diff options
Diffstat (limited to 'misc')
| -rw-r--r-- | misc/comm.c | 18 | ||||
| -rw-r--r-- | misc/evil.c | 6 | ||||
| -rw-r--r-- | misc/server_example.py | 51 |
3 files changed, 75 insertions, 0 deletions
diff --git a/misc/comm.c b/misc/comm.c new file mode 100644 index 0000000..989325e --- /dev/null +++ b/misc/comm.c @@ -0,0 +1,18 @@ +#define _GNU_SOURCE +#include <stdio.h> +#include <string.h> +#include <sys/prctl.h> +#include <unistd.h> + +int main(void) { + char new_name[] = "notcomm"; + + if (prctl(PR_SET_NAME, (unsigned long)new_name, 0, 0, 0) != 0) { + perror("prctl"); + return 1; + } + + printf("Changed comm to: %s\n", new_name); + sleep(1); + return 0; +} diff --git a/misc/evil.c b/misc/evil.c new file mode 100644 index 0000000..c3c4524 --- /dev/null +++ b/misc/evil.c @@ -0,0 +1,6 @@ +#include <stdio.h> + +int main() { + puts("this is a very evil program"); +} + diff --git a/misc/server_example.py b/misc/server_example.py new file mode 100644 index 0000000..4b53315 --- /dev/null +++ b/misc/server_example.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python3 + +# +# basic example showing how to use noawareness data +# +# - set up webhook as you see fit +# - configure your logging search engine to ingest noawareness.log +# - point noawareness agents at this host to collect logs centrally +# + +import socket +import json +import logging +import requests + +# Configuration +UDP_PORT = 55555 +LOG_FILE = "noawareness.log" +DISCORD_WEBHOOK_URL = "https://discord.com/api/webhooks/your/webhook/url" +TRIGGER_MD5 = "foo" + +# Setup logging to just log raw messages +logging.basicConfig(filename=LOG_FILE, level=logging.INFO, format="%(message)s") + +# Create UDP socket +sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) +sock.bind(("0.0.0.0", UDP_PORT)) +print(f"Listening on UDP port {UDP_PORT}...") + +def send_discord_alert(message): + payload = {"content": message} + try: + requests.post(DISCORD_WEBHOOK_URL, json=payload) + except requests.RequestException: + pass + +while True: + try: + data, _ = sock.recvfrom(65535) + message = data.decode("utf-8", errors="ignore").strip() + logging.info(message) + + try: + parsed = json.loads(message) + if parsed.get("md5") == TRIGGER_MD5: + send_discord_alert(f"Trigger match: md5 == {TRIGGER_MD5}") + except json.JSONDecodeError: + pass + + except KeyboardInterrupt: + break |