Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding VB.NET [PowerShell] Automatically ban IP addresses

Thread Rating:
  • 901 Vote(s) - 3.53 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
[PowerShell] Automatically ban IP addresses

Offline imploding895084


Luxury
*****
Luxury
Posts: 1
Threads: 1
Joined: Jan 2018
Reputation: 0
Level: 1 [Level]
Total Points: 0
Rank 0 / 1
99% to upload Level
Rank
Activity 0 / 1
99% to upload your Rank
Activity
Experience 1
99% to upload Experience
Experience

Points: 50
#1
12-18-2020, 01:47 PM
Maybe you're like me, and occasionally you'll get a random person somewhere in the world that points a fuzzer at one of your applications. For me, this means nothing more than 500+ error log emails in a night before I can get around to banning their IP via firewall. Well, since I've already got code that hooks into any uncaught exceptions and logs them, I figured why not extract out the IP and put it in a database so I can easily ban them. Then I thought, why shouldn't I just automate banning them too? Well, if anybody else has had that problem, here's some code for you:

SQL:

Hidden Content
You must

[To see links please register here]

or

[To see links please register here]

to view this content.


When you get an error, log your error as normal but insert the ip of the user into sys_ErrorIPs, then use the following PS script:


Hidden Content
You must

[To see links please register here]

or

[To see links please register here]

to view this content.


For me, I have that script set up in windows task scheduler to run every minute, so if somebody causes 5 or more unhandled exceptions in under a minute, the script will ban their IP, log that in the db, and send me an email about it.

Note: this assumes that you have a firewall rule named Blacklist.

Hope you enjoy.
Reply

Offline Sircoligny4


Member
*
Member
Posts: 0
Threads: 0
Joined: May 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
12-18-2020, 05:33 PM
I’m reading this through foggy glasses...
Can this be adapted to block anyone browsing through a VPN, like how I was using with algo through Digital Ocean?
Reply

Offline pendvvgph


Member
*
Member
Posts: 0
Threads: 0
Joined: Mar 2019
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
12-18-2020, 06:43 PM
Quote:(12-18-2020, 08:14 PM)sarcrates Wrote:

[To see links please register here]

I’m reading this through foggy glasses...
Can this be adapted to block anyone browsing through a VPN, like how I was using with algo through Digital Ocean?

The powershell script is basically just a script that loops over an array of ip addresses that its given, and adds them to an existing network policy. it has no idea if the ip is on a vpn or not (and that's probably not the route you'd want to go for that either)
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through