version to use environment variables
This commit is contained in:
parent
f42eddacbb
commit
4323a3940d
36
README.md
36
README.md
|
@ -1,29 +1,51 @@
|
||||||
# Bash Scripts collection
|
# Bash Scripts collection
|
||||||
|
|
||||||
wget -O init_scripts.sh https://git.studi7.com/roger/bashscripts/raw/branch/master/init_scripts.sh && chmod +x init_scripts.sh && ./init_scripts.sh
|
## Permanent enviroment variables in ~/.profile
|
||||||
|
|
||||||
## gotifypush.sh
|
Append file `~/.profile` with this variables:
|
||||||
|
|
||||||
|
```
|
||||||
|
# E7 Scripts
|
||||||
|
# ClamAV scan script
|
||||||
|
export E7S_CLAM_LOGPATH="/path/to/logs/"
|
||||||
|
# Multiple folders separate by space
|
||||||
|
export E7S_CLAM_DIRSTOSCAN="/path/to/target/"
|
||||||
|
# Global script variables
|
||||||
|
export E7S_GOTIFY_SERVER_URL="https://push.example.com"
|
||||||
|
export E7S_LOGS_PRESERVE_DAYS=30
|
||||||
|
export ES7_LOGS_SERVER_SSH="server.example.com"
|
||||||
|
export ES7_LOGS_PATH="/path/to/web/root/"
|
||||||
|
export ES7_LOGS_URL="https://logs.example.com"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Scripts
|
||||||
|
|
||||||
|
### utils/gotifypush.sh
|
||||||
|
|
||||||
Send markdown notifications to gotify channel throught curl
|
Send markdown notifications to gotify channel throught curl
|
||||||
|
|
||||||
* Usage: `./gotifypush.sh <title> <message> <priority> <token> <clickurl>`
|
* Usage: `./gotifypush.sh <title> <message> <priority> <token> <clickurl>`
|
||||||
|
|
||||||
## scan_chk.sh
|
### utils/logger.sh
|
||||||
|
|
||||||
|
Save logs into remote server and publish it into web server
|
||||||
|
|
||||||
|
* Usage: `./logger.sh <logfile> <relativepath>`
|
||||||
|
|
||||||
|
### scan_chk.sh
|
||||||
|
|
||||||
Scan rootkits into system with chkrootkit
|
Scan rootkits into system with chkrootkit
|
||||||
|
|
||||||
* Usage: `./scan_chk.sh`
|
* Usage: `./scan_chk.sh`
|
||||||
|
|
||||||
## scan_rkh.sh
|
### scan_rkh.sh
|
||||||
|
|
||||||
Scan rootkits into system with rkhunter
|
Scan rootkits into system with rkhunter
|
||||||
|
|
||||||
* Usage: `./scan_rkh.sh`
|
* Usage: `./scan_rkh.sh`
|
||||||
|
|
||||||
## scan_clam.sh
|
### scan_clam.sh
|
||||||
|
|
||||||
Scan virus and malware into system with clamav
|
Scan virus and malware into system with clamav
|
||||||
|
|
||||||
* Usage: `./scan_clam.sh`
|
* Usage: `./scan_clam.sh`
|
||||||
|
|
||||||
**NOTE:** Need set paths (DIRTOSCAN variable) to scan
|
|
||||||
|
|
111
init_scripts.sh
111
init_scripts.sh
|
@ -1,111 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Functions
|
|
||||||
show_cron_help () {
|
|
||||||
echo "--------------------------------------------"
|
|
||||||
echo "* * * * * command to be executed"
|
|
||||||
echo "- - - - -"
|
|
||||||
echo "| | | | |"
|
|
||||||
echo "| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)"
|
|
||||||
echo "| | | ------- Month (1 - 12)"
|
|
||||||
echo "| | --------- Day of month (1 - 31)"
|
|
||||||
echo "| ----------- Hour (0 - 23)"
|
|
||||||
echo "------------- Minute (0 - 59)"
|
|
||||||
echo "Examples:"
|
|
||||||
echo "(predefined) @annually | @yearly | @monthly | @weekly | @daily | @hourly | @reboot"
|
|
||||||
echo "(every) @every 5s | @every 20h30m"
|
|
||||||
echo "(custom) 10 20 * * * | 0 3 * * 1-5"
|
|
||||||
echo -e "--------------------------------------------\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
get_cron () {
|
|
||||||
cron=false
|
|
||||||
while [ "$cron" != "true" ]
|
|
||||||
do
|
|
||||||
read -p 'Escriu el periode del cron: ' CRON
|
|
||||||
case $CRON in
|
|
||||||
("") echo "El cron no pot ser buit";;
|
|
||||||
(*) cron=true #echo "just numeric";;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
echo "$CRON"
|
|
||||||
}
|
|
||||||
# End functions
|
|
||||||
|
|
||||||
readonly SCRIPTS_FOLDER="e7scripts"
|
|
||||||
readonly GOTIFY_SCRIPT_NAME="gotifypush.sh"
|
|
||||||
readonly GOTIFY_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/gotifypush.sh"
|
|
||||||
readonly UPDATES_SCRIPT_NAME="updates_notifier.sh"
|
|
||||||
readonly UPDATES_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/updates_notifier.sh"
|
|
||||||
|
|
||||||
#verify run as root or sudo
|
|
||||||
if [[ $EUID -ne 0 ]]; then
|
|
||||||
echo "This script must be run as root"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
#set -f
|
|
||||||
#func_result="$(get_cron)"
|
|
||||||
#echo $func_result
|
|
||||||
#set +f
|
|
||||||
|
|
||||||
echo "/////////////////////////////////////////"
|
|
||||||
echo "Benvingut a l'instalador d'Scripts"
|
|
||||||
echo -e "/////////////////////////////////////\n"
|
|
||||||
|
|
||||||
finished=false
|
|
||||||
while [ "$finished" != "true" ]
|
|
||||||
do
|
|
||||||
|
|
||||||
# Choose script to install
|
|
||||||
echo "0) Sortir de l'instalador"
|
|
||||||
echo "1) Notificador dels resultats dels scripts (Gotify Push Notifications)"
|
|
||||||
echo "2) Notificador d'actualitzacions"
|
|
||||||
echo "3) Escaneig de rootkits amb RK Hunter"
|
|
||||||
echo "4) Escaneig de rootkits amb CHK Rootkit"
|
|
||||||
echo -e "5) Escaneig de virus amb ClamAV\n"
|
|
||||||
|
|
||||||
choosed=false
|
|
||||||
while [ "$choosed" != "true" ]
|
|
||||||
do
|
|
||||||
read -p 'Indica quin script vols instal·lar (0 per sortir): ' SCRIPT_NUM
|
|
||||||
case $SCRIPT_NUM in
|
|
||||||
("") echo "El número no pot ser buit";;
|
|
||||||
(*[!0-9]*) echo "Has d'introduir un número";;
|
|
||||||
(*) choosed=true #echo "just numeric";;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ "$SCRIPT_NUM" = "0" ]; then
|
|
||||||
finished=true
|
|
||||||
exit 0
|
|
||||||
elif [ "$SCRIPT_NUM" = "1" ]; then
|
|
||||||
mkdir -p $SCRIPTS_FOLDER
|
|
||||||
wget -O "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME" $GOTIFY_SCRIPT_URL
|
|
||||||
read -p 'Indica el domini de gotify: ' GOTIFY_DOMAIN
|
|
||||||
sed -i "s/push.example.com/$GOTIFY_DOMAIN/" "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
|
|
||||||
chmod +x "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
|
|
||||||
echo -e "Script instal·lat correctament\n"
|
|
||||||
elif [ "$SCRIPT_NUM" = "2" ];then
|
|
||||||
mkdir -p $SCRIPTS_FOLDER
|
|
||||||
wget -O "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME" $UPDATES_SCRIPT_URL
|
|
||||||
read -p 'Indica el token del canal de gotify: ' TOKEN
|
|
||||||
sed -i "s/<TOKEN_GOTIFY_APP>/$TOKEN/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
|
|
||||||
sed -i "s/Hostname/$(hostname)/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
|
|
||||||
chmod +x "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
|
|
||||||
echo -e "\nAFEGEIX EL CRON\n"
|
|
||||||
show_cron_help
|
|
||||||
cron="$(get_cron)"
|
|
||||||
#https://stackoverflow.com/questions/878600/how-to-create-a-cron-job-using-bash-automatically-without-the-interactive-editor
|
|
||||||
#remove previous crontab
|
|
||||||
(crontab -l | grep -v -F "$UPDATES_SCRIPT_NAME") | crontab -
|
|
||||||
#add crontab
|
|
||||||
(crontab -l ; echo "$cron cd $(pwd)/$SCRIPTS_FOLDER/ && ./$UPDATES_SCRIPT_NAME 2>&1") | crontab -
|
|
||||||
echo -e "Script instal·lat correctament\n"
|
|
||||||
#TODO Function cron get period
|
|
||||||
|
|
||||||
else
|
|
||||||
echo -e "Aquest número d'script no existeix. Tornar a intentar-ho\n"
|
|
||||||
fi
|
|
||||||
|
|
||||||
done
|
|
|
@ -1,11 +1,9 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
# variables
|
||||||
|
|
||||||
LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
|
LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
|
||||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||||
|
LOGS_RELATIVE_PATH="security/"
|
||||||
# vars gotify
|
|
||||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||||
|
|
||||||
# vars chkrootkit
|
# vars chkrootkit
|
||||||
|
@ -24,7 +22,7 @@ then
|
||||||
echo $OUT > "./$LOGFILE"
|
echo $OUT > "./$LOGFILE"
|
||||||
|
|
||||||
# send log to logs public archive
|
# send log to logs public archive
|
||||||
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
|
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
|
||||||
# delete local log
|
# delete local log
|
||||||
rm $LOGFILE
|
rm $LOGFILE
|
||||||
|
|
||||||
|
|
26
scan_clam.sh
26
scan_clam.sh
|
@ -1,26 +1,24 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
LOGDIR="/var/log/clamav/scan/";
|
|
||||||
LOGFILE="kerodes_clamav-$(date +'%Y-%m-%d').log";
|
# variables
|
||||||
#DIRTOSCAN="/home/roger/Públic /home/roger/Baixades/targets"; #multiple folders separate by space
|
LOGFILE="$(hostname)_clamav-$(date +'%Y-%m-%d').log";
|
||||||
DIRTOSCAN="/home/roger/Baixades/targets"; #multiple folders separate by space
|
|
||||||
readonly TOKEN="<TOKEN_GOTIFY_APP>";
|
|
||||||
readonly GOTIFY_SERVER="<GOTIFY_URL_SERVER>"
|
|
||||||
LOG_PRESERVE_DAYS=30;
|
|
||||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||||
|
LOGS_RELATIVE_PATH="security/"
|
||||||
MALWARE_FOUND=false
|
MALWARE_FOUND=false
|
||||||
|
readonly TOKEN="<TOKEN_GOTIFY_APP>";
|
||||||
|
|
||||||
mkdir -p $LOGDIR
|
mkdir -p $E7S_CLAM_LOGPATH
|
||||||
|
|
||||||
for S in ${DIRTOSCAN}; do
|
for S in ${E7S_CLAM_DIRSTOSCAN}; do
|
||||||
DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
|
DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
|
||||||
|
|
||||||
echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
|
echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
|
||||||
|
|
||||||
clamscan -ri "$S" >> "$LOGDIR$LOGFILE";
|
clamscan -ri "$S" >> "$E7S_CLAM_LOGPATH$LOGFILE";
|
||||||
echo "Scanned folder: "$S >> "$LOGDIR$LOGFILE";
|
echo "Scanned folder: "$S >> "$E7S_CLAM_LOGPATH$LOGFILE";
|
||||||
|
|
||||||
# get the value of "Infected lines"
|
# get the value of "Infected lines"
|
||||||
MALWARE=$(tail "$LOGDIR$LOGFILE"|grep Infected|cut -d" " -f3);
|
MALWARE=$(tail "$E7S_CLAM_LOGPATH$LOGFILE"|grep Infected|cut -d" " -f3);
|
||||||
|
|
||||||
# if the value is not equal to zero, send an email with the log file attached
|
# if the value is not equal to zero, send an email with the log file attached
|
||||||
if [ "$MALWARE" -ne "0" ];then
|
if [ "$MALWARE" -ne "0" ];then
|
||||||
|
@ -34,13 +32,13 @@ done
|
||||||
if $MALWARE_FOUND
|
if $MALWARE_FOUND
|
||||||
then
|
then
|
||||||
# send log to logs public archive
|
# send log to logs public archive
|
||||||
LOG_URL=$(sh ./utils/logger.sh "$LOGDIR$LOGFILE")
|
LOG_URL=$(sh ./utils/logger.sh "$E7S_CLAM_LOGPATH$LOGFILE" $LOGS_RELATIVE_PATH)
|
||||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
||||||
sh ./utils/gotifypush.sh "ClamAV Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
sh ./utils/gotifypush.sh "ClamAV Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#clean old logs files
|
#clean old logs files
|
||||||
find $LOGDIR -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
|
find $E7S_CLAM_LOGPATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
|
14
scan_rkh.sh
14
scan_rkh.sh
|
@ -1,22 +1,18 @@
|
||||||
GNU nano 5.4 scan_rkh.sh
|
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
# variables
|
||||||
|
LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').log";
|
||||||
LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').txt";
|
|
||||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||||
|
