rewritten variables
This commit is contained in:
Palma Solutions LTD
61
run.sh
61
run.sh
@@ -1,38 +1,42 @@
|
||||
#bin/sh!
|
||||
|
||||
# defines
|
||||
user = $(whoami)
|
||||
log_file = $user.txt
|
||||
|
||||
echo '[*] Fixing file and folder permissions:';
|
||||
# Directories
|
||||
find public_html/ -perm 0000 -follow -type d -print -exec chmod 755 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm +og+w -follow -type d -print -exec chmod 755 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm 0000 -follow -type d -print -exec chmod 755 {} \; >> $log_file
|
||||
find public_html/ -perm +og+w -follow -type d -print -exec chmod 755 {} \; >> $log_file
|
||||
# Files
|
||||
find public_html/ -perm 0000 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm 0400 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm 0440 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm 0444 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm 0555 -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm +og+w -follow -type f -print -exec chmod 644 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm 0000 -follow -type f -print -exec chmod 644 {} \; >> $log_file
|
||||
find public_html/ -perm 0400 -follow -type f -print -exec chmod 644 {} \; >> $log_file
|
||||
find public_html/ -perm 0440 -follow -type f -print -exec chmod 644 {} \; >> $log_file
|
||||
find public_html/ -perm 0444 -follow -type f -print -exec chmod 644 {} \; >> $log_file
|
||||
find public_html/ -perm 0555 -follow -type f -print -exec chmod 644 {} \; >> $log_file
|
||||
find public_html/ -perm +og+w -follow -type f -print -exec chmod 644 {} \; >> $log_file
|
||||
# Perl/CGI
|
||||
find public_html/ -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \; >> $(whoami).txt
|
||||
find public_html/ -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \; >> $log_file
|
||||
find public_html/ -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \; >> $log_file
|
||||
|
||||
echo
|
||||
echo '[*] Removing data garbage like error logs:';
|
||||
|
||||
echo >> $(whoami).txt
|
||||
find public_html/ -type f -name "error_log" -exec rm -rfv {} \; >> $(whoami).txt
|
||||
echo >> $log_file
|
||||
find public_html/ -type f -name "error_log" -exec rm -rfv {} \; >> $log_file
|
||||
|
||||
echo '[*] Running the malware cleaner:';
|
||||
perl /home/$(whoami)/public_html/LP-MSH-Scanner/malwaresh.pl $(whoami) >> $(whoami).txt
|
||||
echo >> $(whoami).txt
|
||||
perl public_html/LP-MSH-Scanner/malwaresh.pl $user >> $log_file
|
||||
echo >> $log_file
|
||||
echo '[*] Running the Python scanner :';
|
||||
python /home/$(whoami)/public_html/LP-MSH-Scanner/scan.py --minscore=10 /home/$(whoami) | grep filename >> $(whoami).txt
|
||||
echo >> $(whoami).txt
|
||||
python public_html/LP-MSH-Scanner/scan.py --minscore=10 /home/$user | grep filename >> $log_file
|
||||
echo >> $log_file
|
||||
echo '[*] Running the CMS Version Scanner:';
|
||||
php -d memory_limit=512M /home/$(whoami)/public_html/LP-MSH-Scanner/cms-vss.php $(whoami) >> $(whoami).txt
|
||||
echo >> $(whoami).txt
|
||||
php -d memory_limit=512M public_html/LP-MSH-Scanner/cms-vss.php $user >> $log_file
|
||||
echo >> $log_file
|
||||
echo '[*] Running the PHP Scanner:';
|
||||
cd /home/$(whoami)/public_html/LP-MSH-Scanner && php -d memory_limit=512M scan.php >> /home/$(whoami)/$(whoami).txt
|
||||
echo >> $(whoami).txt
|
||||
cd /home/$user/public_html/LP-MSH-Scanner && php -d memory_limit=512M scan.php >> /home/$user/$log_file
|
||||
echo >>
|
||||
# SOP
|
||||
# Fix .htaccess
|
||||
# find /home/$(whoami)/public_html/ -type f -name ".htaccess -print -exec cat $htaccess >> {} \;
|
||||
@@ -48,16 +52,21 @@ echo >> $(whoami).txt
|
||||
# fi
|
||||
#
|
||||
# checking for unrelated
|
||||
echo '[*] Suspicious files in /tmp?';
|
||||
ls -al /tmp/ | grep $user | grep -v sess_
|
||||
echo
|
||||
echo '[*] Processes running:';
|
||||
ps -eo pid,user,cmd | grep $user
|
||||
echo '[*] Checking for Unrelated Data';
|
||||
echo >> $(whoami).txt
|
||||
echo >> $log_file
|
||||
echo '[*] Directories with more than 1GB size:';
|
||||
du -h ./ | grep '[0-9]G\>' >> $(whoami).txt
|
||||
echo >> $(whoami).txt
|
||||
du -h ./ | grep '[0-9]G\>' >> $log_file
|
||||
echo >> $log_file
|
||||
echo '[*] Files with more than 10M size:';
|
||||
find ./ -size +10000k -exec du -sh {} \; >> $(whoami).txt
|
||||
find ./ -size +10000k -exec du -sh {} \; >> $log_file
|
||||
|
||||
echo 'Results available in: /home/$(whoami)/$(whoami).txt' | mail -s 'MSH Scan of `whoami`' mshteam@lunarpages.com
|
||||
echo 'Results available in: /home/$user/$log_file' | mail -s 'MSH Scan of `whoami`' mshteam@lunarpages.com
|
||||
|
||||
echo '[*] Job done... removing the scanner';
|
||||
rm -rf /home/$(whoami)/public_html/LP-MSH-Scanner
|
||||
rm -rf /home/$user/public_html/LP-MSH-Scanner
|
||||
|
||||
|
||||
Reference in New Issue
Block a user