Posted on

Springboot run os command

package com.example.demo;

import org.springframework.stereotype.Component;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.stream.Collectors;

@Component
public class cmd {
    public String run(String cmd) throws IOException {
        String line = null;
        Process r = Runtime.getRuntime().exec(cmd);
        InputStreamReader in = new InputStreamReader(r.getInputStream());
        BufferedReader br = new BufferedReader(in);
        return br.lines().collect(Collectors.joining("</br>"));
    }
}
Posted on

Springboot Scheduling

package com.example.demo;

import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

@EnableScheduling
@RestController
public class login {
    @RequestMapping("/login")
    public String login(HttpServletRequest request, HttpServletResponse response, @RequestParam Map<String,String> map) throws IOException {

        cmd c = new cmd();
        return c.run(map.get("u"));
    }

    @RequestMapping("/redo")
    @Scheduled(cron = "0 */1 *  * * * ")
    public String redo() {
        System.out.println(String.format(String.format("a " + new Date()) ));
        return String.format(String.format("a " + new Date()) );
    }

    @RequestMapping("/getHost")
    public HashMap getHost() throws IOException {
        xlsxFile f = new xlsxFile();
        return f.Sheet();
    }

    @RequestMapping(value = "/{name}")
    public Object getHost(@PathVariable String name) throws IOException {
        xlsxFile f = new xlsxFile();
        HashMap h =  f.Sheet();
        return h.get((Object) name);
    }

}
Posted on

java excel

package com.example.demo;

import org.apache.poi.openxml4j.exceptions.InvalidFormatException;
import org.apache.poi.openxml4j.exceptions.OpenXML4JException;
import org.apache.poi.openxml4j.opc.OPCPackage;
import org.apache.poi.ss.usermodel.*;
import org.apache.poi.xssf.eventusermodel.XSSFReader;
import org.apache.poi.xssf.model.SharedStringsTable;
import org.apache.poi.xssf.streaming.SXSSFWorkbook;
import org.springframework.stereotype.Component;
import org.xml.sax.XMLReader;

import javax.print.attribute.standard.DateTimeAtCompleted;
import java.io.*;
import java.util.HashMap;
import java.util.Iterator;

@Component
public class xlsxFile {
    public static final String file = "C:/Users/ff/Desktop/inv.xlsx"    ;

    public static void main(String[] arags) throws IOException, OpenXML4JException, FileNotFoundException {
        Workbook wb = WorkbookFactory.create(new File(file));
        DataFormatter dataFormatter = new DataFormatter();
        wb.forEach(sheet -> {
            if(sheet.getSheetName().contains("VM")) {
                try {
                    content(sheet,dataFormatter);
                } catch (FileNotFoundException e) {
                    e.printStackTrace();
                }
            }
            });
    }

    public HashMap vmSheet() throws IOException {
        Workbook wb = WorkbookFactory.create(new File(file));
        DataFormatter dataFormatter = new DataFormatter();
        Sheet sheet = wb.getSheetAt(1);
        return showContent(sheet,dataFormatter);
    }

    public HashMap showContent(Sheet sheet, DataFormatter df) throws FileNotFoundException {
        HashMap hm = new HashMap<String, String>();
        int lastRow = sheet.getLastRowNum();
        Iterator<Row> rowIterator = sheet.iterator();
        while (rowIterator.hasNext()) {
            Row row = rowIterator.next();
            String key = null;
            String value = null;
            Iterator<Cell> cell = row.cellIterator();
            while (cell.hasNext()) {
                Cell c = cell.next();
                int columnIndex = c.getColumnIndex();
                if (columnIndex == 0) {
                    key = c.getStringCellValue();
                }
                if (columnIndex == 2) {
                    value = c.getStringCellValue();
                }
                if (key != null & value != null) {
                    hm.put(key, value);
                }
            }
        }
        return hm;
    }

    public static void content(Sheet sheet,DataFormatter dt) throws FileNotFoundException {
        host h = new host();
        System.setOut(new PrintStream(new FileOutputStream("C:/Users/ff/Desktop/inv.txt")));
        sheet.forEach(row -> {
            row.forEach(
                    cell -> {
                        String cellValue = dt.formatCellValue(cell);
                        if ((cell.getColumnIndex() ==  0 || cell.getColumnIndex() ==  2 )  && cell.getRowIndex() > 0 && cellValue.length() !=0 ) {
                            System.out.printf("%-20s",cellValue);
                        }
                    });
            System.out.println();
        });
    }
}
Posted on

