\d+)' # Integer Number 1
re4='(\\/)' # Any Single Character 1
re5='(\\d+)' # Integer Number 2
rg = re.compile(re1+re2+re3+re4+re5,re.IGNORECASE|re.DOTALL)
m = rg.search(txt)
if m:
var1=m.group(1)
int1=m.group(2)
c1=m.group(3)
int2=m.group(4)
if debug:
print "("+var1+")"+"("+int1+")"+"("+c1+")"+"("+int2+")"+"\n"
if int(int2)/4 < int(int1):
score = 1
else:
score = 0
def get_virusname(txt):
global virus
re1='(virusname)' # Word 1
re2='.*?' # Non-greedy match on filler
re3='((?:[a-z][a-z0-9_./]*))' # Variable Name 1
re4='.*?' # Non-greedy match on filler
re5='(<)' # Any Single Character 1
rg = re.compile(re1+re2+re3+re4+re5,re.IGNORECASE|re.DOTALL)
m = rg.search(txt)
if m:
word1=m.group(1)
var1=m.group(2)
c1=m.group(3)
if debug:
print "("+word1+")"+"("+var1+")"+"("+c1+")"+"\n"
virus = var1
else:
virus = ""
def malwares():
entry = 0.0
try:
FILE = open ("/malwares.txt","r" )
entry = FILE.read()
FILE.close()
except IOError:
pass
print "[+] viruses.txt file not found but do not worry I will create it right now :)\n"
m = 1
while m > 0:
url = "http://malc0de.com/database/index.php?search=TR&CC=on&page=" + str(m)
response = opener.open(url)
html = response.read()
if debug:
print url
print html
retup = re.findall(r"(<td>)([0-9]{4})(-)([0-9]{2})(-)([0-9]{2})(</td>)", html)
date = []
url = []
i = 0
if debug:
print retup
if len(retup) > 0:
for element in retup[::-1]:
date.append(element[5] + "." + element[3] + "." + element[1])
ldate = element[5] + element[3] + element[1]
i = i + 1
retup = re.findall(r"(<td>)([a-zA-Z0-9\.-]*)(/)([ a-zA-ZŞşĞğÜüÖöÇçIı�0-9\.\/\-\_\=\&\?\>\<\~\"\;]*)(</td>)", html)
for element in retup[::-1]:
url.append(element[1]+element[2]+element[3])
i = 0
if debug:
print url
if len(date) == len(url):
if debug:
print "i", i
print "date", date
print "url", url
while i < len(date):
a = datetime.datetime(int(date[i][6:10]), int(date[i][3:5]), int(date[i][0:2]), 0, 0, 0, 0)
b = datetime.datetime(1982, 2, 13, 0, 0, 0, 0)
if entry:
b = datetime.datetime(int(entry[4:9]), int(entry[2:4]), int(entry[0:2]), 0, 0, 0, 0)
if a > b:
print "[Zararl� Site] - http://" + url[i].replace("<br/>", "") + " - " + date[i]
msg = "[Zararl� Site] - http://" + url[i].replace("<br/>", "") + " - " + date[i]
try:
tweet(msg)
except Exception,e:
print str(e)
pass
log(msg)
time.sleep(3)
i = i + 1
else:
print "Uzunluk hatas�!"
