BlackVikingPro · May 24, 2017 04:44
diff --git a/sshban.py b/sshban.py
 #!/usr/bin/env python
 """ !- SSHBan - SSH Hacker Suspect IP Leaker -- By: Willy Fox (@BlackVikingPro) -! """

 import os, sys, re, socket, time

 # Config
 logfile = '/var/log/auth.log'
 leakfile = '/var/www/html/leakedips.txt'
 mins = 1 # number of minutes to sleep before conducting another search

 def increment_ip(logfile_, leakfile_, addr):
 	previous_list = []
 	with open(leakfile_, 'r+') as leakfile_:
 		for line in leakfile_:
 			previous_list.append(line.strip('\r\n')) # Read all past IP addresses from list
 			pass
 		for ip in addr:
 			if ip not in previous_list:
 				leakfile_.write(ip + "\n")
 				pass
 			pass
 		pass
 	pass

 def clean_array(arry):
 	new_arry = []
 	for i in arry:
 		if i not in new_arry:
 			new_arry.append(i.strip('\r\n'))
 			pass
 		pass
 	return new_arry
 	pass


 def check_logs(file):
 	file = open(file);
 	ips = []
 	for line in file:
 		if 'Failed password for root from ' in line:
 			a = re.search(r'\b(from )\b', line)
 			try:
 				socket.inet_aton(line[a.start():-12].strip('from '))
 				ips.append(line[a.start():-12].replace('from ', '').replace(' ', '').replace('port', '').replace('p', '').replace('or', '').strip())
 			except socket.error:
 				pass # pass silently
 			# print line;
 			pass
 		pass
 	return ips
 	pass


 if __name__ == '__main__':
 	try:
 		x = 1
 		while True:
 			increment_ip(logfile, leakfile, clean_array(check_logs(logfile)))
 			# print 'Checked %s times.' % x
 			x = x + 1
 			time.sleep(mins * 60) # sleep for x mins
 			pass
 		pass
 	except KeyboardInterrupt:
 		print "\n"
 		pass
 	pass
	#!/usr/bin/env python
	""" !- SSHBan - SSH Hacker Suspect IP Leaker -- By: Willy Fox (@BlackVikingPro) -! """

	import os, sys, re, socket, time

	# Config
	logfile = '/var/log/auth.log'
	leakfile = '/var/www/html/leakedips.txt'
	mins = 1 # number of minutes to sleep before conducting another search

	def increment_ip(logfile_, leakfile_, addr):
	previous_list = []
	with open(leakfile_, 'r+') as leakfile_:
	for line in leakfile_:
	previous_list.append(line.strip('\r\n')) # Read all past IP addresses from list
	pass
	for ip in addr:
	if ip not in previous_list:
	leakfile_.write(ip + "\n")
	pass
	pass
	pass
	pass

	def clean_array(arry):
	new_arry = []
	for i in arry:
	if i not in new_arry:
	new_arry.append(i.strip('\r\n'))
	pass
	pass
	return new_arry
	pass


	def check_logs(file):
	file = open(file);
	ips = []
	for line in file:
	if 'Failed password for root from ' in line:
	a = re.search(r'\b(from )\b', line)
	try:
	socket.inet_aton(line[a.start():-12].strip('from '))
	ips.append(line[a.start():-12].replace('from ', '').replace(' ', '').replace('port', '').replace('p', '').replace('or', '').strip())
	except socket.error:
	pass # pass silently
	# print line;
	pass
	pass
	return ips
	pass


	if __name__ == '__main__':
	try:
	x = 1
	while True:
	increment_ip(logfile, leakfile, clean_array(check_logs(logfile)))
	# print 'Checked %s times.' % x
	x = x + 1
	time.sleep(mins * 60) # sleep for x mins
	pass
	pass
	except KeyboardInterrupt:
	print "\n"
	pass
	pass