cPanel / Plesk Scan Script (Out-of-date)
Took me a while to make this but I enjoyed doing it anyways.
The purpose is basically to scan for files that have been modified or created in the past 14 days (20160 minutes), a list of running processes, processes listening on ports (and their PID) and some other information on the system it is being run on.
Just a note it *DOES HAVE TO BE RUN AS ROOT*.
If you want to just straight up wget and run it, you can run the following (Just make sure you are the root user):
wget http://www.dbiers.me/tools/runscan.sh;chmod +x runscan.sh;./runscan.sh;rm -f runscan.sh
#!/bin/bash clear echo -e " ___ ______ ___ " echo -e ".-----.' _| |.' _|.---.-.----.--------." echo -e "| | _| -- || _|| _ | _| |" echo -e "|__|__|__| |______||__| |___._|__| |__|__|__|" echo -e "" echo -e " Information Grabbing Utility" echo -e " By : David B." echo -e " ServerBeach Support\n" ############################################################### # Notes that should not be ignored when running the script. # These describe that the end file will need to be somewhere # that is publicly accessible so that it can be opened in # your browser when completed. echo -e "NOTE: This script will need to be run as the root user.\nNOTE: Also please keep in mind that the file will need to be publicly\naccessible to the internet and that you WILL be prompted for a URL.\n" echo -e "IDEALY This should be run in the root of a website directory\nIE: /home/<user>/public_html/.\n" echo -n "Enter the Full URL (trailing slash included) of the website where this file is going to be accessible from: " read ScanWebsiteURL echo -e "" ############################################################### # Pick a control panel - cPanel or Plesk. If no control panel # is chosen then the script will fail to run correctly. echo -n "Plesk server or cPanel? (1 for cPanel, 2 for Plesk): " read cptype scanhome="none" ############################################################### # Setting scan locations depending on which control panel was # chosen. cPanel default home directorys are in # /home/<username>/public_html/. and Plesk default location is # /var/www/vhosts/<account>/httpdocs/. if [ "$cptype" = "1" ]; then scanhome="/home/*/public_html/*" cpname="cPanel" elif [ "$cptype" = "2" ]; then scanhome="/var/www/vhosts/*/httpdocs/*" cpname="Plesk Panel" fi ############################################################### # Begin to relay information back to script executioner. echo -e "\nSelected Control Panel: $cpname" echo -e "Site(s) Scan Targets: $scanhome\n" read -p "Hit [ENTER] when you are ready to start farming!" ############################################################### # Set date and time of script execution according to server time. execdate=`date` echo -e "\n\nScript started @ $execdate." echo -e "\nGrabbing Data!" ############################################################### # Set user/group that finished file will be chown'd to: usergroupuser=`ls -l | grep index | awk '{print $3}'` usergroupgroup=`ls -l | grep index | awk '{print $4}'` echo -e "User: $usergroupuser\nGroup: $usergroupgroup" ############################################################### # Grab extra information on kernel, IP, hostname: hostkernel=`uname -sr` hosthostname=`hostname` hostprimaryip=`ifconfig eth0 | grep inet\ addr | awk '{print $2}' | cut -c6-` echo -e "Kernel: $hostkernel\nHostname: $hosthostname\nPrimary IP: $hostprimaryip\n" sleep 2 ############################################################### # Find files modified in the past 14 days (CP Type) sleep 1 clear echo "Scanning $scanhome for files modified/created in the past 14 days." find $scanhome -mmin -20160 | tee 14-day-mod.txt echo -e "\nDone." ############################################################### # Getting the list of running processes, send to file/console: sleep 1;clear;echo "Getting list of processes and sending to file/terminal in 1 second.";sleep 2 ps -eo user,pid,pcpu,start,time,comm,cmd | tee running-processes.txt echo -e "\nDone" ############################################################### # Grabbing Output Of "netstat -aonp" and passing to file/term. sleep 1 clear echo "Grabbing output of Netstat..." netstat -aonp | tee netstat-aonp.txt echo -e "\nDone." ############################################################### # Free Memory, Disks, CPU Info # RAM free -m | tee sysinfo-freeram.txt echo -e "" # Disks fdisk -l > tmp-sysinfo-fdisk.txt sed 1d tmp-sysinfo-fdisk.txt | tee sysinfo-fdisk.txt rm -f tmp-sysinfo-fdisk.txt echo -e "" # Disks Usage df -h | tee sysinfo-diskfree.txt echo -e "" # CPU Info cat /proc/cpuinfo | grep "model name" | uniq | tee sysinfo-cpuinfo.txt echo -e "" # WHO/Uptime w | tee sysinfo-who.txt echo -e "" # Script Location pwd | tee sysinfo-scriptlocation.txt echo -e "\n Done." sleep 2 ############################################################### # Contents of /tmp and /var/tmp clear echo -e "Grabbing Contents of /tmp and /var/tmp...