9b/uma_bot.py

## uma_bot.py
from jabberbot import JabberBot, botcmd
import datetime
import base64
import pymongo
import traceback
import simplejson as json
import os, sys, csv, zipfile, getopt, traceback, socket, urlparse, time, urllib2, string
import StringIO
import logging

class SystemInfoJabberBot(JabberBot):

	def __init__( self, jid, password, res = None):
		super( SystemInfoJabberBot, self).__init__( jid, password, res)
		# create console handler
		chandler = logging.StreamHandler()
		# create formatter
		formatter = logging.Formatter("%(asctime)s - %(name)s - %(levelname)s - %(message)s")
		# add formatter to handler
		chandler.setFormatter(formatter)
		# add handler to logger
		self.log.addHandler(chandler)
		# set level to INFO
		self.log.setLevel(logging.INFO)

		self.users = []
		self.message_queue = []
		self.thread_killed = False

	@botcmd
	def scan( self, mess, args):
		"""Scan text for matching IP addresses from the MDL"""
		text = mess.getBody()
		list = self.get_list(mess,"http://www.malwaredomainlist.com/mdlcsv.php")
		parsed = self.parse_list(mess,list)
		check = self.check_blob(mess,text, parsed)

		if len(check) == 0:
			return "No attackers found"
		else:
			return "Following found on the MDL:\n" + ",".join(check)

	def get_list(self,mess,url):
		reply = "== Downloading MDL =="
		self.send_simple_reply(mess, reply)
		f = urllib2.urlopen(url)
		data = f.read()
		f.close()

		data_stream = StringIO.StringIO(data)
		reader = csv.reader(data_stream, delimiter=',', quoting=csv.QUOTE_MINIMAL)

		reply = "== Downloaded List =="
		self.send_simple_reply(mess, reply)

		return reader

	def parse_list(self,mess,list):
		reply = "== Parsing List =="
		self.send_simple_reply(mess, reply)
		ips = []
		for row in list:
			try:
				ip = string.strip(row[2])
				ips.append(ip)
			except:
				continue

		reply = "== List Parsed =="
		self.send_simple_reply(mess, reply)
		return self.f7(ips)

	def check_blob(self,mess,data, ips):
		reply = "== Checking Blob =="
		self.send_simple_reply(mess, reply)
		check = []
		for ip in ips:
			if(len(ip) > 4):
				result = data.find(str(ip.strip()))
				if(result >= 0):
					check.append(ip.strip())

		check = self.f7(check)
		return check

	def f7(self,seq):
		seen = set()
		seen_add = seen.add
		return [ x for x in seq if x not in seen and not seen_add(x)]

username = 'uma@castiron'
password = 'password'
bot = SystemInfoJabberBot(username,password)
bot.serve_forever()
	from jabberbot import JabberBot, botcmd
	import datetime
	import base64
	import pymongo
	import traceback
	import simplejson as json
	import os, sys, csv, zipfile, getopt, traceback, socket, urlparse, time, urllib2, string
	import StringIO
	import logging

	class SystemInfoJabberBot(JabberBot):

	def __init__( self, jid, password, res = None):
	super( SystemInfoJabberBot, self).__init__( jid, password, res)
	# create console handler
	chandler = logging.StreamHandler()
	# create formatter
	formatter = logging.Formatter("%(asctime)s - %(name)s - %(levelname)s - %(message)s")
	# add formatter to handler
	chandler.setFormatter(formatter)
	# add handler to logger
	self.log.addHandler(chandler)
	# set level to INFO
	self.log.setLevel(logging.INFO)

	self.users = []
	self.message_queue = []
	self.thread_killed = False

	@botcmd
	def scan( self, mess, args):
	"""Scan text for matching IP addresses from the MDL"""
	text = mess.getBody()
	list = self.get_list(mess,"http://www.malwaredomainlist.com/mdlcsv.php")
	parsed = self.parse_list(mess,list)
	check = self.check_blob(mess,text, parsed)

	if len(check) == 0:
	return "No attackers found"
	else:
	return "Following found on the MDL:\n" + ",".join(check)

	def get_list(self,mess,url):
	reply = "== Downloading MDL =="
	self.send_simple_reply(mess, reply)
	f = urllib2.urlopen(url)
	data = f.read()
	f.close()

	data_stream = StringIO.StringIO(data)
	reader = csv.reader(data_stream, delimiter=',', quoting=csv.QUOTE_MINIMAL)

	reply = "== Downloaded List =="
	self.send_simple_reply(mess, reply)

	return reader

	def parse_list(self,mess,list):
	reply = "== Parsing List =="
	self.send_simple_reply(mess, reply)
	ips = []
	for row in list:
	try:
	ip = string.strip(row[2])
	ips.append(ip)
	except:
	continue

	reply = "== List Parsed =="
	self.send_simple_reply(mess, reply)
	return self.f7(ips)

	def check_blob(self,mess,data, ips):
	reply = "== Checking Blob =="
	self.send_simple_reply(mess, reply)
	check = []
	for ip in ips:
	if(len(ip) > 4):
	result = data.find(str(ip.strip()))
	if(result >= 0):
	check.append(ip.strip())

	check = self.f7(check)
	return check

	def f7(self,seq):
	seen = set()
	seen_add = seen.add
	return [ x for x in seq if x not in seen and not seen_add(x)]

	username = 'uma@castiron'
	password = 'password'
	bot = SystemInfoJabberBot(username,password)
	bot.serve_forever()