Sign in to follow this  
Followers 0
doomkiller

Reading from txt file

8 posts in this topic

Sorry in advance for the weak topic title.

Ok here is what i got going on so far my script will take this txt file

Active Connections

  Proto  Local Address        Foreign Address       State
  TCP   192.168.0.101:1171   64.12.24.196:5190    ESTABLISHED
  TCP   192.168.0.101:1306   207.150.170.236:6667   ESTABLISHED
  TCP   192.168.0.101:1688   63.241.83.11:6112    TIME_WAIT
  TCP   192.168.0.101:1689   63.241.83.8:6112      ESTABLISHED
  TCP   192.168.0.101:1690   63.241.83.18:6112    TIME_WAIT
  TCP   192.168.0.101:1692   63.241.83.9:6112      TIME_WAIT
  TCP   192.168.0.101:1693   63.241.83.9:6112      TIME_WAIT
  TCP   192.168.0.101:1694   63.241.83.9:6112      TIME_WAIT
  TCP   192.168.0.101:1698   63.241.83.7:6112      ESTABLISHED
  TCP   192.168.0.101:1699   63.241.83.7:6112      TIME_WAIT
  TCP   192.168.0.101:1700   63.241.83.7:6112      TIME_WAIT
  TCP   192.168.0.101:1701   63.241.83.18:6112    TIME_WAIT
  TCP   192.168.0.101:1702   63.241.83.7:6112      TIME_WAIT
  TCP   192.168.0.101:1785   205.188.248.130:5190   ESTABLISHED
  TCP   192.168.0.101:3527   207.46.4.91:1863      ESTABLISHED

and pick out this ip 64.12.24.196:5190 this is great in all but what i then need it to do is grab this :1171 in the same line for the locaport and I need that wrapped up in a variable.

here is my code so far

$ServerIP = "64.12.24."
$IP1 = 196
CompareIP ()
Func CompareIP ()

    Local $IPStart
      $A = 1
      $hit = 0

      for $i = 1 to 20
          $CheckIP = FileReadLine ( 'C:\ip2.txt', $A )

            $IPStart   = StringInStr ( $CheckIP, $ServerIP )
            $PortStart = StringInStr ( $CheckIP, ":5190" )



              If ( $IPStart >0 ) and ( $PortStart>0 ) then
                      MsgBox(4096, "Test", "test")
              if StringInStr ( $CheckIP, $ServerIP & $IP1 ) > 0 then $hit = 1
              EndIf

          $A = $A + 1
      next
      
        if $hit = 1 then
          IpFound ()
          Endif
        EndIf

  Return

EndFunc

Func IpFound ()
    
    MsgBox(4096, "Test3", "yep")
    
EndFunc

I guess in the end what it needs to do is check throught the txt. If it finds the ip it also logs the localport. Then when it comes back around in the bigger script I have it will check it again but if it see the same ip it will first check the port before going IpFound()

Share this post


Link to post
Share on other sites



If I may ask what is "regexp" ?

Oh and I guess I should also add in here is how i'm getting that list

RunWait( @ComSpec & " /c " & 'netstat -n>c:\ip.txt' , "", @SW_HIDE )

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

If I may ask what is "regexp" ?

Regular Expressions. Check out this:

dim $array[12]
$array[0]  = "Active Connections"
$array[1]  = ""
$array[2]  = "  Proto  Local Address          Foreign Address       State"
$array[3]  = ""
$array[4]  = "  TCP 192.168.0.101:1171   64.12.24.196:5190    ESTABLISHED"
$array[5]  = "  TCP 192.168.0.101:1306   207.150.170.236:6667   ESTABLISHED"
$array[6]  = "  TCP 192.168.0.101:1688   63.241.83.11:6112    TIME_WAIT"
$array[7]  = "  TCP 192.168.0.101:1689   63.241.83.8:6112      ESTABLISHED"
$array[8]  = "  TCP 192.168.0.101:1690   63.241.83.18:6112    TIME_WAIT"
$array[9]  = "  TCP 192.168.0.101:1692   63.241.83.9:6112      TIME_WAIT"
$array[10] = "  TCP 192.168.0.101:1693   63.241.83.9:6112      TIME_WAIT"
$array[11] = "  TCP 192.168.0.101:1694   63.241.83.9:6112      TIME_WAIT"

;$pattern = "\s*TCP\s*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(\d*)\s*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(\d*).*" 
;$pattern ="\s*((?:\d{1,3}\.){3}\d{1,3}):(\d*)\s*((?:\d{1,3}\.){3}\d{1,3}):(\d*).*"
;$pattern = "\s*((?:\d+\.){3}\d+):(\d*)\s*((?:\d+\.){3}\d+):(\d*).*" 

;==================================================================
;== As the text is an output of netstat, there is no need to be 
;== overly careful to check the IP syntax, so the following pattern
;== will do
;==================================================================
$pattern = "\s*((?:\d+\.)+\d+):(\d+)\s*((?:\d+\.)+\d+):(\d+).*" 

for $n = 0 to Ubound($array)-1
   if StringInStr($array[$n],"TCP") then
      $ips_and_ports = StringRegExp($array[$n],$pattern,1)
      for $i = 0 to Ubound($ips_and_ports)-1
          msgbox(0,"", $ips_and_ports[$i])
      next
   endif
next

Just wrap my code with some file reading "stuff".

EDIT: Changed the pattern to a shorter one.

Cheers

Kurt

Edited by /dev/null

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

First thanks for the help guys. /dev/null/ Your code looks great but its quite hard for me understand but i'm slowly going through it. When i first checked out some of the functions and examples on the documentation it all seemed good but one thing

$ips_and_ports = StringRegExp($array[$n],$pattern,1)

$ips_and_ports = ^ ERROR

that function is not there.

Edited by doomkiller

Share this post


Link to post
Share on other sites

$ips_and_ports = StringRegExp($array[$n],$pattern,1)

$ips_and_ports = ^ ERROR

that function is not there.

StringRegExp is only available in the current beta. http://www.autoitscript.com/autoit3/files/beta/autoit/ Please install that and then try again.

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

just a little sugestion, if its always the top item in the list you could try to just read that single line.

like..

$IP = FileReadLine("C:\IP.txt", 4) *guessing its line 5 from the example*

or, use a do until loop and substitute the 4 for an increasing integer. and search each line for text that has "5190" using StringInStr.

Edited by Bi0haZarD

Share this post


Link to post
Share on other sites

$array[4]  = "  TCP    192.168.0.101:1171    64.12.24.196:5190      ESTABLISHED"

Why not grab both parts of the line at the same time? Put the first line into a variable called $rawline. Then have two trim statements:

One that trims $rawline from the first colon to the three spaces to the right of the first port number, and

One that trims everything in $rawline from the first colon to the left, then trims the remaining segment to the 3 spaces in the middle to the three spaces on the right:

$port = stringleft(stringtrimleft($rawline,stringinstr($rawline,":"),"   ")
$ip = you do the math (I'm not at my desk to do it for you)

...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0