Linux服务器信息收集工具,附脚本!
一、功能介绍: 1.收集服务器信息 主要收集服务器系统版本、ip地址、arp连接、路由信息、密码信息、历史命令、当前权限、网络连接、进程信息、服务信息、ssh登录信息、环境变量、计划任务等多种信息。 2.目录结构信息收集
主要对服务器上的目录结构进行信息收集,方便查看服务器的结构目录。 3.关键词信息收集
通过在脚本中设置关键字,可以在服务器上搜索包含该关键字的文件,并将该文件所在的目录写入到指定文件中,然后我们可以通过查询该文件来访问指定目录,在配置文件中找到我们所需要的关键信息。二、使用方法: 1.查看帮助
gather -h
2.常规扫描 gather -s 常规扫描主要扫描服务器信息,将结构输出到/tmp/report/result.txt中
3.全部扫描(建议使用) gather -a 全部扫描会收集服务器信息、收集服务器目录结构、对关键字进行信息收集,并将结果输出到/tmp/report目录下,会生成tree.txt、result.txt、keyword.txt
4.结果输出
三、脚本代码:#!/bin/bash# export pathexport path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/sbin/:$path# create result dirresult_dir=/tmp/reportmkdir -p ${result_dir}result_file=${result_dir}/result.txtresult_tree=${result_dir}/tree.txtresult_key=${result_dir}/keyword.txtif [ -f $result_file ]; thenrm -rf ${result_file}fiif [ -f $result_tree ]; thenrm -rf ${result_tree}fi# cat system versionsys_ver=`cat /proc/version`sys_debian=debianssh_dir=~/.ssh/con_dir=/var/spool/cron/crontabs/showip=`ip route show | grep -n 'eth0s*protos*kernels*scopes*links*src' | sed 's/^.*src //g' | sed s/metric.*$//g`userinfo=`for i in $(cut -d: -f1 /etc/passwd 2>/dev/null);do id $i;done 2>/dev/null`# sensitive dataa_dir=(/etc/ /opt/ /var/ /home/ /root/ /usr/)# a_file=(redis.conf mongodb.conf server.xml vsftpd.conf ldap.conf nginx.conf apache2.conf smb.conf)# bannerecho -e 33[36m -------------------------------------------------------- 33[0mecho -e 33[31m ██████╗ █████╗ ████████╗██╗ ██╗███████╗██████╗ 33[0mecho -e 33[31m ██╔════╝ ██╔══██╗╚══██╔══╝██║ ██║██╔════╝██╔══██╗ 33[0mecho -e 33[31m ██║ ███╗███████║ ██║ ███████║█████╗ ██████╔╝ 33[0mecho -e 33[31m ██║ ██║██╔══██║ ██║ ██╔══██║██╔══╝ ██╔══██╗ 33[0mecho -e 33[31m ╚██████╔╝██║ ██║ ██║ ██║ ██║███████╗██║ ██║ 33[0mecho -e 33[31m ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ 33[0mecho -e 33[36m -------------------------------------------------------- 33[0mecho echo -e 33[31m linux server probe script 33[0mecho -e 33[31m hostname:33[0m 33[32m`hostname` 33[0mecho -e 33[31m kernel:33[0m 33[32m`uname -m` 33[0mecho -e 33[31m user:33[0m 33[32m`whoami` 33[0mecho -e 33[31m ip:33[0m 33[32m${showip} 33[0mecho -e 33[31m report:33[0m 33[32m/tmp/report 33[0mecho -e 33[31m help:33[0m 33[32muse -h 33[0mecho -e 33[36m ------------------------------- 33[0m#usageusage() { echo usage: $0 [-s] [-a] [-t] [-k>] 1>&2; exit 1; }# check systemfunsys(){os=`uname -o`os_re=`uname -n`os_ke=`uname -rv`ver=$(echo $sys_ver | grep ${sys_debian})if [[ $ver != ]]then echo -e os: 33[32m${os} ${os_re}33[0m echo -e kernel: 33[32m${os_ke}33[0m echo -e 33[36m ------------------------------- 33[0m echo -e 33[31m gather start at 33[0m`date` echo -e 33[36m ------------------------------- 33[0melse echo -e os: 33[32m${os} ${os_re}33[0m echo -e kernel: 33[32m${os_ke}33[0m echo -e 33[36m ------------------------------- 33[0m echo -e 33[31m gather start at `date`... 33[0m echo -e 33[36m ------------------------------- 33[0mfi}# dir structfuntree(){ if command -v tree > /dev/null 2>&1; then for i in ${a_dir[@]} do echo -e 33[36m----------------------------------------------------33[0m >> $result_tree echo -e 33[32m${i}33[0m >> $result_tree echo -e 33[36m----------------------------------------------------33[0m >> $result_tree tree ${i} >> $result_tree 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m directory structure info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m directory structure info ...... 33[31mfailed33[0m fi else for s in ${a_dir[@]} do echo -e 33[36m----------------------------------------------------33[0m >> $result_tree echo -e 33[32m${s}33[0m >> $result_tree echo -e 33[36m----------------------------------------------------33[0m >> $result_tree ls -r -t -s -a ${s} >> tree.txt 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m directory structure info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m directory structure info ...... 33[31mfailed33[0m fi fi}# find keyfunkey(){ echo -e 33[36m----------------------------------------------------33[0m >> $result_key echo -e 33[32mfind keyword info33[0m >> $result_key echo -e 33[36m----------------------------------------------------33[0m >> $result_key # find the keyword--pass echo -e 33[32minclude the keyword--pass info33[0m >> $result_key find / -maxdepth 4 -name *.conf -type f -exec grep -hn pass {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.ini -type f -exec grep -hn pass {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.log -type f -exec grep -hn pass {} ; >> $result_key 2>&1 # find the keyword--include current user echo -e 33[32minclude the keyword--`whoami` info33[0m >> $result_key find / -maxdepth 4 -name *.conf -type f -exec grep -hn `whoami` {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.ini -type f -exec grep -hn `whoami` {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.log -type f -exec grep -hn `whoami` {} ; >> $result_key 2>&1 # find the keyword--sqlserver echo -e 33[32minclude the keyword--sqlserver info33[0m >> $result_key find / -maxdepth 4 -name *.conf -type f -exec grep -hn mssql {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.conf -type f -exec grep -hn sqlserver {} ; >> $result_key 2>&1 # find the keyword--mysql echo -e 33[32minclude the keyword--mysql info33[0m >> $result_key find / -maxdepth 4 -name *.my.cnf -type f -exec grep -hn mysql {} ; >> $result_key 2>&1 # find files that were modified within 72 hours echo -e 33[32mwere modified within 72 hours file info33[0m >> $result_key find / -name *.