\n\n" sleep 1 ls -laR /tmp | tee contents-tmp.txt ls -laR /var/tmp | tee contents-vartmp.txt echo -e "\nDone." ############################################################### # Root users crontab clear echo -e "Grabbing Root Users Crontab...\n\n" sleep 1 crontab -l | tee rootusercrontab.txt echo -e "\nDone." sleep 1 ############################################################### ############################################################### # # # Begin Generating the End File # # # ############################################################### ############################################################### ############################################################### # Begin Generating Random Named File with Content randomname=`echo $RANDOM$RANDOM$RANDOM` clear echo -e "The file will be named: $randomname.php\n" read -p "Hit [ENTER] when you are ready to generate the final file..." echo -e "Generating...\n" sleep 2 clear ############################################################### # Create file and add headers: touch $randomname.php echo "<?php /* Generated On: $execdate Script By: David Biers ServerBeach Support Level 2 */ ?>" >> $randomname.php echo "<html> <head> <title>Scan Report for $hosthostname on $execdate</title> <style type=\"text/css\"> body { background:#111; font-family: Verdana, Tahoma, Helvetica, sans-serif; font-size:12px; color:#ccc; margin:0px 0px 0px 0px; } #wrap { width:800px; min-height:100px; margin:0 auto; margin-top:35px; padding:10px 10px 10px 10px; } div.infobox { background:#333; padding:15px 15px 15px 15px; width:800px; font-size:12px; line-height:18px; border-radius:10px; border:1px solid #555; } div.footer { background:#181818; color:#333; margin-top:15px; padding:15px 15px 15px 15px; width:800px; font-size:12px; line-height:18px; border-radius:10px; text-align:right; } .content { margin:0 auto; text-align:center; } h4.expander { padding:0px 0px 0px 0px; margin:0px 0px 0px 0px; font-size:16px; font-weight:bold; cursor:pointer; } a:link { font-weight:bold; text-decoration:none; color:#ff1000; } a:visited { font-weight:bold; text-decoration:none; color:#ff1000; } a:hover { font-weight:bold; text-decoration:none; color:#fff; } a:active { font-weight:bold; text-decoration:none; color:#ff1000; } div.codebox { border:1px solid #444; border-radius:10px; text-align:left; background:#1c1c1c; padding:5px 5px 5px 5px; height:auto; } div.codebox pre { padding-left:10px; } div.footer { </style> <!-- Include jQuery from Google --> <script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js\"></script> <script type=\"text/javascript\"> jQuery(document).ready(function() { jQuery(\".content\").hide(); //toggle the componenet with class msg_body jQuery(\".expander\").click(function() { jQuery(this).next(\".content\").slideToggle(500); }); }); </script> </head> <body><a name=\"top\"></a>" >> $randomname.php ############################################################### # Starting to add DIV Layers and fill in some variables: echo "<!-- Begin Wrapper --> <div id=\"wrap\"> <!-- Begin Contents / Infoboxes --> <div class=\"infobox\" style=\"text-align:right;border:1px solid #555;\"> <div style=\"margin-top:5px;width:400px;float:left;text-align:left;font-size:24px;font-weight:bold;background:url(http://www.serverbeach.com/images/logo.png) no-repeat top left;min-height:48px;\"> </div> <div style=\"width:400px;float:right;text-align:right;\"> $hosthostname<br /> $hostprimaryip<br /> $hostkernel<br /> </div> " >> $randomname.php ############################################################### # Clear Both Head Divs # Add Navigation DIV and Links echo "<!-- Clear to Allow Infobox to hold Layers --> <div style=\"clear:both;\"></div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <h4 style=\"padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;font-weight:bold;font-size:16px;\">Shortcuts</h4> <ul> <li><a href=\"#sysinfo\">Extra System Information (RAM, CPU, Etc.)