LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 02-09-2024, 01:03 PM   #1
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
what to code next? perl related.


i have made a http sniffer, which is useless these days.
then i ran & tested MitMproxy on my lan : https://mitmproxy.org/

installed Suricata in IPS mode and made custom rules that stores executable files in a folder called Filestore, made a perl script that automatically submits those executables to virustotal...

https://www.virustotal.com/gui/home/upload

...and moves those exe's to folder called "infected" if there is positive results from virustotal's reply.

now i am making little program that sends positive files of Clamav scan to virustotal.
i am not sure what kind of project i should start next, any ideas welcome, some kind security related network program would be one i would like to do.

i have been thinking about some kind of honeypot program that i should install & test and write automatic submission of files it gets from bad guys.
 
Old 02-10-2024, 02:15 AM   #2
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 7,292
Blog Entries: 3

Rep: Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718
If you can get your own TLS certificates on to the target clients then you could expand the HTTP sniffer to cover HTTPS.

Quote:
Originally Posted by ////// View Post
i have been thinking about some kind of honeypot program that i should install & test and write automatic submission of files it gets from bad guys.
A while back, I started implementing SSH in Perl but was slow about it and a week into the project, someone else published a working Python implementation. With certain knowledge, it is not that hard, though I had to pick up that knowledge along the way. If you were to make a Perl implementation of SSH, you could watch what passwords the bruteforcers attempt or even pretend to let them in and see what they try to do by capturing all incoming strings without actually doing anything.

Last edited by Turbocapitalist; 02-10-2024 at 02:50 AM.
 
Old 02-10-2024, 04:04 AM   #3
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Original Poster
Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
Quote:
Originally Posted by Turbocapitalist View Post
If you can get your own TLS certificates on to the target clients then you could expand the HTTP sniffer to cover HTTPS.
i did that with Mitmproxy. its one thing i could do again

Quote:
Originally Posted by Turbocapitalist View Post
If you were to make a Perl implementation of SSH, you could watch what passwords the bruteforcers attempt or even pretend to let them in and see what they try to do by capturing all incoming strings without actually doing anything.
that is good idea. ill have to it.
 
Old 02-10-2024, 08:36 AM   #4
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,636
Blog Entries: 4

Rep: Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933Reputation: 3933
"That sounds like a good and typical 'Perl' thing to do."

Also bear in mind that Perl has the CPAN contributed-software library, which IMHO is one of the best and most mature collections available anywhere. Before you do anything "new" with Perl, canvass that library very carefully to see if someone has already done it. Also, look for packages which are soliciting help and contributors.
 
Old 02-10-2024, 11:49 AM   #5
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Original Poster
Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
Quote:
Originally Posted by sundialsvcs View Post
Also bear in mind that Perl has the CPAN contributed-software library, which IMHO is one of the best and most mature collections available anywhere.
of course, i check cpan almost weekly, there is nice modules everywhere xD
 
Old 02-18-2024, 11:46 AM   #6
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Original Poster
Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
Quote:
Originally Posted by Turbocapitalist View Post
If you can get your own TLS certificates on to the target clients then you could expand the HTTP sniffer to cover HTTPS.
ok, just setup mitmproxy and are sniffing one of my host, http(s).
ill have to rewrite my sniffer tho

at least i have a good project to practice perl
 
Old 02-18-2024, 12:25 PM   #7
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 7,292
Blog Entries: 3

Rep: Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718Reputation: 3718
Quote:
Originally Posted by ////// View Post
ok, just setup mitmproxy and are sniffing one of my host, http(s).
ill have to rewrite my sniffer tho
Nice.
 
Old 02-19-2024, 06:09 AM   #8
BenisBrothers
LQ Newbie
 
Registered: Aug 2018
Posts: 3

Rep: Reputation: Disabled
Code a solution finder for the pentomino puzzle.

Make it find all possible solutions for a given board configuration, or print an error message if the given board configuration is invalid (ie, the number of empty squares is not divisible by 5, or the number of empty squares is greater than 5 * [how many pentominoes there are])

Make it print the solutions in pretty colours using ANSI escape codes and make it format them in a pretty way, perhaps using the unicode box drawing characters.

Last edited by BenisBrothers; 02-19-2024 at 09:19 AM.
 
Old 03-18-2024, 01:33 PM   #9
BenisBrothers
LQ Newbie
 
Registered: Aug 2018
Posts: 3

Rep: Reputation: Disabled
I had a go at it myself and got it up and running: https://github.com/dusthillresident/...le-solver-in-C

This program solves pentomino puzzles and prints out some nice colourful terminal text graphics.
 
Old 03-19-2024, 12:43 AM   #10
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,352

Rep: Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751
If you look at the contents pages of the books listed here https://bookauthority.org/books/best-perl-books, you'll probably get some inspirations ....
(Okay, so skip the Learning Perl & Perl 6 books)
 
  


Reply

Tags
network, perl, suricata, virustotal


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Plain Old Documentation (pod) write documentation for Perl, Perl software, and Perl modules LXer Syndicated Linux News 0 10-05-2018 09:12 AM
Writing Perl in Vim and other Perl related questions... sigint-ninja Programming 3 05-29-2014 06:41 AM
Perl 5.10 on RHEL 6.2: The "for" loop code is not executing within my Perl Script hcbj44 Linux - Newbie 5 01-24-2013 11:26 PM
Hiding code in PERL, perl gui question randomx Programming 1 06-26-2004 03:22 PM
perl(Cwd) perl(File::Basename) perl(File::Copy) perl(strict)....What are those? Baldorg Linux - Software 1 11-09-2003 08:09 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 05:11 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration