cPanel / Plesk Scan Script (Out-of-date)
Took me a while to make this but I enjoyed doing it anyways.
The purpose is basically to scan for files that have been modified or created in the past 14 days (20160 minutes), a list of running processes, processes listening on ports (and their PID) and some other information on the system it is being run on.
Just a note it *DOES HAVE TO BE RUN AS ROOT*.
If you want to just straight up wget and run it, you can run the following (Just make sure you are the root user):
wget http://www.dbiers.me/tools/runscan.sh;chmod +x runscan.sh;./runscan.sh;rm -f runscan.sh
#!/bin/bash
clear
echo -e " ___ ______ ___ "
echo -e ".-----.' _| |.' _|.---.-.----.--------."
echo -e "| | _| -- || _|| _ | _| |"
echo -e "|__|__|__| |______||__| |___._|__| |__|__|__|"
echo -e ""
echo -e " Information Grabbing Utility"
echo -e " By : David B."
echo -e " ServerBeach Support\n"
###############################################################
# Notes that should not be ignored when running the script.
# These describe that the end file will need to be somewhere
# that is publicly accessible so that it can be opened in
# your browser when completed.
echo -e "NOTE: This script will need to be run as the root user.\nNOTE: Also please keep in mind that the file will need to be publicly\naccessible to the internet and that you WILL be prompted for a URL.\n"
echo -e "IDEALY This should be run in the root of a website directory\nIE: /home/<user>/public_html/.\n"
echo -n "Enter the Full URL (trailing slash included) of the website
where this file is going to be accessible from: "
read ScanWebsiteURL
echo -e ""
###############################################################
# Pick a control panel - cPanel or Plesk. If no control panel
# is chosen then the script will fail to run correctly.
echo -n "Plesk server or cPanel? (1 for cPanel, 2 for Plesk): "
read cptype
scanhome="none"
###############################################################
# Setting scan locations depending on which control panel was
# chosen. cPanel default home directorys are in
# /home/<username>/public_html/. and Plesk default location is
# /var/www/vhosts/<account>/httpdocs/.
if [ "$cptype" = "1" ]; then
scanhome="/home/*/public_html/*"
cpname="cPanel"
elif [ "$cptype" = "2" ]; then
scanhome="/var/www/vhosts/*/httpdocs/*"
cpname="Plesk Panel"
fi
###############################################################
# Begin to relay information back to script executioner.
echo -e "\nSelected Control Panel: $cpname"
echo -e "Site(s) Scan Targets: $scanhome\n"
read -p "Hit [ENTER] when you are ready to start farming!"
###############################################################
# Set date and time of script execution according to server time.
execdate=`date`
echo -e "\n\nScript started @ $execdate."
echo -e "\nGrabbing Data!"
###############################################################
# Set user/group that finished file will be chown'd to:
usergroupuser=`ls -l | grep index | awk '{print $3}'`
usergroupgroup=`ls -l | grep index | awk '{print $4}'`
echo -e "User: $usergroupuser\nGroup: $usergroupgroup"
###############################################################
# Grab extra information on kernel, IP, hostname:
hostkernel=`uname -sr`
hosthostname=`hostname`
hostprimaryip=`ifconfig eth0 | grep inet\ addr | awk '{print $2}' | cut -c6-`
echo -e "Kernel: $hostkernel\nHostname: $hosthostname\nPrimary IP: $hostprimaryip\n"
sleep 2
###############################################################
# Find files modified in the past 14 days (CP Type)
sleep 1
clear
echo "Scanning $scanhome for files modified/created in the past 14 days."
find $scanhome -mmin -20160 | tee 14-day-mod.txt
echo -e "\nDone."
###############################################################
# Getting the list of running processes, send to file/console:
sleep 1;clear;echo "Getting list of processes and sending to file/terminal in 1 second.";sleep 2
ps -eo user,pid,pcpu,start,time,comm,cmd | tee running-processes.txt
echo -e "\nDone"
###############################################################
# Grabbing Output Of "netstat -aonp" and passing to file/term.
sleep 1
clear
echo "Grabbing output of Netstat..."
netstat -aonp | tee netstat-aonp.txt
echo -e "\nDone."
