refactor: enhance tracker integration and memory cleanup logic
This commit is contained in:
Lorenzo Venerandi
@@ -13,7 +13,7 @@ from fastapi import FastAPI, Request, Response
|
||||
from fastapi.staticfiles import StaticFiles
|
||||
|
||||
from config import get_config
|
||||
from tracker import AccessTracker
|
||||
from tracker import AccessTracker, set_tracker
|
||||
from database import initialize_database
|
||||
from tasks_master import get_tasksmaster
|
||||
from logger import initialize_logging, get_app_logger
|
||||
@@ -40,6 +40,7 @@ async def lifespan(app: FastAPI):
|
||||
|
||||
# Initialize tracker
|
||||
tracker = AccessTracker(config.max_pages_limit, config.ban_duration_seconds)
|
||||
set_tracker(tracker)
|
||||
|
||||
# Store in app.state for dependency injection
|
||||
app.state.config = config
|
||||
|
||||
@@ -391,11 +391,23 @@ async def trap_page(request: Request, path: str):
|
||||
if "wordpress" in full_path.lower():
|
||||
return HTMLResponse(html_templates.wordpress())
|
||||
|
||||
if tracker.is_suspicious_user_agent(user_agent):
|
||||
is_suspicious = tracker.is_suspicious_user_agent(user_agent)
|
||||
|
||||
if is_suspicious:
|
||||
access_logger.warning(
|
||||
f"[SUSPICIOUS] {client_ip} - {user_agent[:50]} - {full_path}"
|
||||
)
|
||||
|
||||
# Always record trap page access (feeds total counter + suspicious panel).
|
||||
# Only store raw_request for suspicious/attack requests to avoid DB bloat.
|
||||
tracker.record_access(
|
||||
ip=client_ip,
|
||||
path=full_path,
|
||||
user_agent=user_agent,
|
||||
method=request.method,
|
||||
raw_request=build_raw_request(request) if is_suspicious else "",
|
||||
)
|
||||
|
||||
# Random error response
|
||||
if _should_return_error(config):
|
||||
error_code = _get_random_error_code()
|
||||
|
||||
@@ -28,21 +28,21 @@ def main():
|
||||
Called periodically to prevent unbounded memory growth.
|
||||
"""
|
||||
try:
|
||||
# Import here to avoid circular imports
|
||||
from handler import Handler
|
||||
from tracker import get_tracker
|
||||
|
||||
if not Handler.tracker:
|
||||
tracker = get_tracker()
|
||||
if not tracker:
|
||||
app_logger.warning("Tracker not initialized, skipping memory cleanup")
|
||||
return
|
||||
|
||||
# Get memory stats before cleanup
|
||||
stats_before = Handler.tracker.get_memory_stats()
|
||||
stats_before = tracker.get_memory_stats()
|
||||
|
||||
# Run cleanup
|
||||
Handler.tracker.cleanup_memory()
|
||||
tracker.cleanup_memory()
|
||||
|
||||
# Get memory stats after cleanup
|
||||
stats_after = Handler.tracker.get_memory_stats()
|
||||
stats_after = tracker.get_memory_stats()
|
||||
|
||||
# Log changes
|
||||
access_log_reduced = (
|
||||
|
||||
@@ -11,6 +11,20 @@ from wordlists import get_wordlists
|
||||
from database import get_database, DatabaseManager
|
||||
from ip_utils import is_local_or_private_ip, is_valid_public_ip
|
||||
|
||||
# Module-level singleton for background task access
|
||||
_tracker_instance: "AccessTracker | None" = None
|
||||
|
||||
|
||||
def get_tracker() -> "AccessTracker | None":
|
||||
"""Get the global AccessTracker singleton (set during app startup)."""
|
||||
return _tracker_instance
|
||||
|
||||
|
||||
def set_tracker(tracker: "AccessTracker"):
|
||||
"""Store the AccessTracker singleton for background task access."""
|
||||
global _tracker_instance
|
||||
_tracker_instance = tracker
|
||||
|
||||
|
||||
class AccessTracker:
|
||||
"""
|
||||
@@ -88,7 +102,7 @@ class AccessTracker:
|
||||
"path_traversal": r"\.\.",
|
||||
"sql_injection": r"('|--|;|\bOR\b|\bUNION\b|\bSELECT\b|\bDROP\b)",
|
||||
"xss_attempt": r"(<script|javascript:|onerror=|onload=)",
|
||||
"common_probes": r"(wp-admin|phpmyadmin|\.env|\.git|/admin|/config)",
|
||||
"common_probes": r"(/admin|/backup|/config|/database|/private|/uploads|/wp-admin|/login|/phpMyAdmin|/phpmyadmin|/users|/search|/contact|/info|/input|/feedback|/server|/api/v1/|/api/v2/|/api/search|/api/sql|/api/database|\.env|/credentials\.txt|/passwords\.txt|\.git|/backup\.sql|/db_backup\.sql)",
|
||||
"command_injection": r"(\||;|`|\$\(|&&)",
|
||||
}
|
||||
|
||||
|
||||
@@ -469,7 +469,8 @@
|
||||
"lfi_rfi": "(file://|php://|expect://|data://|zip://|phar://|/etc/passwd|/etc/shadow|/proc/self|c:\\\\windows)",
|
||||
"xxe_injection": "(<!ENTITY|<!DOCTYPE|SYSTEM\\s+[\"']|PUBLIC\\s+[\"']|&\\w+;|file://|php://filter|expect://)",
|
||||
"ldap_injection": "(\\*\\)|\\(\\||\\(&)",
|
||||
"command_injection": "(cmd=|exec=|command=|execute=|system=|ping=|host=|&&|\\|\\||;|\\$\\{|\\$\\(|`|\\bid\\b|\\bwhoami\\b|\\buname\\b|\\bcat\\b|\\bls\\b|\\bpwd\\b|\\becho\\b|\\bwget\\b|\\bcurl\\b|\\bnc\\b|\\bnetcat\\b|\\bbash\\b|\\bsh\\b|\\bps\\b|\\bkill\\b|\\bchmod\\b|\\bchown\\b|\\bcp\\b|\\bmv\\b|\\brm\\b|/bin/bash|/bin/sh|cmd\\.exe|/bin/|/usr/bin/|/sbin/)"
|
||||
"command_injection": "(cmd=|exec=|command=|execute=|system=|ping=|host=|&&|\\|\\||;|\\$\\{|\\$\\(|`|\\bid\\b|\\bwhoami\\b|\\buname\\b|\\bcat\\b|\\bls\\b|\\bpwd\\b|\\becho\\b|\\bwget\\b|\\bcurl\\b|\\bnc\\b|\\bnetcat\\b|\\bbash\\b|\\bsh\\b|\\bps\\b|\\bkill\\b|\\bchmod\\b|\\bchown\\b|\\bcp\\b|\\bmv\\b|\\brm\\b|/bin/bash|/bin/sh|cmd\\.exe|/bin/|/usr/bin/|/sbin/)",
|
||||
"common_probes": "(/admin|/backup|/config|/database|/private|/uploads|/wp-admin|/login|/phpMyAdmin|/phpmyadmin|/users|/search|/contact|/info|/input|/feedback|/server|/api/v1/|/api/v2/|/api/search|/api/sql|/api/database|\\.env|/credentials\\.txt|/passwords\\.txt|\\.git|/backup\\.sql|/db_backup\\.sql)"
|
||||
},
|
||||
"server_headers": [
|
||||
"Apache/2.4.41 (Ubuntu)",
|
||||
|
||||
Reference in New Issue
Block a user