|
|
|
@ -16,6 +16,8 @@ procdata_res = None
|
|
|
|
|
# Get unique system values
|
|
|
|
|
if platform == "win32":
|
|
|
|
|
sysid = hex(uuid.getnode())
|
|
|
|
|
# Python is running as Administrator (so netstat can get filename, to block, etc),
|
|
|
|
|
# so we use this to see who is actually logged in
|
|
|
|
|
res = subprocess.check_output(["WMIC", "ComputerSystem", "GET", "UserName"], universal_newlines=True)
|
|
|
|
|
_, username = res.strip().rsplit("\n", 1)
|
|
|
|
|
userid, sysdom = username.rsplit("\\", 1)
|
|
|
|
@ -42,11 +44,11 @@ def process_netstat(data):
|
|
|
|
|
if platform == 'win32':
|
|
|
|
|
#output = data.stdout
|
|
|
|
|
#print(output)
|
|
|
|
|
output = data.stdout.decode().split('\r\n')
|
|
|
|
|
output = data.stdout.decode().split('\r\n') # split stdout into lines
|
|
|
|
|
|
|
|
|
|
output2 = list()
|
|
|
|
|
output2.append([sysid, userid, sysdom, int( time.time() )])
|
|
|
|
|
print(output2)
|
|
|
|
|
output2.append([sysid, userid, sysdom, int( time.time() )]) # add metadata
|
|
|
|
|
#print(output2)
|
|
|
|
|
procname = ""
|
|
|
|
|
"""for x in range(4, len(output)):
|
|
|
|
|
tmp = output[x].split(" ")
|
|
|
|
@ -65,24 +67,24 @@ def process_netstat(data):
|
|
|
|
|
output2[x] = [i for i in output2[x] if i]
|
|
|
|
|
output2 = [i for i in output2 if i]
|
|
|
|
|
print(output2)"""
|
|
|
|
|
x = len(output) - 1
|
|
|
|
|
procname = "Unknown"
|
|
|
|
|
x = len(output) - 1 # start at the end because filename comes after connection
|
|
|
|
|
procname = "Unknown" # if the very last connection happens to have no file (yes, it's possible), we can say unknown
|
|
|
|
|
while x > 3:
|
|
|
|
|
string = output[x]
|
|
|
|
|
#print("LINE: ", string)
|
|
|
|
|
string_split = string.split(" ")
|
|
|
|
|
string_split = [i for i in string_split if i]
|
|
|
|
|
if string.find("Can not obtain ownership information") >= 0:
|
|
|
|
|
if string.find("Can not obtain ownership information") >= 0: # Higher privilige than us, must be system
|
|
|
|
|
procname = "Windows System"
|
|
|
|
|
elif string.find("]") >= 0 and string.find("[") == 1:
|
|
|
|
|
elif string.find("]") >= 0 and string.find("[") == 1: # generic [file.exe]
|
|
|
|
|
procname = string[2:-1]
|
|
|
|
|
elif len(string_split) == 5: # and string.find("TIME_WAIT") < 0:
|
|
|
|
|
tmp = [procname,]
|
|
|
|
|
elif len(string_split) == 5: # actual netstat line
|
|
|
|
|
tmp = [procname,] # add executable name first
|
|
|
|
|
tmp.extend(string.split(" "))
|
|
|
|
|
tmp = [i for i in tmp if i]
|
|
|
|
|
#print(tmp)
|
|
|
|
|
output2.append(tmp)
|
|
|
|
|
#else:
|
|
|
|
|
#else: # In case of an extra line above file, or an empty line, ignore it
|
|
|
|
|
#print("Garbage data", string)
|
|
|
|
|
x = x - 1
|
|
|
|
|
#output2 = output2[2:]
|
|
|
|
@ -108,7 +110,7 @@ def mainloop(pool):
|
|
|
|
|
sleep(10)
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
|
freeze_support() # required if packaged into EXE
|
|
|
|
|
freeze_support() # required if packaged into single EXE
|
|
|
|
|
# create manager to share data to me, background, foreground
|
|
|
|
|
# create worker pool
|
|
|
|
|
|
|
|
|
@ -126,15 +128,10 @@ if __name__ == '__main__':
|
|
|
|
|
#netdata_res = pool.apply_async(netstat, callback=netstat_done)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# launch loop
|
|
|
|
|
# launch loop - non-blocking!
|
|
|
|
|
while(keeprunning):
|
|
|
|
|
mainloop(pool)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# launch main, non-blocking, loop
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|