###############################################################
# Free Memory, Disks, CPU Info
# RAM
free -m | tee sysinfo-freeram.txt
echo -e ""
# Disks
fdisk -l > tmp-sysinfo-fdisk.txt
sed 1d tmp-sysinfo-fdisk.txt | tee sysinfo-fdisk.txt
rm -f tmp-sysinfo-fdisk.txt
echo -e ""
# Disks Usage
df -h | tee sysinfo-diskfree.txt
echo -e ""
# CPU Info
cat /proc/cpuinfo | grep "model name" | uniq | tee sysinfo-cpuinfo.txt
echo -e ""
# WHO/Uptime
w | tee sysinfo-who.txt
echo -e ""
# Script Location
pwd | tee sysinfo-scriptlocation.txt
echo -e "\n Done."
sleep 2
###############################################################
# Contents of /tmp and /var/tmp
clear
echo -e "Grabbing Contents of /tmp and /var/tmp...\n\n"
sleep 1
ls -laR /tmp | tee contents-tmp.txt
ls -laR /var/tmp | tee contents-vartmp.txt
echo -e "\nDone."
###############################################################
# Root users crontab
clear
echo -e "Grabbing Root Users Crontab...\n\n"
sleep 1
crontab -l | tee rootusercrontab.txt
echo -e "\nDone."
sleep 1
###############################################################
###############################################################
# #
# Begin Generating the End File #
# #
###############################################################
###############################################################
###############################################################
# Begin Generating Random Named File with Content
randomname=`echo $RANDOM$RANDOM$RANDOM`
clear
echo -e "The file will be named: $randomname.php\n"
read -p "Hit [ENTER] when you are ready to generate the final file..."
echo -e "Generating...\n"
sleep 2
clear
###############################################################
# Create file and add headers:
touch $randomname.php
echo "<?php
/*
Generated On: $execdate
Script By: David Biers
ServerBeach Support Level 2
*/
?>" >> $randomname.php
echo "<html>
<head>
<title>Scan Report for $hosthostname on $execdate</title>
<style type=\"text/css\">
body {
background:#111;
font-family: Verdana, Tahoma, Helvetica, sans-serif;
font-size:12px;
color:#ccc;
margin:0px 0px 0px 0px;
}
#wrap {
width:800px;
min-height:100px;
margin:0 auto;
margin-top:35px;
padding:10px 10px 10px 10px;
}
div.infobox {
background:#333;
padding:15px 15px 15px 15px;
width:800px;
font-size:12px;
line-height:18px;
border-radius:10px;
border:1px solid #555;
}
div.footer {
background:#181818;
color:#333;
margin-top:15px;
padding:15px 15px 15px 15px;
width:800px;
font-size:12px;
line-height:18px;
border-radius:10px;
text-align:right;
}
.content {
margin:0 auto;
text-align:center;
}
h4.expander {
padding:0px 0px 0px 0px;
margin:0px 0px 0px 0px;
font-size:16px;
font-weight:bold;
cursor:pointer;
}
a:link {
font-weight:bold;
text-decoration:none;
color:#ff1000;
}
a:visited {
font-weight:bold;
text-decoration:none;
color:#ff1000;
}
a:hover {
font-weight:bold;
text-decoration:none;
color:#fff;
}
a:active {
font-weight:bold;
text-decoration:none;
color:#ff1000;
}
div.codebox {
border:1px solid #444;
border-radius:10px;
text-align:left;
background:#1c1c1c;
padding:5px 5px 5px 5px;
height:auto;
}
div.codebox pre {
padding-left:10px;
}
div.footer {
</style>
<!-- Include jQuery from Google -->
<script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js\"></script>
<script type=\"text/javascript\">
jQuery(document).ready(function() {
jQuery(\".content\").hide();
//toggle the componenet with class msg_body
jQuery(\".expander\").click(function()
{
jQuery(this).next(\".content\").slideToggle(500);
});
});
</script>
</head>
<body><a name=\"top\"></a>" >> $randomname.php
###############################################################
# Starting to add DIV Layers and fill in some variables:
echo "<!-- Begin Wrapper -->
<div id=\"wrap\">
<!-- Begin Contents / Infoboxes -->
<div class=\"infobox\" style=\"text-align:right;border:1px solid #555;\">
<div style=\"margin-top:5px;width:400px;float:left;text-align:left;font-size:24px;font-weight:bold;background:url(http://www.serverbeach.com/images/logo.png) no-repeat top left;min-height:48px;\">
</div>
<div style=\"width:400px;float:right;text-align:right;\">
$hosthostname<br />
$hostprimaryip<br />
$hostkernel<br />
</div>
" >> $randomname.php
###############################################################
# Clear Both Head Divs
# Add Navigation DIV and Links
echo "<!-- Clear to Allow Infobox to hold Layers -->
<div style=\"clear:both;\"></div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<h4 style=\"padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;font-weight:bold;font-size:16px;\">Shortcuts</h4>
<ul>
<li><a href=\"#sysinfo\">Extra System Information (RAM, CPU, Etc.)</a></li>
<li><a href=\"#workingdir\">Scanner Location (pwd) (User/Group)</a></li>
<li><a href=\"#tmpcontents\">Contents of /tmp</a></li>
<li><a href=\"#vartmpcontents\">Contents of /var/tmp</a></li>
<li><a href=\"http://sitecheck.sucuri.net/results/$ScanWebsiteURL\" target=\"_blank\">Sucuri Site Check ($ScanWebsiteURL)</a></li>
<li><a href=\"#netstataonp\">Output of \"netstat -aonp\" (Active/Listen/PID)</a></li>
<li><a href=\"#modifiedfourteen\">Files Modified in the past 14 days (scan location)</a></li>