sys.exit(0)
m = m - 1
file = open("/malwares.txt", "w")
txt = str(ldate)
file.write(txt)
file.close()
def viruses():
global published
entry = 0
try:
FILE = open ("viruses.txt","r" )
entry = FILE.read()
FILE.close()
except IOError:
pass
print "[+] viruses.txt file not found but do not worry I will create it right now :)\n"
d = feedparser.parse("http://support.clean-mx.de/clean-mx/rss?scope=viruses&country=TR&limit=0,50")
i = len(d['entries']) - 1
while i >= 0:
if debug:
print d['entries'][i]['title'] # each entry is a dictionary
if d['entries'][i]['title'].find("c99shell.com") >= 0:
i = i - 1
continue
if d['entries'][i]['title'].find("tr-shell.org") >= 0:
i = i - 1
continue
if d['entries'][i]['title'].find("sh3llz.org") >= 0:
i = i - 1
continue
published = d['entries'][i].updated_parsed
date = time.mktime(published)
published = str(published[2]) + "." + str(published[1]) + "." + str(published[0])
url = d['entries'][i]['title']
if debug:
print d['entries'][i]['summary_detail'].value
get_score(d['entries'][i]['summary_detail'].value)
if score > 0:
get_virusname(d['entries'][i]['summary_detail'].value)
if debug:
print score, url, virus, published, date, entry
if date > float(entry):
msg = "[Zararl� Site] - " + url.strip() + " - " + published
try:
print msg
except:
pass
try:
tweet(msg)
except Exception,e:
print str(e)
pass
log(msg)
file = open("/viruses.txt", "w")
file.write(str(date))
file.close()
time.sleep(3)
i = i - 1
def get_feedurl(txt):
global feedurl
re1='(url)' # Word 1
re2='.*?' # Non-greedy match on filler
re3='((?:http|https)(?::\\/{2}[\\w]+)(?:[\\/|\\.]?)(?:[^\\s"]*))' # HTTP URL 1
re4='.*?' # Non-greedy match on filler
re5='(<[^>]+>)' # Tag 1
rg = re.compile(re1+re2+re3+re4+re5,re.IGNORECASE|re.DOTALL)
m = rg.search(txt)
if m:
word1=m.group(1)
httpurl1=m.group(2)
tag1=m.group(3)
feedurl = httpurl1.replace("<br", "")
return feedurl
def portals():
entry = 0
try:
FILE = open ("/portals.txt","r" )
entry = FILE.read()
FILE.close()
except IOError:
pass
global published
d = feedparser.parse("http://support.clean-mx.de/clean-mx/rss?scope=portals&country=TR&limit=0,150")
i = len(d['entries']) - 1
while i >= 0:
url = get_feedurl(d['entries'][i]['summary_detail'].value)
if debug:
print d['entries'][i]['title'] # each entry is a dictionary
if url.find("c99shell.com") >= 0:
i = i - 1
continue
if url.find("tr-shell.org") >= 0:
i = i - 1
continue
if url.find("sh3llz.org") >= 0:
i = i - 1
continue
published = d['entries'][i].updated_parsed
if debug:
print "published:", published
date = time.mktime(published)
if debug:
print "date:", date
published = str(published[2]) + "." + str(published[1]) + "." + str(published[0])
if debug:
print "published2:", published
# url = d['entries'][i]['title']
if debug:
print d['entries'][i]['summary_detail'].value
print url, published, date, entry
if debug:
print "date, float(entry)", date, entry
if date > float(entry):
msg = "[Hacklenmi� Site] - " + url.encode("ascii", "ignore") + " - " + published
print msg
try:
tweet(msg)
except Exception,e:
print str(e)
pass
log(msg)
file = open("/portals.txt", "w")
file.write(str(date))
file.close()
time.sleep(3)
i = i - 1
def urlquery():
global updated
filename = "/urlquery.txt"
site = ""
entries = ""
killbill = 0
try:
FILE = open (filename,"r" )
entries = FILE.readlines()
entries = "".join(entries)
FILE.close()
except IOError:
pass
print "[+] urlquery.txt file not found but do not worry I will create it right now :)\n"
url = "http://urlquery.net/index.php"
response = opener.open(url)
