Urells

Urells

About

This program takes the output from urlsnarf and puts it into a MySQL database.

The table structure looks like this:

• • eid

  • timestamp

  • ip

  • fqdn

  • domain

  • tld

  • action

  • request

  • referrer

  • client

You can grab it here: urells.php

This is still in development. Currently I am just doing something like this to run it:

shell~% list=`/bin/ls /data/urells/<pick a month>`

shell~% for x in $list; do urells.php $x; done;

I have a simple shell script for urlsnarf that manages the files (cron controlled). It looks like this:

#!/usr/local/bin/bash

# Put this in crontab:

# 0       0       *       *       *       /root/Code/urells_job.sh > /dev/null 2>&1

year=`date "+%Y"`

month=`date "+%m"`

day=`date "+%d"`

root="/data/urells"

int=bce1

# Check dirs

if [ ! -e $root/$year ]; then

    mkdir $root/$year

fi

if [ ! -e $root/$year/$year-$month ]; then

    mkdir $root/$year/$year-$month

fi;

pid=`ps auxwww| grep "urlsnarf -n -i $int" | grep -v grep | awk '{print $2}'`

if [ -n "$pid" ]; then

    /usr/local/sbin/urlsnarf -n -i $int >> $root/$year/$year-$month/$year-$month-$day.txt&

    for x in $pid; do

        /bin/kill $pid

    done;

else

    /usr/local/sbin/urlsnarf -n -i $int >> $root/$year/$year-$month/$year-$month-$day.txt&

fi;