* -ctime -2 >> $result_key 2>&1 # find the suid file with root access echo -e 33[32mthe suid file with root access info33[0m >> $result_key find / -uid 0 -perm -4000 -type f >> $result_key 2>&1 if [[ $? -eq 0 ]] then echo >> $result_key echo -e 33[31m gather33[0m find keyword info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m find keyword info ...... 33[31mfailed33[0m fi}# common modefunsip(){ # release information echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mrelease info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/*-release >> $result_file 2>&1 cat /proc/version >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m release info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m release info ...... 33[31mfailed33[0m fi # ifconfig echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mip address info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ip address show >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m ip address info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m ip address info ...... 33[31mfailed33[0m fi # arp echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32marp info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file arp -v >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m arp info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m arp info ...... 33[31mfailed33[0m fi # route echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mroute info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file route -v >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m route info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m route info ...... 33[31mfailed33[0m fi # /etc/passwd echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32msystem passwd file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file if [ $userinfo ] then echo -e $userinfo >> $result_file 2>&1 else : fi hashesinpasswd=`grep -v '^[^:]*:[x]' /etc/passwd 2>/dev/null` if [ $hashesinpasswd ] then echo -e e[00;33mit looks like we have password hashes in /etc/passwd!e[00m$hashesinpasswd >> $result_file 2>&1 else : fi if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/passwd ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/passwd ...... 33[31mfailed33[0m fi # /etc/shadow echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32msystem shadow file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/shadow >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/shadow ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/shadow ...... 33[31mfailed33[0m fi # /etc/sudoers echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32msystem sudoers file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/sudoers 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/sudoers ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/sudoers ...... 33[31mfailed33[0m fi # compgen echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32muser executable commands file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file compgen -c >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m user executable commands ...... 33[32mok33[0m else echo -e 33[31m gather33[0m user executable commands ...... 33[31mfailed33[0m fi # password policy information echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mpassword policy info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/login.defs 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/login.defs ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/login.defs ...... 33[31mfailed33[0m fi # /root echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mchecks root home directory info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ls -ahl /root/ >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m root home directory ...... 33[32mok33[0m else echo -e 33[31m gather33[0m root home directory ...... 33[31mfailed33[0m fi # netstat echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mnet status33[0m >> $result_file echo -e 33[36m------------------tcp---port------------------------33[0m >> $result_file netstat -antp >> $result_file 2>&1 echo -e 33[36m------------------udp---port------------------------33[0m >> $result_file netstat -anup >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m netstat ...... 33[32mok33[0m else echo -e 33[31m gather33[0m netstat ...... 33[31mfailed33[0m fi # process echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mprocess info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ps aux >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m process info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m process info ...... 33[31mfailed33[0m fi # services echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mservices info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/services 2>/dev/null | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m services info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m services info ...... 