Sample Tool 1 - Text Instructions

In https://repl.it select Python as your language.

Add this code to the main.py file

import re

f = open('access.log')

log_contents = filter(None, f.read().split('\n'))

for line in (log_contents):
  entries = re.findall(r'"([^"]*)"', line)
  url = entries[0].split(' ')[1]
  url_parts = url.split('?')

  if(len(url_parts) > 1):
    query = url_parts[1]
    if(query.find('password') > -1):
      print("Likely credentials found:")
      print(query)
      print("\n")

and create a second file called access.log and add these sample log statements there

94.167.184.155 - - [19/Sep/2018:10:22:14 +0000] "GET /articles/5028709.php HTTP/1.1" 200 10246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"

144.12.70.101 - - [20/Sep/2018:00:05:29 +0000] "GET /articles/5022932.php HTTP/1.1" 200 10246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"
183.184.138.125 - - [20/Sep/2018:05:05:29 +0000] "GET /articles/5022932.php HTTP/1.1" 200 10246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"

192.168.1.1 - - [20/Sep/2018:01:02:03 +0000] "GET /login.php?username=admin&password=adminpass HTTP/1.1" 200 12345 "_" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36"

46.127.174.227 - - [20/Sep/2018:05:02:32 +0000] "GET /articles/5022586.php HTTP/1.1" 200 10246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"

106.108.188.14 - - [20/Sep/2018:11:15:30 +0000] "GET /about.php HTTP/1.1" 200 10246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"

192.168.1.1 - - [20/Sep/2018:14:42:54 +0000] "GET /login.php?username=john&password=secret! HTTP/1.1" 200 24355 "_" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36"

Now run the tool using the "Run" button in the top menu bar of the repl.it site.

You should see output like this

Python 3.6.1 (default, Dec 2015, 13:05:11)
[GCC 4.8.2] on linux
   
Likely credentials found:
username=admin&password=adminpass


Likely credentials found:
username=john&password=secret!


Complete and Continue