forked from Courvix-Network/OVH-DDoS-Alerts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchecker.js
117 lines (106 loc) · 4.02 KB
/
checker.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
// Made by Courvix Network for the Courvix Network
const phin = require('phin')
const chalk = require('chalk')
const net = require('net')
const config = require("./config.json");
const ovh = require('ovh')({
...config.ovh
});
const serverName = config.serverName;
const ipBlock = process.argv[2];
const ipAddr = process.argv[3];
const interval = process.argv[4] * 1000;
let mitigationEnabled = false;
if (process.argv.length < 5 || !net.isIPv4(ipAddr)) {
console.log(chalk.magenta("Usage: node checker [IP Block] [IP Address] [Check Interval]"));
} else {
CheckMitigation();
}
async function CheckMitigation() {
setInterval(() => {
let time = new Date();
console.log(chalk.white.bold(`[info] : Checking mitigation status ${time.toLocaleTimeString()}`));
ovh.request("GET", `/ip/${encodeURIComponent(ipBlock)}/mitigation/${ipAddr}`, (err, mitigationStatus) => {
if(!err) {
console.log(chalk.green(`IP Address: ${ipAddr} | Auto Mode: ${mitigationStatus.auto} | Permanent Mode: ${mitigationStatus.permanent}`));
if (mitigationStatus.permanent === true && mitigationStatus.auto === true) {
if (mitigationEnabled === true) {
console.log(chalk.blackBright.red("[warn] : Mitigation mode is still enabled"));
} else if (mitigationEnabled === false) {
console.log(chalk.blackBright.red("[warn] : Mitigation mode has been enabled"));
mitigationEnabled = true;
SendAlert(true);
}
} else if (mitigationStatus.auto === false && mitigationEnabled === true) {
console.log(chalk.green("[info] : Mitigation mode has been disabled"));
mitigationEnabled = false;
SendAlert(false);
}
} else {
console.log(chalk.blackBright.red(`[crit] : ${err} response (${mitigationStatus})`));
}
});
}, interval);
}
async function SendAlert(mode) {
let description;
let footer;
let color;
if (mode === true) {
description = "A possible DDoS attack has been detected";
footer = "Our system is attempting to mitigate the attack and the attack has been automatically captured."
color = 16056320;
} else if (mode === false) {
description = "Mitigation mode has been disabled on the IP";
footer = "End of attack on IP address.";
color = 65338;
}
const webhookPayload = {
"embeds": [{
"title": "DDoS Attack",
"description": description,
"url": "https://courvix.com",
"color": color,
"fields": [{
"name": "Server:",
"value": serverName,
"inline": true
},
{
"name": "IP Address:",
"value": ipAddr,
"inline": true
},
{
"name": "Host:",
"value": "OVH",
"inline": true
},
{
"name": "Protection Provider:",
"value": "OVH VAC",
"inline": true
},
],
"author": {
"name": "Courvix Network",
"url": "https://courvix.com",
"icon_url": "https://i.imgur.com/2a3ccAN.png"
},
"footer": {
"text": footer,
"icon_url": "https://img.pngio.com/warning-icon-png-321332-free-icons-library-warning-icon-png-2400_2400.jpg"
},
"thumbnail": {
"url": "https://cdn.countryflags.com/thumbs/france/flag-800.png"
}
}]
}
const request = phin.defaults({
'method': 'POST',
'parse': 'json',
'data': webhookPayload
})
const res = await request(config.webhookURL);
return(res);
}