33[31mfailed33[0m fi # iptables echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32miptables info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file iptables -nl >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m iptables info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m iptables info ...... 33[31mfailed33[0m fi # bash env echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mbash env33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mcurrent user 33[0m >> $result_file echo -e 33[36m-----------------------33[0m >> $result_file envinfo=`env 2>/dev/null | grep -v 'ls_colors' 2>/dev/null` if [ $envinfo ] then echo -e $envinfo >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file else : fi cat ~/.bashrc 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo $path >> $result_file 2>&1 echo -e 33[36m-----------------------33[0m >> $result_file echo -e 33[32msystem env profile 33[0m >> $result_file echo -e 33[36m-----------------------33[0m >> $result_file cat /etc/profile 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m bash env ...... 33[32mok33[0m else echo -e 33[31m gather33[0m bash env ...... 33[31mfailed33[0m fi # command history histfile=~/.bash_history export histtimeformat=%y-%m-%d:%h-%m-%s:`whoami`: set -o history echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mcommand history33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file history >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat $histfile >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m command history ...... 33[32mok33[0m else echo -e 33[31m gather33[0m command history ...... 33[31mfailed33[0m fi # user login info echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mlogin info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file w >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file last >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file lastlog >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m login info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m login info ...... 33[31mfailed33[0m fi # hosts echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mhosts info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file find /etc /home -type f ( -name *.rhosts -o -name *.equiv ) >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/hosts >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m hosts info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m hosts info ...... 33[31mfailed33[0m fi # fstab echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mmount info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/fstab >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/fstab ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/fstab ...... 33[31mfailed33[0m fi # ssh authkey config echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mssh auth key config33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file sshfiles=`find / ( -name id_dsa* -o -name id_rsa* -o -name known_hosts -o -name authorized_hosts -o -name authorized_keys ) -exec ls -la {} 2>/dev/null ;` if [ $sshfiles ]; then echo -e e[00;31mssh keys/host information found in the following locations:e[00m$sshfiles >> $result_file 2>&1 echo -e >> $result_file 2>&1 else : fi if [ -d ${ssh_dir} ] then for i in `ls -1 ${ssh_dir} >> $result_file 2>&1` do cat ${ssh_dir}${i} >> $result_file 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m ssh auth key ...... 33[32mok33[0m else echo -e 33[31m gather33[0m ssh auth key ...... 33[31mfailed33[0m fi else echo -e 33[31m gather33[0m ssh auth key ...... 33[31mfailed33[0m echo -e 33[31m.ssh no such file or directory33[0m >> $result_file fi # crontab echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mcrontab config33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ls -al /etc/cron* >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/rc.local >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cut -d : -f 1 /etc/passwd | xargs -n1 crontab -l -u >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file if [ -d ${con_dir} ] then for i in `ls -1 ${con_dir} >> $result_file 2>&1` do cat ${con_dir}${i} >> $result_file 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m crontab ...... 33[32mok33[0m else echo -e 33[31m gather33[0m crontab ...... 33[31mfailed33[0m fi else echo -e 33[31m gather33[0m crontab ...... 33[31mfailed33[0m echo -e 33[31m no such file or directory33[0m >> $result_file fi }# getopts# ./gather -t 10 -swhile getopts shta argsdocase $args in s) # common mode funsys funsip ;; a) # all funsys funsip funtree funkey ;; k) # key funsys funkey ;; t) # dir struct funsys funtree ;; h) # help echo common mode: -s echo full mode: -a echo dirtree mode: -t echo find keyword mode: -k usage ;; *) # param error echo $1 is not an option usage ;;esacdonefooter
物联网概念及常见的物联网协议详解
全面屏手机最终体?它的屏占比还可以更大吗
最糟糕季度表现:前三月集成电路产量下降 4.2%
虚拟机:Linux设置core dump文件名的格式
苹果iOS14中“中国特供”的新功能
Linux服务器信息收集工具,附脚本!
iphone8什么时候上市?iphone8最新消息:iphone8外观基本确定,3D脸部扫描+LOGO指纹识别
编码器5v差分信号脉冲数据采集模块/流量测量
一起看看仪表控制系统中的这些“坑”
高速公路供配电系统电力监控系统设计方案
创维企鹅极光盒子评测 提升客厅娱乐体验的一大利器
DS90UB914QSQ DS90UB913QSQ 车载IC 原装现货 昂捷电子
安全风险无处不在,教你如何保护隐私安全
如何通过网关实现PLC的远程控制和程序上下载?
