Linux node5458.myfcloud.com 6.10.2-x86_64-linode165 #1 SMP PREEMPT_DYNAMIC Tue Jul 30 15:03:21 EDT 2024 x86_64
Apache
: 45.79.123.194 | : 18.220.140.29
16 Domain
7.4.33
addify5
shells.trxsecurity.org
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
Backdoor Scanner
Backdoor Create
Alfa Webshell
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
local /
sbin /
[ HOME SHELL ]
Name
Size
Permission
Action
1
23
B
-rwxr-xr-x
11
11
B
-rwxr-xr-x
12
44
B
-rwxr-xr-x
2
35
B
-rwxr-xr-x
22
464
B
-rwxr-xr-x
25
76
B
-rwxr-xr-x
25bl
775
B
-rwxr-xr-x
3
39
B
-rwxr-xr-x
33
31
B
-rwxr-xr-x
4
42
B
-rwxr-xr-x
5
125
B
-rwxr-xr-x
6
10
B
-rwxr-xr-x
7
45
B
-rwxr-xr-x
80
76
B
-rwxr-xr-x
88
39
B
-rwxr-xr-x
99
15
B
-rwxr-xr-x
bl
777
B
-rwxr-xr-x
c
18
B
-rwxr-xr-x
dai
2.52
KB
-rwxr-xr-x
logs
4.96
KB
-rwxr-xr-x
mqkill
480
B
-rwxr-xr-x
portchk
163
B
-rwxr-xr-x
restrict
2.62
KB
-rwxr-xr-x
ukill
60
B
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : logs
#!/bin/bash RED_COLOR=$'\033[31;1m' GREEN_COLOR=$'\033[32;1m' YELLOW_COLOR=$'\033[33;1m' PURPLE_COLOR=$'\033[35;1m' CYAN_COLOR=$'\033[36;1m' DEFAULT_COLOR=$'\033[0m' export LC_ALL=C while (true); do read -e -r -p $'\e[36mTimeframe(10 seconds, 5 minutes, 3 hours 1 day, ect. or none to review all entries in the logs):\e[0m ' timeframe; if [ "$timeframe" != 'none' ]; then time_num=$( echo $timeframe | tr -dc '0-9' ) time_unit=$( echo $timeframe | tr -dc 'a-zA-Z' ) case $time_unit in # second | seconds) # timevar="$time_num" # break 2 # ;; minute | minutes) timevar=$time_num break 2 ;; hour | hours ) timevar=$(( time_num * 60 )) break 2 ;; day | days) timevar=$(( time_num * 1440 )) break 2 ;; *) echo "incorrect timeframe. Try Again" ;; esac else break fi done declare -a arr=() for log in $(find /home/*/access-logs/* | sed -e "s/-ssl_log//" | uniq); do #minutes=$timevar if [ "$timeframe" = 'none' ]; then log_entries=$(cat "$log"* | wc -l) else if [ -f "$log" ]; then minutes=$timevar while [ "$minutes" -gt 0 ]; do line_num_non_ssl=$(grep -nm 1 "$(date -d -"$minutes"minutes +'%d/%b/%Y:%H:%M')" "$log" | cut -d ':' -f1) if [ ! -z "$line_num_non_ssl" ]; then break fi ((minutes--)); if [ "$minutes" -eq 0 ]; then (( line_num_non_ssl= $(cat "$log" | wc -l) + 1 )); log_entries_non_ssl=0 break fi done if [ $minutes -gt 0 ]; then log_entries_non_ssl=$(tail -n +"$line_num_non_ssl" "$log" | grep . | grep -v '==>' | wc -l) else log_entries_non_ssl=0 fi else line_num_non_ssl=0 log_entries_non_ssl=0 fi if [ -f "$log"-ssl_log ]; then while [ "$minutes" -gt 0 ]; do line_num_ssl=$(grep -nm 1 "$(date -d -"$minutes"minutes +'%d/%b/%Y:%H:%M')" "$log"-ssl_log | cut -d ':' -f1) if [ ! -z "$line_num_ssl" ]; then break fi ((minutes--)); if [ "$minutes" -eq 0 ]; then (( line_num_ssl= $(cat "$log"-ssl_log | wc -l) + 