-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathwebhook.py
139 lines (127 loc) · 4.9 KB
/
webhook.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
import requests
import locale
#convert protocol id to protocol name (tcp, udp, icmp, etc.), if there is no match return id
def prtIdToPrt(protocolID):
if protocolID == 1:
return "ICMP"
elif protocolID == 6:
return "TCP"
elif protocolID == 17:
return "UDP"
else:
return str(protocolID) + " (id)"
#set decimal/thousand seperator for numbers (1000 to 1.000) following the local "standard"
def decSep(rawNumber):
return f'{int(rawNumber):,}'.replace(",",locale.localeconv()["decimal_point"])
# send found attack to the webhook
def send(webhook_url, message):
# prevent empy values because discord doesnt accept them
for i in message:
if message.get(i) == "":
message[i] = "Null"
# build the bandwidth result
bandwidth=message['traffic']
if bandwidth<10000:
bandwidth = decSep(str(message['traffic']))+" Mbit/s"
else:
bandwidth = "~"+decSep(str(round(message['traffic']/1000)))+" Gbit/s"
data = {
"content": "",
"embeds": [
{
"title": "New attack detected",
"description": str(message['id']),
"url": "https://cp.tube-hosting.com",
"color": 10751,
"fields": [
{
"name": "⠀",
"value": "> *IP under attack*:\n"
"> **"+str(message['ip'])+"**\n⠀",
"inline": "true"
},
{
"name": "⠀",
"value": "> *time:*\n"
"> **"+(message['time'].replace("T", " "))+"**\n⠀",
"inline": "true"
},
{
"name": "⠀",
"value": "> *type:*\n"
"> **"+str(message['type'])+"**\n⠀",
"inline": "true"
},
{
"name": "⠀",
"value": "> *initital bandwith*:\n"
"> **"+bandwidth+"**\n⠀",
"inline": "true"
},
{
"name": "⠀",
"value": "> *Initial Packets per second:*\n"
"> **" + decSep(str(message['pps'])) + " Packets/s**\n⠀",
"inline": "true"
},
{
"name": "⠀",
"value": "> *avg. packet size:*\n"
"> **"+str(message['avgPacketSize'])+"**\n⠀",
"inline": "true"
}
],
"footer": {
"text": "tubehosting ddos alert made with <3 by Lennart01"
},
"timestamp": (message['time'].replace("T", " ")[:-4])
}
],
"username": "DDoS-Alert",
"avatar_url": "https://resources.tube-hosting.com/logo/app_icon.png"
}
# JSON to send via webhook
# sending JSON to webhook
requests.post(webhook_url, json=data)
# Building sample jSON to send via webhook
samplesFirst = ""
samplesSecond = ""
sampleCount = len(message['samples'])
#get first half of samples
for i in range(round(sampleCount/2)):
samplesFirst += "> src. IP: **" + str(message['samples'][i]['srcIP']) + "** ⠀|⠀" \
"target port: **" + str(message['samples'][i]['dstPort'])+"** ⠀|⠀" \
"protocol: **" + prtIdToPrt((message['samples'][i]['ipProtocol'])) + "**\n"
#get second half of samples
for i in range(round(sampleCount / 2)):
j = i + round(sampleCount / 2)
samplesSecond += "> src. IP: **" + str(message['samples'][j]['srcIP']) + "** ⠀|⠀" \
"target port: **" + str(message['samples'][j]['dstPort'])+"** ⠀|⠀" \
"protocol: **" + prtIdToPrt((message['samples'][j]['ipProtocol'])) + "**\n"
data = {
"content": "",
"embeds": [
{
"title": "DDos Samples",
"color": 10751,
"fields": [
{
"name": "⠀",
"value": samplesFirst
},
{
"name": "⠀",
"value": samplesSecond
}
],
"footer": {
"text": "tubehosting ddos alert made with <3 by Lennart01"
},
"timestamp": (message['time'].replace("T", " ")[:-4])
}
],
"username": "DDoS-Alert",
"avatar_url": "https://resources.tube-hosting.com/logo/app_icon.png"
}
# sending JSON to webhook
requests.post(webhook_url, json=data)