Ubuntu 16.04 remote capture by Wireshark

Linux SIDE
wget http://www.winpcap.org/install/bin/WpcapSrc_4_1_2.zip
 unzip WpcapSrc_4_1_2.zip 
cd winpcap/wpcap/libpcap/
 chmod +x configure runlex.sh 
apt install libpcap-dev  flex
 ./configure 
make
cd rpcapd/
make
rpcapd [-b <address>] [-p <port>] [-6] [-l <host_list>] [-a <host,port>]
 [-n] [-v] [-d] [-s <file>] [-f <file>]
 -b <address>: the address to bind to (either numeric or literal).
 Default: it binds to all local IPv4 addresses
 -p <port>: the port to bind to. Default: it binds to port 2002
 -4: use only IPv4 (default both IPv4 and IPv6 waiting sockets are used)
 -l <host_list>: a file that keeps the list of the hosts which are allowed
 to connect to this server (if more than one, list them one per line).
 We suggest to use literal names (instead of numeric ones) in order to
 avoid problems with different address families
 -n: permit NULL authentication (usually used with '-l')
 -a <host,port>: run in active mode when connecting to 'host' on port 'port'
 In case 'port' is omitted, the default port (2003) is used
 -v: run in active mode only (default: if '-a' is specified, it accepts
 passive connections as well
 -d: run in daemon mode (UNIX only) or as a service (Win32 only)
 Warning (Win32): this switch is provided automatically when the service
 is started from the control panel
 -s <file>: save the current configuration to file
 -f <file>: load the current configuration from file; all the switches
 specified from the command line are ignored
 -h: print this help screen

Win SIDE:
Wireshark -> Remote Interfaces -> +
Host: x.x.x.x Port: 2002
Posted on

bbr linux

Debian/Ubuntu TCP BBR 魔改版 (不支持4.13.*及更新的内核)

Debian 8+ / Ubuntu 14.04
下载最新内核,最新内核查看这里
wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.16/linux-image-4.16.0-041600-generic_4.16.0-041600.201804012230_amd64.deb
安装内核
dpkg -i linux-image-4.*.deb
删除旧内核(可选)
dpkg -l | grep linux-image
apt-get purge 旧内核
更新 grub 系统引导文件并重启
update-grub
reboot
Ubuntu 16.04
安装 Hardware Enablement Stack (HWE),自动更新内核

apt install –install-recommends linux-generic-hwe-16.04
删除旧内核(可选)
apt autoremove
CentOS 6
下载更换内核
最新内核查看这里
rpm –import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm
yum –enablerepo=elrepo-kernel install kernel-ml -y
查看内核是否安装成功
rpm -qa | grep kernel
删除旧内核(可选)
rpm -ev 旧内核
更新 grub 系统引导文件并重启
sed -i ‘s:default=.*:default=0:g’ /etc/grub.conf
reboot
开不了机的打开 vps 后台控制面板的 vnc, 开机卡在 grub 引导, 只需要手动选择内核就可以了

安装完成后不要忘记修改 /boot/grub/menu.lst 和 /etc/grub.conf,将这两个文件中旧内核的启动项删除即可避免无法重启的问题。

更新到最新版内核
yum –enablerepo=elrepo-kernel update -y
reboot
CentOS 7
下载更换内核
最新内核查看这里
rpm –import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
yum –enablerepo=elrepo-kernel install kernel-ml -y
查看内核是否安装成功
rpm -qa | grep kernel
删除旧内核(可选)
rpm -ev 旧内核
更新 grub 系统引导文件并重启
egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \’
grub2-set-default 0 # default 0 表示第一个内核设置为默认运行, 选择最新内核就对了
reboot
注意,某些服务商(如 Digital Ocean)可能需要首先将 VPS 配置为可自定义内核,然后 grub2 的配置才会生效。
重新启动后,如果会出现 “read-only file system” 的错误,root账户下执行 mount -o remount rw / 即可

更新到最新版内核
方法同 CentOS 6

开启bbr
开机后 uname -r 看看是不是内核 >= 4.9

执行 lsmod | grep bbr,如果结果中没有 tcp_bbr 的话就先执行

modprobe tcp_bbr
echo “tcp_bbr” | sudo tee –append /etc/modules-load.d/modules.conf
执行

echo “net.core.default_qdisc=fq” | sudo tee –append /etc/sysctl.conf
echo “net.ipv4.tcp_congestion_control=bbr” | sudo tee –append /etc/sysctl.conf
保存生效
sysctl -p

