#!/bin/sh
# Copyright 2005 Michael John Wensley http://www.wensley.org.uk/
echo -ne "Content-Type: text/html\r\n\r\n"
cat << EOF
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head><title>No! I'm no pirate? But I've lost my parrot.... Polly? POLLY? ...want a cracker?</title>
<link rel="stylesheet" type="text/css" href="http://www.wensley.org.uk/style8" title="Theme"/>
</head>
<body>
<h1>No! I'm no pirate? But I've lost my parrot.... Polly? POLLY? ...want a cracker?</h1>
<p>This page is automatically generated from logs of unauthorised SSH connections... Over 40 attempts guarantees a listing ;) <a href="/crackers.sh">Enjoy the source</a></p>
<ul>
EOF
for N in /var/log/auth.log /var/log/auth.log.0
do
        case $N in
                *gz) zgrep "Invalid user" $N
                ;;
                *bz2) bzgrep "Invalid user" $N
                ;;
                *) grep "Invalid user" $N
                ;;
        esac
done | cut -c 22- | rev | cut -d" " -f1 | rev | uniq -c | while read N1 N2
do
        IPV4=`ipv6calc -imq $N2 | grep IPV4= | cut -d= -f2`
        # N8 is the username
	if expr $N1 \> 40 > /dev/null
	then
		CN=`geoiplookup $IPV4 | cut -d: -f2`
	        echo -n "<li>"
		if [ "`echo $CN | cut -c3`" == "," ]
		then
			echo -n "<img type=\"image/png\" src=\"http://www.wensley.org.uk/flags/`echo $CN | cut -c1-2 | tr '[:upper:]' '[:lower:]'`\" width=\"5%\"/>"
		fi
		echo -n "${N1}"$' hits from '"${CN}"$' at '"${IPV4}"
		echo $'</li>'
	fi
done
echo "<li><a href=\"http://validator.w3.org/check/referer\">Revalidate</a></li>"
echo "<li><a href=\"http://jigsaw.w3.org/css-validator/check/referer\">Validate CSS</a></li>"
echo "<li><a href=\"http://www.wensley.org.uk/tech\">Rest of site</a></li>"
echo "</ul></body></html>"