LP-MSH-Scanner/run.sh

#bin/sh!

echo '[*] Fixing file and folder permissions:'; 
    # Directories
    find public_html/ -perm 0000 -follow -type d -print -exec chmod 755 {} \; >> $(whoami).txt
    find public_html/ -perm +og+w -follow -type d -print -exec chmod 755 {} \; >> $(whoami).txt
    # Files
    find public_html/ -perm 0000 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
    find public_html/ -perm 0400 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
    find public_html/ -perm 0440 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
    find public_html/ -perm 0444 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
    find public_html/ -perm 0555 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
    find public_html/ -perm +og+w -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
    # Perl/CGI
    find public_html/ -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \; >> $(whoami).txt
    find public_html/ -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \; >> $(whoami).txt

echo
echo '[*] Removing data garbage like error logs:'; 

echo >> $(whoami).txt
    find public_html/ -type f -name "error_log" -exec rm -rfv {} \; >> $(whoami).txt

echo '[*] Running the malware cleaner:';
    perl /home/$(whoami)/public_html/LP-MSH-Scanner/malwaresh.pl $(whoami) >> $(whoami).txt
echo >> $(whoami).txt
echo '[*] Running the Python scanner :';
    python /home/$(whoami)/public_html/LP-MSH-Scanner/scan.py --minscore=10 /home/$(whoami) | grep filename >> $(whoami).txt
echo >> $(whoami).txt
echo '[*] Running the CMS Version Scanner:';
    php -d memory_limit=512M /home/$(whoami)/public_html/LP-MSH-Scanner/cms-vss.php $(whoami) >> $(whoami).txt
echo >> $(whoami).txt
echo '[*] Running the PHP Scanner:';
    cd /home/$(whoami)/public_html/LP-MSH-Scanner && php -d memory_limit=512M scan.php >> /home/$(whoami)/$(whoami).txt
echo >> $(whoami).txt
# SOP
# Fix .htaccess
# find /home/$(whoami)/public_html/ -type f -name ".htaccess -print -exec cat $htaccess >> {} \;
# Fix php.ini / .user.ini
# find /home/$(whoami)/public_html/ -type f -name ".user.ini" -print -exec cat $php-ini >> {} \;
# find /home/$(whoami)/public_html/ -type f -name "php.ini" -print -exec cat $php-ini >> {} \;
# Fix /tmp
# find /home/$(whoami)/public_html -type d -name "uploads" -print -exec cat $tmp >> {} \;
# Full cPanel backup
# DIRSIZE = "du -shb /home/$(whoami) | cut -f1";
#   if [[ $DIRSIZE <  5368709120 ]]; then
#   do_backup
#   fi
#
# checking for unrelated
echo '[*] Checking for Unrelated Data'; 
echo >> $(whoami).txt
echo '[*] Directories with more than 1GB size:'; 
    du -h ./ | grep '[0-9]G\>' >> $(whoami).txt
echo >> $(whoami).txt
echo '[*] Files with more than 10M size:'; 
    find ./ -size +10000k -exec du -sh {} \; >> $(whoami).txt

    echo 'Results available in: /home/$(whoami)/$(whoami).txt' | mail -s 'MSH Scan of `whoami`' mshteam@lunarpages.com 

echo '[*] Job done... removing the scanner';
    rm -rf /home/$(whoami)/public_html/LP-MSH-Scanner
new patterns, automation 2019-02-09 10:09:34 +01:00			`#bin/sh!`

tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Fixing file and folder permissions:';`
changed mailing options 2019-02-09 20:53:17 +01:00			`# Directories`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`find public_html/ -perm 0000 -follow -type d -print -exec chmod 755 {} \; >> $(whoami).txt`
			`find public_html/ -perm +og+w -follow -type d -print -exec chmod 755 {} \; >> $(whoami).txt`
changed mailing options 2019-02-09 20:53:17 +01:00			`# Files`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`find public_html/ -perm 0000 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt`
			`find public_html/ -perm 0400 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt`
			`find public_html/ -perm 0440 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt`
			`find public_html/ -perm 0444 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt`
changed mailing options 2019-02-09 20:53:17 +01:00			`find public_html/ -perm 0555 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`find public_html/ -perm +og+w -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt`
new patterns, automation 2019-02-09 10:09:34 +01:00			`# Perl/CGI`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`find public_html/ -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \; >> $(whoami).txt`
			`find public_html/ -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \; >> $(whoami).txt`
changed mailing options 2019-02-09 20:53:17 +01:00
new patterns, automation 2019-02-09 10:09:34 +01:00			`echo`
tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Removing data garbage like error logs:';`
changed mailing options 2019-02-09 20:53:17 +01:00
ugly fix for logging 2019-02-09 10:41:34 +01:00			`echo >> $(whoami).txt`
			`find public_html/ -type f -name "error_log" -exec rm -rfv {} \; >> $(whoami).txt`
updated run.sh 2019-02-09 10:22:28 +01:00
tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Running the malware cleaner:';`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`perl /home/$(whoami)/public_html/LP-MSH-Scanner/malwaresh.pl $(whoami) >> $(whoami).txt`
			`echo >> $(whoami).txt`
tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Running the Python scanner :';`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`python /home/$(whoami)/public_html/LP-MSH-Scanner/scan.py --minscore=10 /home/$(whoami) \| grep filename >> $(whoami).txt`
			`echo >> $(whoami).txt`
tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Running the CMS Version Scanner:';`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`php -d memory_limit=512M /home/$(whoami)/public_html/LP-MSH-Scanner/cms-vss.php $(whoami) >> $(whoami).txt`
			`echo >> $(whoami).txt`
tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Running the PHP Scanner:';`
fix for logging 2019-02-09 11:03:35 +01:00			`cd /home/$(whoami)/public_html/LP-MSH-Scanner && php -d memory_limit=512M scan.php >> /home/$(whoami)/$(whoami).txt`
ugly fix for logging 2019-02-09 10:41:34 +01:00			`echo >> $(whoami).txt`
changed mailing options 2019-02-09 20:53:17 +01:00			`# SOP`
			`# Fix .htaccess`
			`# find /home/$(whoami)/public_html/ -type f -name ".htaccess -print -exec cat $htaccess >> {} \;`
			`# Fix php.ini / .user.ini`
			`# find /home/$(whoami)/public_html/ -type f -name ".user.ini" -print -exec cat $php-ini >> {} \;`
			`# find /home/$(whoami)/public_html/ -type f -name "php.ini" -print -exec cat $php-ini >> {} \;`
			`# Fix /tmp`
			`# find /home/$(whoami)/public_html -type d -name "uploads" -print -exec cat $tmp >> {} \;`
			`# Full cPanel backup`
			`# DIRSIZE = "du -shb /home/$(whoami) \| cut -f1";`
			`# if [[ $DIRSIZE < 5368709120 ]]; then`
			`# do_backup`
			`# fi`
			`#`
			`# checking for unrelated`
			`echo '[*] Checking for Unrelated Data';`
			`echo >> $(whoami).txt`
			`echo '[*] Directories with more than 1GB size:';`
			`du -h ./ \| grep '[0-9]G\>' >> $(whoami).txt`
			`echo >> $(whoami).txt`
			`echo '[*] Files with more than 10M size:';`
			`find ./ -size +10000k -exec du -sh {} \; >> $(whoami).txt`

			echo 'Results available in: /home/$(whoami)/$(whoami).txt' \| mail -s 'MSH Scan of `whoami`' mshteam@lunarpages.com

tweaks 2019-02-09 10:50:46 +01:00			`echo '[*] Job done... removing the scanner';`
changed mailing options 2019-02-09 20:53:17 +01:00			`rm -rf /home/$(whoami)/public_html/LP-MSH-Scanner`
added mailing 2019-02-09 10:29:35 +01:00