Mini Shell

Direktori : /opt/sharedrads/extras/
Upload File :
Current File : //opt/sharedrads/extras/defacement_fixer

#!/bin/bash

#load functions + banners
source /opt/sharedrads/radsfunctions.sh

if [ "$RADSCOLORS" == "off" ];
then
        radsbanner-nocolor
	echo "WARNING: THIS TOOL IS NOT TO BE USED WITHOUT THE APPROVAL OF A TIER III ADMIN"
else
        radsbanner
       	echo "WARNING: THIS TOOL IS NOT TO BE USED WITHOUT THE APPROVAL OF A TIER III ADMIN"
fi

function usage {
	echo
	echo "This script will restore multiple defaced sites from a clean backup location."
	echo "Usage: defacement_fixer.sh FILELIST TARGET BKMNT"
	echo
	echo "You will then be prompted to enter a unique string found in the defaced page source."
	echo
	echo "where:"
	echo "	FILELIST: list of infected files with full paths obtained by a scan"
	echo "              (to perform a scan, use the defacement_scan.sh script)"
	echo "	TARGET:   partition that contains the infected/defaced pages (typically /home)"
	echo "  BKMNT:    partition that contains the uninfected/clean pages (typically /bkmnt)"
	echo
}

test -z $1 && usage && echo "ERROR: You must supply a list of affected files." && exit

LIST=$1
TARGET=$2
BKMNT=$3
HACKEDSTRING="$4"

IFS=$'\n';

SESSIONID=`date +%s`

if [ "$TARGET" == "/home" ]; then
echo
else
echo "ERROR: Cannot process defacement request outside of /home with this version."
echo "This defacement replacement must be done manually by a senior T3 administrator."
exit 0
fi

if [ "$BKMNT" == "/bkmnt" ]; then
echo
else
echo "ERROR: Cannot process defacement request outside of /bkmnt with this version."
echo "This defacement replacement must be done manually by a senior T3 administrator."
exit 0
fi

echo > /var/log/defacement_fixer.log.$SESSIONID

if [ -z "$4" ]; then
echo
echo "You must enter a UNIQUE string that is found in the source of the defaced pages. "
echo "example:  Rooted By Dr.Net   (do not include any quotes)"
echo
echo -n "Enter the string now: "
read HACKEDSTRING
fi

echo
echo
echo "To confirm, we are about to launch a mass defacement replacement on `hostname -s`."
echo "We will be replacing all files found in $1 that contain $HACKEDSTRING"
echo "with backups from $BKMNT if available."
echo
echo " *** You can view the log for this session in: /var/log/defacement_fixer.log.$SESSIONID ***"
echo

function lecho {
    echo "$(date) $@" >> /var/log/defacement_fixer.log.$SESSIONID
}

lecho "started run on file $1"
echo "$(date) started run on file $1"


for file in $(cat $LIST | awk -F: '{print $1}');
do
    if fgrep -c "$HACKEDSTRING" "$file"  &>/dev/null;
    then
        lecho " $file infected - attempting repair "

	BKPINFECTED=DUNNO
	echo "/bkmnt/${file}"

        if fgrep -c "$HACKEDSTRING" /bkmnt/${file} &>/dev/null;
       	then
		BKPINFECTED=TRUE
	fi

if [ "$BKPINFECTED" == "TRUE" ]; then
               	lecho "$file clean failed: backups are also infected"
                echo "$file clean failed: backups are also infected" >> /var/log/mayhacks.log

else
        lecho "cp -a /bkmnt/${file} $file "
        cp -a "/bkmnt/${file}" "$file"
        if [ $? -gt 0 ];
        then
            lecho "error correcting $file"
        fi
fi

    else
        lecho "$file clean"
    fi
done

Zerion Mini Shell 1.0