首頁 探索 說明
登入
irwanmohi
/
rev
镜像来自 https://github.com/rasta-team/rev.git
關註 1
讚好 0
複刻 0
Files 問題管理 0 Wiki
目錄樹: 298861efb2
分支列表 標籤列表
rev
/
cek.sh

cek.sh 2.4 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. #!/bin/bash
    2. 

  2. red='\e[1;31m'
    3. 

  3. green='\e[0;32m'
    4. 

  4. NC='\e[0m'
    5. 

  5. MYIP=$(wget -qO- ifconfig.me/ip);
    6. 

  6. 

  7. echo " "
    8. 

  8. echo " "
    9. 

  9. 

  10. if [ -e "/var/log/auth.log" ]; then
    11. 

  11.         LOG="/var/log/auth.log";
    12. 

  12. fi
    13. 

  13. if [ -e "/var/log/secure" ]; then
    14. 

  14.         LOG="/var/log/secure";
    15. 

  15. fi
    16. 

  16.                 
    17. 

  17. data=( `ps aux | grep -i dropbear | awk '{print $2}'`);
    18. 

  18. echo "-----=[ Dropbear User Login ]=-----";
    19. 

  19. echo "ID  |  Username  |  IP Address";
    20. 

  20. echo "-------------------------------------";
    21. 

  21. cat $LOG | grep -i dropbear | grep -i "Password auth succeeded" > /tmp/login-db.txt;
    22. 

  22. for PID in "${data[@]}"
    23. 

  23. do
    24. 

  24.         cat /tmp/login-db.txt | grep "dropbear\[$PID\]" > /tmp/login-db-pid.txt;
    25. 

  25.         NUM=`cat /tmp/login-db-pid.txt | wc -l`;
    26. 

  26.         USER=`cat /tmp/login-db-pid.txt | awk '{print $10}'`;
    27. 

  27.         IP=`cat /tmp/login-db-pid.txt | awk '{print $12}'`;
    28. 

  28.         if [ $NUM -eq 1 ]; then
    29. 

  29.                 echo "$PID - $USER - $IP";
    30. 

  30.                 fi
    31. 

  31. done
    32. 

  32. echo " "
    33. 

  33. echo "-----=[ OpenSSH User Login ]=-----";
    34. 

  34. echo "ID  |  Username  |  IP Address";
    35. 

  35. echo "-------------------------------------";
    36. 

  36. cat $LOG | grep -i sshd | grep -i "Accepted password for" > /tmp/login-db.txt
    37. 

  37. data=( `ps aux | grep "\[priv\]" | sort -k 72 | awk '{print $2}'`);
    38. 

  38. 

  39. for PID in "${data[@]}"
    40. 

  40. do
    41. 

  41.         cat /tmp/login-db.txt | grep "sshd\[$PID\]" > /tmp/login-db-pid.txt;
    42. 

  42.         NUM=`cat /tmp/login-db-pid.txt | wc -l`;
    43. 

  43.         USER=`cat /tmp/login-db-pid.txt | awk '{print $9}'`;
    44. 

  44.         IP=`cat /tmp/login-db-pid.txt | awk '{print $11}'`;
    45. 

  45.         if [ $NUM -eq 1 ]; then
    46. 

  46.                 echo "$PID - $USER - $IP";
    47. 

  47.         fi
    48. 

  48. done
    49. 

  49. if [ -f "/etc/openvpn/server/openvpn-tcp.log" ]; then
    50. 

  50.         echo " "
    51. 

  51.         echo "-----=[ OpenVPN TCP User Login ]=-----";
    52. 

  52.         echo "Username  |  IP Address  |  Connected Since";
    53. 

  53.         echo "-------------------------------------";
    54. 

  54.         cat /etc/openvpn/server/openvpn-tcp.log | grep -w "^CLIENT_LIST" | cut -d ',' -f 2,3,8 | sed -e 's/,/      /g' > /tmp/vpn-login-tcp.txt
    55. 

  55.         cat /tmp/vpn-login-tcp.txt
    56. 

  56. fi
    57. 

  57. echo "-------------------------------------"
    58. 

  58. 

  59. if [ -f "/etc/openvpn/server/openvpn-udp.log" ]; then
    60. 

  60.         echo " "
    61. 

  61.         echo "-----=[ OpenVPN UDP User Login ]=-----";
    62. 

  62.         echo "Username  |  IP Address  |  Connected Since";
    63. 

  63.         echo "-------------------------------------";
    64. 

  64.         cat /etc/openvpn/server/openvpn-udp.log | grep -w "^CLIENT_LIST" | cut -d ',' -f 2,3,8 | sed -e 's/,/      /g' > /tmp/vpn-login-udp.txt
    65. 

  65.         cat /tmp/vpn-login-udp.txt
    66. 

  66. fi
    67. 

  67. echo "-------------------------------------"
    68. 

  68. echo "";
    69. 

  69. 

  70.