AndrewNohawk
Coding Pastebin Security

PasteLert Source

Ohhi

Archive for pasteLert

So i finally got round to putting the source together and writing this out. We’ve been really busy with Blackhat training at work and so on and i’m generally just lazy. Also releasing now mostly because the mysql database on my linode keeps crashing, its just too small a box to keep *all* pastebin entries. The code is messy, so expect arb/no commenting but its pretty straight forward, feel free to shoot through any questions you have. Also i messaged pastebin to see if they’d implement something like this or let me do it, but i didnt get any responses to any of the messages :(

Anyway, here is the basic rundown:

  • Setup your mysql, create a database ‘pastebin’ – Google will give you this info :D
  • Drop the structure in, its in the archive as pastebinStructure.sql. mysql -u root -p pastebin < pastebinStructure.sql
  • Extract the archive to its own directory in your webroot, preferably ‘pasteLert’ :)
  • Change the setdb.php file to your mysql details. Edit alerts.php to include your email and location information rather than mine
  • Setup the crons as below

Crons:

Basically there are 4 cron jobs that you need to add:

  • pullPastebin.php – this will go to http://www.pastebin.com/archive.php and get the pasteIDs and add them to `pastebin`.`pastebin`, I generally run this every 2 minutes and my cron looks like this:
    • */2 * * * * php /var/www/html/andrewmohawk.com/pasteLert/pullPastebin.php
  • pullPastes.php – this script then goes and pulls each paste with a random delay between 0-5 seconds (see line 14 if you want to change that). I generally let this run every 10 minutes and looks as follows:
    • */10 * * * * php /var/www/html/andrewmohawk.com/pasteLert/pullPastes.php
  • sendAlerts.php – this script sends out the alerts via email, this is really up to you, obviously as close to 10 minutes means its as close to when you have the data, mines at 15 mins:
    • */15 * * * * php /var/www/html/andrewmohawk.com/pasteLert/sendAlerts.php

Cron Part 2!
So the reason my box was falling over was that every day i’d push all the pastebin’s from that day into another table (pastebinOldData). Essentially i have now changed mine to stop doing this and rather truncated the daily log instead of saving the data.  You however hopefully have a bigger box and can store all the data, or you can always just truncate the data, so you need to pick one of the two files, either truncPastes.php or rotatePastes.php.

Truncate:
0 1 * * * php /var/www/html/andrewmohawk.com/pasteLert/truncPastes.php

Rotate:
0 1 * * * php /var/www/html/andrewmohawk.com/pasteLert/rotatePastes.php

I think that pretty much covers it, feel free to mail in what you are looking for if you need any help.

Kthnx,
Andrew

Leave a Reply

Your email address will not be published. Required fields are marked *