-
Notifications
You must be signed in to change notification settings - Fork 0
/
nextcloudblock.py
113 lines (76 loc) · 2.97 KB
/
nextcloudblock.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
import os
import argparse
import pymysql
# Initialize arparse
parser = argparse.ArgumentParser()
"""Argument Parser:
--dbuser: Database user, required
--dbpassword: Password for the db user, required
--db: Database to work on
--dbserver: Database server to connect to, required
--outputfile: File to ouput list to, optional
--unban: IP address to unban
--view: View the list of IP addresses
"""
parser.add_argument("-u", "--dbuser", required=True, type=str,
help="database user used to connect to nextcloud database")
parser.add_argument("-p", "--dbpassword", required=True, type=str,
help="password for database user")
parser.add_argument("-d", "--db", required=True, type=str,
help="nextcloud database name")
parser.add_argument("-s", "--dbserver", required=True,
type=str, help="database server ip")
parser.add_argument("-o", "--outputfile", required=False,
type=str, help="path and file name of output file")
parser.add_argument("-b", "--unban", required=False,
type=str, help="ip address to unban")
parser.add_argument("-v", "--view", required=False,
action='store_true', help="print the list to")
# Assign arguments to args
args = parser.parse_args()
# Declare PyMySql database connection
dbconnection = pymysql.connect(host=args.dbserver, user=args.dbuser,
password=args.dbpassword, db=args.db,
cursorclass=pymysql.cursors.DictCursor)
if args.unban:
# Declare connection to database server
cursor = dbconnection.cursor()
# Generate SQL command
unbansql = "DELETE FROM oc_bruteforce_attempts WHERE ip = '" + args.unban + "';"
# Prepare to execute the SQL command
cursor.execute(unbansql)
# Execute the command
dbconnection.commit()
# Let the person know the IP was removed from the list
print('Unbanned ip address ' + args.unban)
# Close database connection
cursor.close()
else:
# Declare connection to database server
cursor = dbconnection.cursor()
# Execute the sql query
cursor.execute("SELECT * FROM oc_bruteforce_attempts;")
# Fetch all results
results = cursor.fetchall()
# Initialize the list of IP addresses
iplist = set()
if args.outputfile:
# Split file name from pat
path, filename = os.path.split(args.outputfile)
# Change Directory to path
os.chdir(path)
# Open the file
bannedips = open(filename, 'w')
# Remove duplicates and write them to a file or display them
for i in results:
if i['ip'] not in iplist:
if args.outputfile:
bannedips.write(i["ip"] + "\n")
if args.view:
print(i['ip'])
iplist.add(i["ip"])
if args.outputfile:
# Close the file
bannedips.close()
# Close database connection
cursor.close()