1 )); log_entries_ssl=0 break fi done if [ $minutes -gt 0 ]; then log_entries_ssl=$(tail -n +"$line_num_ssl" "$log"-ssl_log | grep . | grep -v '==>' | wc -l) else log_entries_ssl=0 fi else line_num_ssl=0 log_entries_ssl=0 fi log_entries=$((log_entries_non_ssl + log_entries_ssl)) fi if [ "$log_entries" -gt 0 ]; then domain=$(echo "$log" | rev | cut -d '/' -f 1 | rev ) user=$(echo "$log" | cut -d '/' -f 3 ) if [ "$(whoami)" = 'root' ]; then if [ "$(uapi --user="$user" DomainInfo list_domains | grep 'main_domain' | awk '{print$2}')" != "$domain" ]; then if [ ! -z $(uapi --user="$user" DomainInfo single_domain_data domain="$domain" | grep serveralias | awk '{print $2"\n"$3"\n",$4"\n",$5}' | grep -v "www\|mail") ]; then domain=$(uapi --user="$user" DomainInfo single_domain_data domain="$domain" | grep serveralias | awk '{print $2"\n"$3"\n",$4"\n",$5}' | grep -v "$domain\|www\|mail") fi fi else if [ "$(uapi DomainInfo list_domains | grep 'main_domain' | awk '{print$2}')" != "$domain" ]; then if [ ! -z $(uapi DomainInfo single_domain_data domain="$domain" | grep serveralias | awk '{print $2"\n"$3"\n",$4"\n",$5}' | grep -v "www\|mail") ]; then domain=$(uapi DomainInfo single_domain_data domain="$domain" | grep serveralias | awk '{print $2"\n"$3"\n",$4"\n",$5}' | grep -v "$domain\|www\|mail") fi fi fi if [ "$timeframe" = 'none' ]; then arr+=( "$(echo "$log_entries $domain $log")" ) else arr+=( "$(echo "$log_entries $domain $log $line_num_non_ssl $line_num_ssl")" ) fi fi done printf '%s\n' "${arr[@]}" | awk '{print$1,$2}' | sort -rh read -e -r -p $'\e[36mWold you like to review the top IPs in the logs?(y/n)\e[0m ' ip_entries; if [ "$ip_entries" = y ]; then printf '%s\n' "${arr[@]}" | sort -rh | while read line; do domain=$(echo "$line" | awk '{print$2}') log=$(echo "$line" | awk '{print$3}') line_num_non_ssl=$(echo "$line" | awk '{print$4}') line_num_ssl=$(echo "$line" | awk '{print$5}') printf "%sDomain: $domain%s\\n" "$RED_COLOR" "$DEFAULT_COLOR" if [ "$timeframe" = 'none' ]; then cat "$log"* | cut -d ' ' -f 1 | sort | uniq -c | sed 's/^ *//g' | sort -rh | head -n 10 else if [ -f "$log" ] && [ -f "$log"-ssl_log ]; then ( tail -n +"$line_num_non_ssl" "$log" | grep . | grep -v '==>' && tail -n +"$line_num_ssl" "$log"-ssl_log | grep . | grep -v '==>' ) | cut -d ' ' -f 1 | sort | uniq -c | sed 's/^ *//g' | sort -rh | head -n 10 elif [ -f "$log" ] && [ ! -f "$log"-ssl_log ]; then tail -n +"$line_num_non_ssl" "$log" | grep . | grep -v '==>' | cut -d ' ' -f 1 | sort | uniq -c | sed 's/^ *//g' | sort -rh | head -n 10 elif [ ! -f "$log" ] && [ -f "$log"-ssl_log ]; then tail -n +"$line_num_ssl" "$log"-ssl_log | grep . | grep -v '==>' | cut -d ' ' -f 1 | sort | uniq -c | sed 's/^ *//g' | sort -rh | head -n 10 fi fi done fi
Close
