Results 1 to 6 of 6

Thread: log analyzer?

  1. #1
    Junior Member
    Join Date
    May 2008
    Posts
    35

    Question log analyzer?

    Hello,

    I am looking for log analyzer that i can use to narrow down errors, sql injection and XSS(any from of attacks).

    Thx in advance

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Well maybe you should specify for what the program should scan the logs.

    It's like hey, i need a google search result analyzer. Without proper input there won't be any proper output.
    Tiocfaidh ár lá

  3. #3
    Junior Member
    Join Date
    May 2008
    Posts
    35

    Default Apache logviewer/analyzer

    Well maybe you should specify for what the program should scan the logs
    errors, sql injection and XSS(any from of attacks)
    example:
    Code:
    +and+1=convert(nvarchar,CHAR(+127+))%2B(select+@@servername)
    +having+1=1-- 
    id0=0%20/*!39999%20and%201=2*/--%20and%201=1 HTTP/1.1" 200 12371 "-" "pangolin/0.1"
    id0=0%20and%20(select%20length(database())%20%20)%3C=32%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20length(database())%20%20)%3E16%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20length(database())%20%20)%3E24%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20length(database())%20%20)%3E28%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20length(database())%20%20)%3E30%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20length(database())%20%20)%3E31%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3C=256%20and%201=1 HTTP/1.1" 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E128%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E192%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E224%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E240%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E248%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E252%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E254%20and%201=1 HTTP/1.1" 200 
    id0=0%20and%20(select%20ascii(substr(database(),1,1))%20%20)%3E255%20and%201=1 HTTP/1.1" 200
    an application that is for windows instead of using notepad to view apache logs. Sorry i meant logviewer

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by KMDave View Post
    Well maybe you should specify for what the program should scan the logs.

    It's like hey, i need a google search result analyzer. Without proper input there won't be any proper output.
    There is google analytics.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    If you're not able to use the obvious tools (sed, awk, grep, etc), try Splunk.
    dd if=/dev/swc666 of=/dev/wyze

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Checkout apache-scalp
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •