Skip to content

Commit

Permalink
add New features , optimize
Browse files Browse the repository at this point in the history 
add  :
send most versatile user
send most thirsty user
  • Loading branch information
@wikm360
wikm360 committed Jun 14, 2024
1 parent 87bb5ed commit 6370549
Show file tree
Hide file tree
Showing 2 changed files with 133 additions and 1 deletion.
3 changes: 3 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ What does this bot do?
10) most ulr used per user
11) calculate and send The most used user
12) send users usage ( get with mysql and marzban API )
13) send most versatile user (in porn sites)
14) send most thirsty user (in porn sites)

more features coming 🔜

Expand All @@ -35,6 +37,7 @@ Before installing the required libraries, you must first install Python and pip
pip install os
pip install collections
pip install mysql-connector-python
pip install DateTime
```
## Get

Expand Down
131 changes: 130 additions & 1 deletion base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@
from collections import Counter
import mysql.connector
import urllib.parse
from datetime import datetime , timedelta
from collections import defaultdict

CPU_THRESHOLD = cpu_threshold
RAM_THRESHOLD = ram_threshold
Expand Down Expand Up @@ -159,6 +161,13 @@ def analize () :
file.writelines(line_str)
if user not in p_user :
p_user.append(user)

pattern_porn = r"\b\w*\s*brazzer\s*\w*\b"
if re.findall(pattern_porn, line_str):
with open (f"{path}porn_detection.txt" , "a" , encoding="utf-8") as file :
file.writelines(line_str)
if user not in p_user :
p_user.append(user)

# phone detection :
xiaomi_pattern = r"\b\w*\s*xiaomi\s*\w*\b"
Expand Down Expand Up @@ -323,6 +332,126 @@ def analize () :
print(mess)
send_telegram_message(mess)

#versatile person :
log_pattern = re.compile(
r'\s{2}(?P<date>\d{4}/\d{2}/\d{2}) (?P<time>\d{2}:\d{2}:\d{2}) (tcp:|udp:)?(?P<source_ip>\[?[\da-fA-F:.]+\]?):\d+ (?P<action>\w+) '
r'(tcp|udp):(?P<domain>[\w\.-]+):\d+ \[.*\] email: (?P<user>[\w\.@_]+)'
)

def parse_log_line(line):
match = log_pattern.match(line)
if match:
date_str = match.group('date')
time_str = match.group('time')
datetime_str = f"{date_str} {time_str}"
log_datetime = datetime.strptime(datetime_str, '%Y/%m/%d %H:%M:%S')

domain = match.group('domain')
# Check if the domain is a subdomain (has more than two parts)
if domain.count('.') > 1:
return None

return {
'datetime': log_datetime,
'source_ip': match.group('source_ip').strip('[]'),
'action': match.group('action'),
'domain': domain,
'user': match.group('user')
}
return None

def analyze_versatile(log_lines):
user_domain_requests = defaultdict(list)

for line in log_lines:
log_entry = parse_log_line(line)
if log_entry:
user_domain_key = (log_entry['user'], log_entry['domain'])
user_domain_requests[user_domain_key].append(log_entry['datetime'])

shortest_time_user = None
shortest_time_domain = None
max_requests = 0
shortest_period = None

for (user, domain), times in user_domain_requests.items():
times.sort()
if len(times) > 1:
first_time = times[0]
last_time = times[-1]
period = last_time - first_time
num_requests = len(times)

if shortest_period is None or (period < shortest_period and num_requests > max_requests):
shortest_time_user = user
shortest_time_domain = domain
max_requests = num_requests
shortest_period = period

return shortest_time_user, shortest_time_domain, max_requests, shortest_period

with open(f"{path}porn_detection.txt", 'r') as f:
log_lines = f.readlines()

result = analyze_versatile(log_lines)
if result:
user, domain, requests, period = result
mess = f"the most versatile person is {user} made the most requests ({requests}) to domain {domain} in the shortest period ({period})."
send_telegram_message(mess)
else:
mess = "No sufficient data found in logs."
send_telegram_message(mess)


# thirsty person :
def analyze_thirsty(log_lines):
user_domain_requests = defaultdict(list)

for line in log_lines:
log_entry = parse_log_line(line)
if log_entry:
user_domain_key = (log_entry['user'], log_entry['domain'])
user_domain_requests[user_domain_key].append(log_entry['datetime'])

longest_time_user = None
longest_time_domain = None
longest_period = None

for (user, domain), times in user_domain_requests.items():
times.sort()
if len(times) > 1:
first_time = times[0]
last_time = times[-1]
period = last_time - first_time

# Check if the period is less than or equal to 3 hours (timedelta in seconds)
if period <= timedelta(hours=3):
# Check if this is the longest period found
if longest_period is None or period > longest_period:
longest_time_user = user
longest_time_domain = domain
longest_period = period
else:
# If the period exceeds 3 hours, skip this user-domain pair
continue

# If longest_time_user is still None, it means no valid entry was found within the time limit
if longest_time_user is None:
return None, None, None
else:
return longest_time_user, longest_time_domain, longest_period

with open(f"{path}porn_detection.txt", 'r') as f:
log_lines = f.readlines()

result_user, result_domain, result_period = analyze_thirsty(log_lines)
if result_user:
mess = f"The most thirsty person is {result_user} spent the longest period ({result_period}) on main domain {result_domain}."
send_telegram_message(mess)
else:
mess = "No sufficient data found or all users exceeded 3 hours on main domains."
send_telegram_message(mess)

send_def()

def send_def () :
Expand Down Expand Up @@ -368,7 +497,7 @@ def clear_def() :
except :
pass

send_telegram_message("Done...Created by @wikm360 with ❤️...V2.7")
send_telegram_message("Done...Created by @wikm360 with ❤️...V3.0")


def main() :
Expand Down

0 comments on commit 6370549

Please sign in to comment.