090600

2025-06-09 19:34:56 +09:00
parent 02a10ca391
commit cdc4e209c7
15 changed files with 490 additions and 1 deletions
--- a/old_scripts/commands.yaml
+++ b/old_scripts/commands.yaml
@@ -0,0 +1,30 @@
+commands:
+  - name: easygoing rundll
+    command: 'rundll32 C:\\Users\\[REDACTED]\\AppData\\Local\\Temp\\easygoing.dat,#1'
+
+  - name: nltest all_trusts
+    command: 'nltest /domain_trusts /all_trusts'
+
+  - name: nltest domain_trusts
+    command: 'nltest /domain_trusts'
+
+  - name: net view domain
+    command: 'net view /all /domain'
+
+  - name: net view
+    command: 'net view /all'
+
+  - name: domain admins
+    command: 'net group "Domain Admins" /domain'
+
+  - name: current codepage
+    command: 'cmd.exe /c chcp >&2'
+
+  - name: ipconfig
+    command: 'ipconfig /all'
+
+  - name: workstation config
+    command: 'net config workstation'
+
+  - name: system info
+    command: 'systeminfo'
--- a/old_scripts/graylog_sender.py
+++ b/old_scripts/graylog_sender.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+import json
+import socket
+import sys
+import os
+from datetime import datetime
+
+GRAYLOG_HOST = os.environ.get("GRAYLOG_HOST", "graylog.local")
+GRAYLOG_PORT = int(os.environ.get("GRAYLOG_PORT", 12201))
+LOG_FILE = sys.argv[1]
+
+def send_to_graylog(message: dict):
+    sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    sock.sendto(json.dumps(message).encode("utf-8"), (GRAYLOG_HOST, GRAYLOG_PORT))
+
+def parse_log(file_path: str):
+    with open(file_path, encoding='utf-8') as f:
+        blocks = f.read().split('\n--------------------------------------------------\n')
+        for block in blocks:
+            lines = block.strip().splitlines()
+            if not lines:
+                continue
+            msg = {
+                "version": "1.1",
+                "host": os.uname().nodename,
+                "short_message": lines[0] if lines else "log entry",
+                "timestamp": datetime.utcnow().timestamp(),
+                "_details": '\n'.join(lines)
+            }
+            send_to_graylog(msg)
+
+if __name__ == "__main__":
+    parse_log(LOG_FILE)
--- a/old_scripts/run_commands.py
+++ b/old_scripts/run_commands.py
@@ -0,0 +1,58 @@
+import subprocess
+import yaml
+from datetime import datetime
+import logging
+from pathlib import Path
+
+# Настройка логирования
+log_dir = Path("logs")
+log_dir.mkdir(exist_ok=True)
+log_file = log_dir / f"commands_{datetime.now().strftime('%Y%m%d_%H%M%S')}.log"
+
+logging.basicConfig(
+    level=logging.INFO,
+    format="%(asctime)s [%(levelname)s] %(message)s",
+    handlers=[
+        logging.FileHandler(log_file, encoding='utf-8'),
+        logging.StreamHandler()
+    ]
+)
+
+def run_command(command_str: str) -> tuple[str, str, int]:
+    """Выполняет команду и возвращает stdout, stderr, return_code"""
+    try:
+        result = subprocess.run(command_str, shell=True, capture_output=True, text=True)
+        return result.stdout, result.stderr, result.returncode
+    except Exception as e:
+        return "", str(e), -1
+
+def main(config_path="commands.yaml"):
+    # Загрузка конфигурации
+    try:
+        with open(config_path, encoding="utf-8") as f:
+            config = yaml.safe_load(f)
+    except Exception as e:
+        logging.error(f"Ошибка при загрузке YAML: {e}")
+        return
+
+    for item in config.get("commands", []):
+        name = item.get("name", "Unnamed")
+        command = item.get("command")
+        logging.info(f"⏳ Выполняется команда: {name} → {command}")
+        stdout, stderr, code = run_command(command)
+
+        if code == 0:
+            logging.info(f"✅ Успешно: {name}")
+        else:
+            logging.error(f"❌ Ошибка ({code}): {name}")
+
+        logging.info(f"🔎 STDOUT:\n{stdout.strip()}")
+        if stderr.strip():
+            logging.warning(f"⚠️ STDERR:\n{stderr.strip()}")
+
+        logging.info("-" * 80)
+
+    logging.info("📝 Все команды завершены. Логи: %s", log_file)
+
+if __name__ == "__main__":
+    main()
--- a/old_scripts/script.sh
+++ b/old_scripts/script.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+commands=(
+  "hostnamectl"
+  "ip a"
+  "ip route"
+  "cat /etc/resolv.conf"
+  "uptime"
+  "who"
+  "df -h"
+  "free -m"
+  "netstat -tuln"
+  "systemctl list-units --type=service --state=running"
+)
+
+output_file="/var/log/command_results_$(date +%F_%H-%M-%S).log"
+
+echo "== Сбор информации начат: $(date) ==" > "$output_file"
+
+for cmd in "${commands[@]}"; do
+  echo "Команда: $cmd" >> "$output_file"
+  echo "Вывод:" >> "$output_file"
+  eval "$cmd" >> "$output_file" 2>&1
+  echo -e "\n$(printf '%0.s-' {1..60})\n" >> "$output_file"
+done
+
+echo "== Сбор информации завершен: $(date) ==" >> "$output_file"