</a></li> <li><a href=\"#workingdir\">Scanner Location (pwd) (User/Group)</a></li> <li><a href=\"#tmpcontents\">Contents of /tmp</a></li> <li><a href=\"#vartmpcontents\">Contents of /var/tmp</a></li> <li><a href=\"http://sitecheck.sucuri.net/results/$ScanWebsiteURL\" target=\"_blank\">Sucuri Site Check ($ScanWebsiteURL)</a></li> <li><a href=\"#netstataonp\">Output of \"netstat -aonp\" (Active/Listen/PID)</a></li> <li><a href=\"#modifiedfourteen\">Files Modified in the past 14 days (scan location)</a></li> <li><a href=\"#psaux\">Running Processes (ps aux)</a></li> <li><a href=\"#rootcron\">ROOT User Crontab</a></li> </ul> </div> " >> $randomname.php ############################################################### # Add All DIV System Information Layers and fill in content / variables # This one is a big one so you may want to look at it carefully!!! ############################################################### echo " <!-- Breaker --><br /> <div class=\"infobox\"> <h4 class=\"expander\">System Information</h4> <div class=\"content\"> <br /> <div class=\"codebox\"> <pre>Current Memory -------------------------------------------------" >> $randomname.php # Add Free Memory text file cat sysinfo-freeram.txt >> $randomname.php echo " Disks -------------------------------------------------" >> $randomname.php # Add Disk Info cat sysinfo-fdisk.txt >> $randomname.php echo " " >> $randomname.php cat sysinfo-diskfree.txt >> $randomname.php echo " CPU Information -------------------------------------------------" >> $randomname.php # Add CPU Information cat sysinfo-cpuinfo.txt >> $randomname.php echo " System Uptime etc (who [w]) -------------------------------------------------" >> $randomname.php # Add System [w] (WHO) cat sysinfo-who.txt >> $randomname.php echo " </pre> </div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"workingdir\"></a> <h4 class=\"expander\">Scanner Location (pwd) (User/Group)</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>Current Location" >> $randomname.php cat sysinfo-scriptlocation.txt >> $randomname.php echo " User/Group $usergroupuser/$usergroupgroup</pre></div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"tmpcontents\"></a> <h4 class=\"expander\">Contents of /tmp</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>" >> $randomname.php;cat contents-tmp.txt >> $randomname.php;echo "</pre></div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"vartmpcontents\"></a> <h4 class=\"expander\">Contents of /var/tmp</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>" >> $randomname.php;cat contents-vartmp.txt >> $randomname.php;echo "</pre></div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"netstataonp\"></a> <h4 class=\"expander\">Netstat (AONP)</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>Output of \"netstat -aonp\" -------------------------------------------------" >> $randomname.php;cat netstat-aonp.txt >> $randomname.php;echo "</pre></div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"modifiedfourteen\"></a> <h4 class=\"expander\">Files Modified in the past 14 days</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>" >> $randomname.php;cat 14-day-mod.txt >> $randomname.php;echo "</pre></div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"psaux\"></a> <h4 class=\"expander\">Running Processes</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>" >> $randomname.php;cat running-processes.txt >> $randomname.php;echo "</pre></div> </div> </div> <!-- Breaker --><br /> <div class=\"infobox\"> <a name=\"rootcron\"></a> <h4 class=\"expander\">ROOT User Crontab</h4> <div class=\"content\"> <br /> <div class=\"codebox\"><pre>" >> $randomname.php;cat rootusercrontab.txt >> $randomname.php;echo "</pre></div> </div> </div> <div class=\"footer\"> Created by <a href=\"mailto:dbiers@serverbeach.com\">David</a> @ ServerBeach Support Level 2 </div> <!-- End Wrapper --> </div> </body> </html> " >> $randomname.php ############################################################### # Clean up all text files echo -e "\nFile Generation Complete. Link will be provided in a few seconds..\nCleaning up all junk files..\n\n" sleep 2 rm -fv 14-day-mod.txt running-processes.txt netstat-aonp.txt sysinfo-freeram.txt sysinfo-fdisk.txt sysinfo-diskfree.txt sysinfo-cpuinfo.txt sysinfo-who.txt sysinfo-scriptlocation.txt contents-tmp.txt contents-vartmp.txt rootusercrontab.txt sleep 2 clear chown $usergroupuser:$usergroupgroup $randomname.php -fv echo -e "\nScript is completed,\n\nYou can access it with the following information:\n\nURL: $ScanWebsiteURL$randomname.php\n\n" read -p "Hit [ENTER] to close."