sciencefair2023/analyze.py

import sys
import requests

def sorted_dict(d: dict, reverse=True) -> dict:
    return {
        key: d[key]
        for key in sorted(d, key=d.get, reverse=reverse)
    }

def main(filename: str):
    validnames = {
        'wp-login.php',
        '.env',
        'plugins/system/debug/debug.xml',
        'administrator/language/en-GB/en-GB.xml',
        'administrator/help/en-GB/toc.json',
        '.git/config',
        'vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php',
        'xmlrpc.php',
        'wp1/wp-includes/wlwmanifest.xml',
        'wp/wp-includes/wlwmanifest.xml',
        'wordpress/wp-includes/wlwmanifest.xml',
        'web/wp-includes/wlwmanifest.xml',
        'test/wp-includes/wlwmanifest.xml',
        'site/wp-includes/wlwmanifest.xml',
        'shop/wp-includes/wlwmanifest.xml',
        'cms/wp-includes/wlwmanifest.xml',
        'blog/wp-includes/wlwmanifest.xml',
        '2019/wp-includes/wlwmanifest.xml',
        'wp-load.php',
        'public/_ignition/health-check',
        '_ignition/health-check',
        'admin/.env',
        'protected/.env',
        'wp-includes/wp-class.php',
        'wp-commentin.php',
        'wp-signin.php'
    }
    hitfiles = {}.fromkeys(validnames, 0)
    requesters = {}
    locations = {}
    for ip, date, time, timezone, status, method, file in filterwords(filename, validnames):
        hitfiles[file] += 1

        if ip in requesters:
            requesters[ip] += 1
        else:
            requesters[ip] = 1
            latlon = get_ip_latlon(ip)
            if latlon is not None:
                locations[ip] = latlon

    hitfiles = sorted_dict(hitfiles)
    print(f'{hitfiles = }')
    requesters = sorted_dict(requesters)
    print(f'{requesters = }')
    print(f'{locations = }')

def get_ip_latlon(ip: str) -> (int, int):
    # make a reqest to ip-api.com to associate an ip to a
    # latitude and longitude
    addr = f'http://ip-api.com/json/{ip}'
    response = requests.get(addr)
    resulting_dict = eval(response.content)
    if resulting_dict['status'] != 'fail':
        return resulting_dict['lat'], resulting_dict['lon']

def filterwords(filename: str, validnames: set):
    with open(filename, 'r') as f:
        for line in f:
            # IP,YYMMDD hhmmss TIMEZONE,STATUS,METHOD,FILE
            ip, timethings, status, method, filepath = line.split(',', 4)
            file = '/'.join(filepath.split('/')[4:]).strip()
            if (
                status != '200'
                or method != 'GET'
                or file not in validnames
            ): continue
            date, time, timezone = timethings.split(' ')
            yield ip, date, time, timezone, status, method, file

if __name__ == '__main__':
    main(sys.argv[1])
Created 2022-12-28 23:31:24 -05:00			`import sys`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`import requests`
Created 2022-12-28 23:31:24 -05:00
better sorting, changed display 2022-12-30 12:35:08 -05:00			`def sorted_dict(d: dict, reverse=True) -> dict:`
			`return {`
			`key: d[key]`
			`for key in sorted(d, key=d.get, reverse=reverse)`
			`}`

Created 2022-12-28 23:31:24 -05:00			`def main(filename: str):`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`validnames = {`
Created 2022-12-28 23:31:24 -05:00			`'wp-login.php',`
			`'.env',`
			`'plugins/system/debug/debug.xml',`
			`'administrator/language/en-GB/en-GB.xml',`
			`'administrator/help/en-GB/toc.json',`
			`'.git/config',`
			`'vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php',`
			`'xmlrpc.php',`
			`'wp1/wp-includes/wlwmanifest.xml',`
			`'wp/wp-includes/wlwmanifest.xml',`
			`'wordpress/wp-includes/wlwmanifest.xml',`
			`'web/wp-includes/wlwmanifest.xml',`
			`'test/wp-includes/wlwmanifest.xml',`
			`'site/wp-includes/wlwmanifest.xml',`
			`'shop/wp-includes/wlwmanifest.xml',`
			`'cms/wp-includes/wlwmanifest.xml',`
			`'blog/wp-includes/wlwmanifest.xml',`
			`'2019/wp-includes/wlwmanifest.xml',`
			`'wp-load.php',`
			`'public/_ignition/health-check',`
			`'_ignition/health-check',`
			`'admin/.env',`
			`'protected/.env',`
			`'wp-includes/wp-class.php',`
			`'wp-commentin.php',`
			`'wp-signin.php'`
			`}`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`hitfiles = {}.fromkeys(validnames, 0)`
			`requesters = {}`
better sorting, changed display 2022-12-30 12:35:08 -05:00			`locations = {}`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`for ip, date, time, timezone, status, method, file in filterwords(filename, validnames):`
			`hitfiles[file] += 1`

			`if ip in requesters:`
			`requesters[ip] += 1`
			`else:`
			`requesters[ip] = 1`
			`latlon = get_ip_latlon(ip)`
			`if latlon is not None:`
better sorting, changed display 2022-12-30 12:35:08 -05:00			`locations[ip] = latlon`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00
better sorting, changed display 2022-12-30 12:35:08 -05:00			`hitfiles = sorted_dict(hitfiles)`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`print(f'{hitfiles = }')`
better sorting, changed display 2022-12-30 12:35:08 -05:00			`requesters = sorted_dict(requesters)`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`print(f'{requesters = }')`
better sorting, changed display 2022-12-30 12:35:08 -05:00			`print(f'{locations = }')`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00
			`def get_ip_latlon(ip: str) -> (int, int):`
			`# make a reqest to ip-api.com to associate an ip to a`
			`# latitude and longitude`
			`addr = f'http://ip-api.com/json/{ip}'`
			`response = requests.get(addr)`
			`resulting_dict = eval(response.content)`
			`if resulting_dict['status'] != 'fail':`
			`return resulting_dict['lat'], resulting_dict['lon']`
Created 2022-12-28 23:31:24 -05:00
			`def filterwords(filename: str, validnames: set):`
			`with open(filename, 'r') as f:`
			`for line in f:`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`# IP,YYMMDD hhmmss TIMEZONE,STATUS,METHOD,FILE`
			`ip, timethings, status, method, filepath = line.split(',', 4)`
			`file = '/'.join(filepath.split('/')[4:]).strip()`
Created 2022-12-28 23:31:24 -05:00			`if (`
			`status != '200'`
			`or method != 'GET'`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`or file not in validnames`
Created 2022-12-28 23:31:24 -05:00			`): continue`
			`date, time, timezone = timethings.split(' ')`
Now lists requesters, associates ips, and sorts requesters by frequency 2022-12-30 12:04:53 -05:00			`yield ip, date, time, timezone, status, method, file`
Created 2022-12-28 23:31:24 -05:00
			`if __name__ == '__main__':`
			`main(sys.argv[1])`