/
usr
/
local
/
lp
/
apps
/
malre
/
texts
/
File Upload :
llllll
Current File: //usr/local/lp/apps/malre/texts/job_source_template.txt
### This will initialize a malware remediation job ### It NEEDS to be sourced rather than ran, otherwise it will not appropriately set environmental variables \shopt -u expand_aliases #==============================================# #== Find what IP the User is Connecting From ==# #==============================================# v_TTY="$(mytty=$(tty); echo ${mytty:5})" ### There are three fairly reliable ways to capture the IP address - one of these HAD BETTER get us the desired results export v_MALWARE_REMEDIATION_IP_ADDRESS="$(who|grep -P "$v_TTY\s+" | awk '{print $5}' | sed "s/[()]//g" | sed s/:S.*$// )" if [[ -z $v_MALWARE_REMEDIATION_IP_ADDRESS ]]; then export v_MALWARE_REMEDIATION_IP_ADDRESS="$( echo "$SSH_CONNECTION" | awk '{ print $1 }' )" fi if [[ -z $v_MALWARE_REMEDIATION_IP_ADDRESS ]]; then export v_MALWARE_REMEDIATION_IP_ADDRESS="$( echo "$SSH_CLIENT" | awk '{ print $1 }' )" fi ### If none of them do, we won't know who's running the commands, but we'll at least know that we don't know. if [[ -z $v_MALWARE_REMEDIATION_IP_ADDRESS ]]; then export v_MALWARE_REMEDIATION_IP_ADDRESS="Unknown IP" fi unset v_JIDENT v_DIR v_ACCOUNT v_HOMEDIR v_TICKET v_STAMP v_TTY #===========================# #== Set Initial Variables ==# #===========================# ### Section 1 \shopt -u expand_aliases d_WORKING="$d_PROGRAM"/.malre/ source "$d_PROGRAM"/source_includes/basic.shf export v_MALWARE_REMEDIATION_IDENT="$v_JIDENT""-""$v_AIDENT" export v_MALWARE_REMEDIATION_INSTALL="$d_PROGRAM" #==================================# #== Populate the Admin Directory ==# #==================================# mkdir -p "$v_DIR2" echo -n "$( date +%s )" > "$v_DIR2"/touch echo -n "$v_MALWARE_REMEDIATION_IP_ADDRESS" > "$v_DIR2"/address echo -n "$v_JIDENT" > "$v_DIR2"/job echo "$v_JIDENT" >> "$v_DIR2"/jobs ### Section 2 \shopt -u expand_aliases #================================# #== Populate the Job Directory ==# #================================# echo -n "$( date +%s )" > "$v_DIR"/init echo -n "$( date +%s )" > "$v_DIR"/touch echo -n "$v_HOMEDIR" > "$v_DIR"/homedir if [[ -n $v_TICKET ]]; then echo "$v_TICKET"":$( date +%s )" > "$v_DIR"/tickets fi mkdir -p "$v_DIR"/actions function fn_homedirs { ### cPanel encourages web content outside of public_html Lets find any directory that some might be in local i for i in $( \ls -1 "$v_HOMEDIR"/ ); do if [[ -d "$v_HOMEDIR"/"$i" && ! -L "$v_HOMEDIR"/"$i" && ${i:0:1} != "." ]]; then if [[ $( echo "$i" | egrep -vc "(^(etc|logs|mail|perl5|var|ssl)$)|\s" ) -gt 0 ]]; then echo "$v_HOMEDIR"/"$i"":$( date +%s )" fi fi done } fn_homedirs > "$v_DIR"/directories ### Section 3 \shopt -u expand_aliases #=================# #== Final Steps ==# #=================# ### Populate this last if [[ -n "$v_ACCOUNT" ]]; then echo -n "$v_ACCOUNT" > "$v_DIR"/account fi if [[ "$v_STAMP" -lt $(( $( date +%s ) - 900 )) || ( "$v_TYPE" == "take2" && -n "$STY" ) ]]; then export v_MALWARE_REMEDIATION_IP_ADDRESS= export v_MALWARE_REMEDIATION_IDENT= export v_MALWARE_REMEDIATION_INSTALL= unset v_MALWARE_REMEDIATION_IP_ADDRESS v_MALWARE_REMEDIATION_IDENT v_MALWARE_REMEDIATION_INSTALL fi if [[ "$v_TYPE" == "init" ]]; then echo "$v_JIDENT - Initialized" elif [[ "$v_TYPE" == "take" || "$v_TYPE" == "take2" ]]; then echo "$v_JIDENT - Taken" fi "$d_PROGRAM"/malre.sh --info "$v_JIDENT" ### And remove this file fn_rm "$v_SRC" if [[ "$v_TYPE" == "take2" && -n "$STY" ]]; then exit fi source "$d_PROGRAM"/source_includes/basic_close.shf unset v_JIDENT v_AIDENT v_SRC v_DIR v_DIR2 v_ACCOUNT v_HOMEDIR v_TICKET v_STAMP d_PROGRAM v_TYPE shopt -s expand_aliases ### Section 4
Copyright ©2k19 -
Hexid
|
Tex7ure