⚝
One Hat Cyber Team
⚝
Your IP:
3.135.18.100
Server IP:
162.254.39.145
Server:
Linux premium289.web-hosting.com 4.18.0-513.11.1.lve.el8.x86_64 #1 SMP Thu Jan 18 16:21:02 UTC 2024 x86_64
Server Software:
LiteSpeed
PHP Version:
8.2.28
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
self
/
root
/
lib64
/
nagios
/
plugins
/
nccustom
/
View File Name :
check_exec_file_poisoning_status.sh
#!/bin/bash # # Bash strict mode. set -uo pipefail # State file to check. STATE_FILE="/root/etc/exec_file_poisoning_detector/last_run_summary.state" # Allowed time difference in seconds. Default: 43200 seconds (12 hours). ALLOWED_TIME_DIFF=43200 # Check if the state file exists and is not empty. if [[ ! -e "${STATE_FILE}" ]]; then echo "ERROR: State file ${STATE_FILE} does not exist." exit 2 fi # Check the last modification time of the state file and if it is empty. current_time=$(date +%s) state_file_mod_time=$(stat -c %Y "${STATE_FILE}") time_diff=$((current_time - state_file_mod_time)) if [[ ! -s "${STATE_FILE}" ]]; then if (( time_diff > ALLOWED_TIME_DIFF )); then echo "CRITICAL: State file ${STATE_FILE} is empty and was modified more than $((ALLOWED_TIME_DIFF / 3600)) hours ago." exit 2 else echo "WARNING: State file ${STATE_FILE} is empty." exit 1 fi elif (( time_diff > ALLOWED_TIME_DIFF )); then echo "CRITICAL!: State file ${STATE_FILE} was modified more than $((ALLOWED_TIME_DIFF / 3600)) hours ago." exit 2 fi # Get the last line of the state file. last_line=$(tail -n 1 "${STATE_FILE}") if [[ "${last_line}" == *"OK!"* ]]; then echo "${last_line}" exit 0 elif [[ "${last_line}" == *"WARNING!"* ]]; then echo "${last_line}" exit 1 elif [[ "${last_line}" == *"CRITICAL!"* ]]; then echo "${last_line}" exit 2 elif [[ "${last_line}" == *"ERROR!"* ]]; then echo "${last_line}" exit 2 else echo "UNKNOWN: ${last_line}" exit 3 fi