<li><a href=\"#psaux\">Running Processes (ps aux)</a></li>
<li><a href=\"#rootcron\">ROOT User Crontab</a></li>
</ul>
</div>
" >> $randomname.php
###############################################################
# Add All DIV System Information Layers and fill in content / variables
# This one is a big one so you may want to look at it carefully!!!
###############################################################
echo "
<!-- Breaker --><br />
<div class=\"infobox\">
<h4 class=\"expander\">System Information</h4>
<div class=\"content\">
<br />
<div class=\"codebox\">
<pre>Current Memory
-------------------------------------------------" >> $randomname.php
# Add Free Memory text file
cat sysinfo-freeram.txt >> $randomname.php
echo "
Disks
-------------------------------------------------" >> $randomname.php
# Add Disk Info
cat sysinfo-fdisk.txt >> $randomname.php
echo "
" >> $randomname.php
cat sysinfo-diskfree.txt >> $randomname.php
echo "
CPU Information
-------------------------------------------------" >> $randomname.php
# Add CPU Information
cat sysinfo-cpuinfo.txt >> $randomname.php
echo "
System Uptime etc (who [w])
-------------------------------------------------" >> $randomname.php
# Add System [w] (WHO)
cat sysinfo-who.txt >> $randomname.php
echo "
</pre>
</div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"workingdir\"></a>
<h4 class=\"expander\">Scanner Location (pwd) (User/Group)</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>Current Location" >> $randomname.php
cat sysinfo-scriptlocation.txt >> $randomname.php
echo "
User/Group
$usergroupuser/$usergroupgroup</pre></div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"tmpcontents\"></a>
<h4 class=\"expander\">Contents of /tmp</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>" >> $randomname.php;cat contents-tmp.txt >> $randomname.php;echo "</pre></div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"vartmpcontents\"></a>
<h4 class=\"expander\">Contents of /var/tmp</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>" >> $randomname.php;cat contents-vartmp.txt >> $randomname.php;echo "</pre></div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"netstataonp\"></a>
<h4 class=\"expander\">Netstat (AONP)</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>Output of \"netstat -aonp\"
-------------------------------------------------" >> $randomname.php;cat netstat-aonp.txt >> $randomname.php;echo "</pre></div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"modifiedfourteen\"></a>
<h4 class=\"expander\">Files Modified in the past 14 days</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>" >> $randomname.php;cat 14-day-mod.txt >> $randomname.php;echo "</pre></div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"psaux\"></a>
<h4 class=\"expander\">Running Processes</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>" >> $randomname.php;cat running-processes.txt >> $randomname.php;echo "</pre></div>
</div>
</div>
<!-- Breaker --><br />
<div class=\"infobox\">
<a name=\"rootcron\"></a>
<h4 class=\"expander\">ROOT User Crontab</h4>
<div class=\"content\">
<br />
<div class=\"codebox\"><pre>" >> $randomname.php;cat rootusercrontab.txt >> $randomname.php;echo "</pre></div>
</div>
</div>
<div class=\"footer\">
Created by <a href=\"mailto:dbiers@serverbeach.com\">David</a> @ ServerBeach Support Level 2
</div>
<!-- End Wrapper -->
</div>
</body>
</html>
" >> $randomname.php
###############################################################
# Clean up all text files
echo -e "\nFile Generation Complete. Link will be provided in a few seconds..\nCleaning up all junk files..\n\n"
sleep 2
rm -fv 14-day-mod.txt running-processes.txt netstat-aonp.txt sysinfo-freeram.txt sysinfo-fdisk.txt sysinfo-diskfree.txt sysinfo-cpuinfo.txt sysinfo-who.txt sysinfo-scriptlocation.txt contents-tmp.txt contents-vartmp.txt rootusercrontab.txt
sleep 2
clear
chown $usergroupuser:$usergroupgroup $randomname.php -fv
echo -e "\nScript is completed,\n\nYou can access it with the following information:\n\nURL: $ScanWebsiteURL$randomname.php\n\n"
read -p "Hit [ENTER] to close."
