Abysssec Security Research

#!/usr/local/bin/bash
### coded by t4z3v4r3d
### recurse function : i m not sure who has write that .So thanks unknown man
### made for FreeBSD First ....
if [ "`id -u`" != "0" ];then
echo "$0 cant run as $USER Please Give me the root perms!!!!! "
exit 1
fi
patern=$2
fl=/tmp/f.txt
fd=/tmp/find.txt
length=/tmp/l-f.txt
log_f=/tmp/log_f.txt
log_final=/tmp/final_log.txt
null=/dev/null
log_path=/tmp/log_Found_.txt
tm="`date | cut -d ":" -f 1`"
os=$OSTYPE
# you can add all paths for all os type !M$ windows IS NOT OS ....Exactly!
case $os in
Linux*) path=/etc/
;;
linux*) path=/etc/
;;
freebsd*) path=/usr/local/
;;
*) path=/
;;
esac
 
rm $fl
touch $fl
rm $fd
touch $fd
rm $log_f
touch $log_f
rm $log_final
touch $log_final
rm $log_path
touch $log_path
clear
 
echo "Enter attacker IP"
read -e ip
 
if [ "`find $path -name apache >> $fl`" ];then
	echo -e "\033[3;2f Main path Found ....\033[0;0m"
else
 
	if [ "`find $path -name apache2 >> $fl`" ];then
		echo "Founded Apache2 Config files"
	fi
fi 
 
recurse () {
for file in $(/bin/ls $1)
do fqfn=$1/$file
[[ -d $fqfn ]] && recurse $fqfn
[[ ${#file} -gt $len ]] && { len=${#file} name=$fqfn; }
[[ -f $fqfn ]] && recurse $fqfn
[[ ${#file} -gt $len ]] && { len=${#file} name=$fqfn; }
 
#########################################################
if [ -f $1 ];then
let "f=f+1"
	if [ "`ls $1 | grep -F .conf`" ];then
	let "t=t+1"
	cat $1 | grep -F .log | grep -v "#" | cut -d " " -f 2  >> $log_path
	nom[$t]="`cat $1 | grep -F .log | grep -v "#" | wc -l`"
	echo -e "reading $1\n `cat $1 | grep -F .log | grep -v "#"`" >> /tmp/r.txt
	let "nt=nt+${nom[$t]}"
	let "j=$nt+$t"
	fi
fi
################################################################################
### MOnitoring all acts
################################################################################
echo -e "\033[3;1f\033[1;39m+\033[1;37m======================================\033[1;39m+\033[0;0m"
echo -e "\033[1;39m|\033[1;31m Scanned Files  :\033[4;25f \033[1;37m$f\033[1;39m\033[4;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;31m Path(s) found  :\033[5;25f \033[1;37m$l\033[1;39m\033[5;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;31m pattern found  :\033[6;25f \033[1;37m$t\033[1;39m\033[6;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;31m pattern total  :\033[7;25f \033[1;37m$j\033[1;39m\033[7;40f|\033[0;0m"
echo -e "\033[1;39m|\033[1;30m\033[8;2f Scanning `dirname ${1}`:::\033[1;39m\033[8;40f|\033[0;0m"
echo -e "\033[9;1f\033[1;39m+\033[1;37m======================================\033[1;39m+\033[0;0m"
##############################################################################
done ; }
 
reader(){
cat $fl | while read line ;do
if [ "`ls $line | grep .conf`" != "" ];then
	recurse $line
fi
let "l=l+1"
done
}
 
reader
 
log_path_reader(){
cat $log_path | while read line ;do
if [ -f $line ];then
if [ "`cat $line | grep "$ip"`" != "" ];then
echo -en "\033[1;30mFounded[\033[1;31m"`cat $line | grep -c "$ip"`"	\033[1;30m] $ip in	"
echo -n "Removing $line"
rm $line
 
if [ ! -f $line ];then
echo -e "\033[1;39m	... Done !\033[0;0m"
else
echo -e "\033[1;31m	...Failed!\033[1;0m"
fi
 
fi
else
echo -e "\033[1;30mFile [\033[1;31m"$line    "\033[1;39mFile Dose not exist......\033[1;30m]"
fi
 
let "l2=l2+1"
done
}
echo -e "\033[8;3f\033[1;31mpath= $path OS= $os\033[0;0m"
echo -e "\033[11;1f\033[1;30mScanning DONE!! NOW : Removing Log Files\033[0;0m"
 
log_path_reader
 
echo -en "\033[1;30mRemoving 				   $0	"
 
rm $fl $log_path $0
 
 if [ ! -f  $0 ];then
 	echo -e "\033[1;39m	... Done !\033[0;0m"
 else
 	echo -e "\033[1;31m	...Failed!\033[1;0m"
 fi
echo -e "\033[1;37m Mail: amiri@abysssec.com\033[0;0m"