Alan Moote wrote:
Hey gang,
As you will soon see, I am quite new to Perl. I am
trying to out put a list of IPs that are trying to
access cmd.exe on my webserver. The problem is, when
I run the script against my access_log the output is a
bunch of blank lines. Here's the script so far:
#!/usr/bin/perl -w
use strict;
## Use pattern matching to find IPs that have searched
for "cmd.exe"
## Example log lines:
## 24.150.82.42 - - [08/Dec/2002:08:47:46 -0500] "GET
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 293 "-"
"-"
## 24.150.82.42 - - [08/Dec/2002:08:47:48 -0500] "GET
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 293 "-"
"-"
## 24.150.82.42 - - [08/Dec/2002:08:47:51 -0500] "GET
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 307 "-" "-"
$LogFile=$ARGV[0];
## Open the file called from command line, die with
error if not readable
open(ACCLOG, "<$LogFile") || die "Cannot open
$LogFile\n";
better to use 'or' here instead of '||' -> precedence.
while(<ACCLOG>) {
/(^[0-9]{1-3}\.[0-9]{1-3}\.[0-9]{1-3}\.[0-9]{1-3})*.cmd\.exe*.$/g;
instead of *. I believe you want .* for both occurrences in the above line.
print "$1\n";
}
close(ACCLOG);
It's not much, and to me, it looks right, but
obviously I am overlooking some details.
Any ideas?
http://danconia.org
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