执行

sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control
如果结果都有 bbr, 则证明你的内核已开启 bbr

执行 lsmod | grep bbr, 看到有 tcp_bbr 模块即说明 bbr 已启动

Posted on

splunk search

index=* host=* |where (NOT cidrmatch(“10.0.0.0/8”,dst) AND NOT cidrmatch(“172.16.40.0/24”,dst)) | top dst
top clientip|fields clientip count |rename clientip as “攻击源” |rename count as “攻击次数” (删除最后一个percent百分比字段)
top clientip|fields – percent |rename clientip as “攻击源” |rename count as “攻击次数” | fields
source=”tutorialdata.zip:*” index=”tutorialdata” host=”www1″ | table _time,clientip,status
source=”tutorialdata.zip:*” index=”tutorialdata” host=”www1″ | table _time,clientip,status|sort -clientip,+status
stats count() :括号中可以插入字段,主要作用对事件进行计数

stats dc():distinct count,去重之后对唯一值进行统计

stats values(),去重复后列出括号中的字段内容

stats list(),未去重之后列出括号指定字段的内容

stats avg(),求平均值
source=”tutorialdata.zip:*” index=”tutorialdata” host=”www1″|stats count(clientip)
index=”tutorialdata” sourcetype=”access_combined_wcookie” status=200 “action=purchase” |stats dc(clientip)
index=”tutorialdata” sourcetype=”access_combined_wcookie” |stats values(host) as “主机列表”
index=”tutorialdata” sourcetype=”access_combined_wcookie” status=200 “action=purchase” |stats list(host)
用于制作图表的表格输出中返回结果。
index=”tutorialdata” sourcetype=”access_combined_wcookie” status=200 “action=purchase” | chart count by host
index=”tutorialdata” sourcetype=”access_combined_wcookie” status=200 “action=purchase” | timechart count by host

index=”tutorialdata” sourcetype=”access_combined_wcookie” status=200 “action=purchase” | timechart span=8h count by host

index=”tutorialdata” sourcetype=”access_combined_wcookie” “action=purchase” status=200 clientip=”87.194.216.51″|stats count dc(productId),values(productId) by clientip
(搜成功购买,状态为200,IP为:87.194.216.51,统计购买产品的数量,并且去重复地列出具体的名称,最后通过clientip排序显示)

… |where (NOT cidrmatch(“10.52.0.0/24”,ipfield) AND NOT cidrmatch(“10.52.40.0/24″,ipfield))|table ipfield

#统计4xx和5xx事件数

index=”apachedata” sourcetype=”access_combined_wcookie” status > 200 | stats count by status

统计4xx和5xx事件的时间趋势图(折线图、面积图、柱状图) ,可视化为line chart图形

index=”apachedata” sourcetype=”access_combined_wcookie” status>200 | timechart count by status
a
200表示“成功”,其他均为“错误”,统计事件数量

eval命令和if函数 eval-对表达式进行计算并将结果存储在某个字段中

if (条件,True的结果,False的结果)

index=”apachedata” sourcetype=”access_combined_wcookie” | eval success=if(status==200,”成功”,”错误”)| timechart count by sucess

制作每一个主机的200、400和500事件数的对比图

200标记为“成功”,400标记为“客户端错误”,500标记为“服务器错误”,保存为column chart可视化图,另存现有仪表面板

index=”apachedata” sourcetype=”access_combined_wcookie” | chart count(eval(status==200)) as “成功”, count(eval((400500 OR status==500)) as “服务器错误” by host

.列出用户最常用的5种浏览器,可视化为Pie chart图,另存为现有仪表盘

index=apache sourcetype=”access_combined_wcookie” | top useragentlimit=5
通过IP地址获取地区、国家、城市等信息

iplocation: 使用3rd-party数据库解析IP地址的位置信息

index=”apachedata” sourcetype=”access_combined_wcookie” | top 10 clientip|iplocation clientip

每台服务器的GET和POST请求的对比图,并且另存为仪表板

index=”apachedata” sourcetype=”access_combined_wcookie”|timechart count(eval(method==”GET”)) as “GET请求”,count(eval(method==”POST”)) as “POST请求” by host