LOGS_RELATIVE_PATH="security/"
|
||||||
#vars rkhunter
|
|
||||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||||
|
|
||||||
OUT=$(rkhunter -c -sk --rwo -l "./rkhunter.log")
|
OUT=$(rkhunter -c -sk --rwo -l "./$LOGFILE")
|
||||||
if [ -n "$OUT" ]
|
if [ -n "$OUT" ]
|
||||||
then
|
then
|
||||||
issues=$(echo "$OUT" | wc -l)
|
issues=$(echo "$OUT" | wc -l)
|
||||||
mv "./rkhunter.log" "./$LOGFILE"
|
|
||||||
|
|
||||||
# send log to logs public archive
|
# send log to logs public archive
|
||||||
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
|
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
|
||||||
# delete local log
|
# delete local log
|
||||||
rm $LOGFILE
|
rm $LOGFILE
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
|
||||||
|
|
||||||
#verify run as root or sudo
|
#verify run as root or sudo
|
||||||
if [[ $EUID -ne 0 ]]; then
|
if [[ $EUID -ne 0 ]]; then
|
||||||
echo "This script must be run as root"
|
echo "This script must be run as root"
|
||||||
|
|
|
@ -2,14 +2,11 @@
|
||||||
|
|
||||||
#Use ./gotifypush <title> <message> <priority> <token> <clickurl>
|
#Use ./gotifypush <title> <message> <priority> <token> <clickurl>
|
||||||
|
|
||||||
#uncomment when use script from cron
|
|
||||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
|
||||||
|
|
||||||
# Gotify notification parameters
|
# Gotify notification parameters
|
||||||
TITLE=$1
|
TITLE=$1
|
||||||
MESSAGE=$2
|
MESSAGE=$2
|
||||||
PRIORITY=$3
|
PRIORITY=$3
|
||||||
URL="https://push.example.com/message?token=$4"
|
URL="$ES7_GOTIFY_SERVER_URL/message?token=$4"
|
||||||
#if url passed by parameter, set to extras
|
#if url passed by parameter, set to extras
|
||||||
if [ -n "$5" ]
|
if [ -n "$5" ]
|
||||||
then
|
then
|
||||||
|
|
|
@ -1,23 +1,23 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
|
||||||
|
|
||||||
#Use ./logger.sh <logfile>
|
#Use ./logger.sh <logfile> <relativepath>
|
||||||
|
|
||||||
# Log parameters
|
# variables
|
||||||
REMOTE_SERVER="estudiset.backups"
|
REMOTE_PATH="$ES7_LOGS_PATH$2"
|
||||||
REMOTE_PATH="/var/www/html/logs/clamav/"
|
PUBLIC_LOG_URL="$ES7_LOGS_URL/$2"
|
||||||
PUBLIC_LOG_URL="https://logs.studi7.com/clamav/"
|
|
||||||
LOG_PRESERVE_DAYS=30
|
|
||||||
|
|
||||||
# create remote folder to store logs if not exist
|
# create remote folder to store logs if not exist
|
||||||
ssh $REMOTE_SERVER "mkdir -p $REMOTE_PATH"
|
ssh $ES7_LOGS_SERVER_SSH "sudo mkdir -p $REMOTE_PATH"
|
||||||
|
|
||||||
# Copy local logfile to remote destination
|
# Copy local logfile to remote destination
|
||||||
scp $1 "$REMOTE_SERVER:$REMOTE_PATH"
|
scp $1 "$ES7_LOGS_SERVER_SSH:$REMOTE_PATH"
|
||||||
|
|
||||||
|
# set correct permissions
|
||||||
|
ssh $ES7_LOGS_SERVER_SSH "sudo chmod 644 $REMOTE_PATH$1"
|
||||||
|
|
||||||
# Clear x days old remote logs
|
# Clear x days old remote logs
|
||||||
ssh $REMOTE_SERVER 'bash -s' << EOF
|
ssh $ES7_LOGS_SERVER_SSH 'bash -s' << EOF
|
||||||
find $REMOTE_PATH -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
|
find $REMOTE_PATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# return final log url
|
# return final log url
|
||||||
|
@ -27,6 +27,6 @@ extension=${file##*.}
|
||||||
base=$(basename "${file%.*}")
|
base=$(basename "${file%.*}")
|
||||||
# change to txt if log is another text format
|
# change to txt if log is another text format
|
||||||
if [ $extension != "txt" ]; then
|
if [ $extension != "txt" ]; then
|
||||||
ssh $REMOTE_SERVER "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
|
ssh $ES7_LOGS_SERVER_SSH "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
|
||||||
fi
|
fi
|
||||||
echo "${PUBLIC_LOG_URL}${base}.txt"
|
echo "${PUBLIC_LOG_URL}${base}.txt"
|
||||||
|
|
Loading…
Reference in New Issue