html = response.read()
if debug:
print url
print html
txt = html
retup = re.findall("<td><nobr><center>([0-9 :-]*)</center></nobr></td><td align='center'><b>([0-9 :-]*)</b></td><td><a title='([ a-zA-Z�������i�0-9\./-_=&\?><~\";:]*)' href='report.php\?id=([0-9]*)'>([ a-zA-Z�������i�0-9\./-_=&\?><~\";:]*)</a></td><td style='text-align:center;vertical-align=middle;'><img src='images/flags/tr.png'", html)
for element in retup:
print " ".join(element)
if " ".join(element).find("0 - 0 - 0") >= 0:
continue
site = " ".join(element)
date = site.split(" ")[0].split("-")[2] + "-" + site.split(" ")[0].split("-")[1] + "-" + site.split(" ")[0].split("-")[0] # + " " + site.split(" ")[1]
lsite = site.split(" ")[5]
site = site.split(" ")[5]
site = lsite + " - " + date
if entries.find(lsite) < 0:
if debug:
print site
msg = "[Zararl� Site] - " + site
print "[Zararl� Site] - " + site
try:
tweet(msg)
except Exception,e:
print str(e)
pass
log(msg)
if killbill == 0:
FILE = open(filename,"w")
FILE.writelines(lsite)
FILE.close()
killbill = 1
else:
break
try:
FILE = open ("/urlquery.txt","r" )
entry = FILE.read()
FILE.close()
except IOError:
pass
print "[+] urlquery.txt file not found but do not worry I will create it right now :)\n"
def hacked():
global updated
filename = "/hacked.txt"
counter = 30
i = 1
site = ""
killbill = 0
entries = ""
try:
FILE = open (filename,"r" )
entries = FILE.readlines()
FILE.close()
except IOError:
pass
print "[+] hacked.txt file not found but do not worry I will create it right now :)\n"
while int(i) < counter:
url = "http://www.zone-h.org/archive/special=1/page=" + str(i)
if debug:
print url
response = opener.open(url)
html = response.read()
retup = re.findall(r"(<td>)([a-zA-Z0-9\/\@\:\=\.\"\-\_\~\+\]\[\(\) ]*)(\.tr|\.tr/([a-zA-Z0-9\/\!\@\:\=\.\"\-\_\~\+\]\[\(\) ]*))", html)
if len(retup) > 0:
for element in retup:
site = element[1] + element[2] + element[3]
if site.find("w.tr") > 0:
break
if entries:
if debug:
print entries[0]
if site.strip() == entries[0].strip():
killbill = 1
break
if debug:
print site
msg = "[Hacklenmi� Site] - " + site #.split("/")[0]
print "[Hacklenmi� Site] - " + site
try:
tweet(msg)
except Exception,e:
print str(e)
pass
log(msg)
if updated == 0:
updated = 1
FILE = open(filename,"w")
FILE.writelines(site)
FILE.close()
i = i + 1
if killbill == 1:
break
time.sleep(3)
try:
FILE = open ("/hacked.txt","r" )
entry = FILE.read()
FILE.close()
except IOError:
pass
print "[+] hacked.txt file not found but do not worry I will create it right now :)\n"
if __name__ == '__main__':
if sys.platform == 'linux-i386' or sys.platform == 'linux2':
os.system("clear")
elif sys.platform == 'win32':
os.system("cls")
else:
os.system("cls")
print "==================================================="
print "Malicious Site Notifier [http://www.mertsarica.com]"
print "==================================================="
print "[+] 3 dakika bekleniyor..."
time.sleep(3)
if sys.platform == 'linux-i386' or sys.platform == 'linux2':
os.system("clear")
elif sys.platform == 'win32':
os.system("cls")
else:
os.system("cls")
print "==================================================="
print "Malicious Site Notifier [http://www.mertsarica.com]"
print "==================================================="
try:
while(1):
updated = 0
try:
print "viruses()"
viruses()
print "portals()"
portals()
print "hacked()"
hacked()
# print "malwares()"
# malwares()
print "urlquery()"
urlquery()
except Exception,e:
print str(e)
pass
time.sleep(waittime)
except KeyboardInterrupt:
print "[+] Bye..."