NXP无线MCU新产品问市,实现更高带宽和更低延迟
如何区分Intel、AMD各自平台的芯片组主板型号?
台积电:下半年晶圆厂产能利用率将大幅提升
ANSYS的二次开发技术
国庆在VR中看阅兵,新华社推VR+5G+8K直播矩阵
选层电池扣改作5号电池夹
主要对服务器上的目录结构进行信息收集,方便查看服务器的结构目录。 3.关键词信息收集
通过在脚本中设置关键字,可以在服务器上搜索包含该关键字的文件,并将该文件所在的目录写入到指定文件中,然后我们可以通过查询该文件来访问指定目录,在配置文件中找到我们所需要的关键信息。二、使用方法: 1.查看帮助
gather -h
2.常规扫描 gather -s 常规扫描主要扫描服务器信息,将结构输出到/tmp/report/result.txt中
3.全部扫描(建议使用) gather -a 全部扫描会收集服务器信息、收集服务器目录结构、对关键字进行信息收集,并将结果输出到/tmp/report目录下,会生成tree.txt、result.txt、keyword.txt
4.结果输出
三、脚本代码:#!/bin/bash# export pathexport path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/sbin/:$path# create result dirresult_dir=/tmp/reportmkdir -p ${result_dir}result_file=${result_dir}/result.txtresult_tree=${result_dir}/tree.txtresult_key=${result_dir}/keyword.txtif [ -f $result_file ]; thenrm -rf ${result_file}fiif [ -f $result_tree ]; thenrm -rf ${result_tree}fi# cat system versionsys_ver=`cat /proc/version`sys_debian=debianssh_dir=~/.ssh/con_dir=/var/spool/cron/crontabs/showip=`ip route show | grep -n 'eth0s*protos*kernels*scopes*links*src' | sed 's/^.*src //g' | sed s/metric.*$//g`userinfo=`for i in $(cut -d: -f1 /etc/passwd 2>/dev/null);do id $i;done 2>/dev/null`# sensitive dataa_dir=(/etc/ /opt/ /var/ /home/ /root/ /usr/)# a_file=(redis.conf mongodb.conf server.xml vsftpd.conf ldap.conf nginx.conf apache2.conf smb.conf)# bannerecho -e 33[36m -------------------------------------------------------- 33[0mecho -e 33[31m ██████╗ █████╗ ████████╗██╗ ██╗███████╗██████╗ 33[0mecho -e 33[31m ██╔════╝ ██╔══██╗╚══██╔══╝██║ ██║██╔════╝██╔══██╗ 33[0mecho -e 33[31m ██║ ███╗███████║ ██║ ███████║█████╗ ██████╔╝ 33[0mecho -e 33[31m ██║ ██║██╔══██║ ██║ ██╔══██║██╔══╝ ██╔══██╗ 33[0mecho -e 33[31m ╚██████╔╝██║ ██║ ██║ ██║ ██║███████╗██║ ██║ 33[0mecho -e 33[31m ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ 33[0mecho -e 33[36m -------------------------------------------------------- 33[0mecho echo -e 33[31m linux server probe script 33[0mecho -e 33[31m hostname:33[0m 33[32m`hostname` 33[0mecho -e 33[31m kernel:33[0m 33[32m`uname -m` 33[0mecho -e 33[31m user:33[0m 33[32m`whoami` 33[0mecho -e 33[31m ip:33[0m 33[32m${showip} 33[0mecho -e 33[31m report:33[0m 33[32m/tmp/report 33[0mecho -e 33[31m help:33[0m 33[32muse -h 33[0mecho -e 33[36m ------------------------------- 33[0m#usageusage() { echo usage: $0 [-s] [-a] [-t] [-k>] 1>&2; exit 1; }# check systemfunsys(){os=`uname -o`os_re=`uname -n`os_ke=`uname -rv`ver=$(echo $sys_ver | grep ${sys_debian})if [[ $ver != ]]then echo -e os: 33[32m${os} ${os_re}33[0m echo -e kernel: 33[32m${os_ke}33[0m echo -e 33[36m ------------------------------- 33[0m echo -e 33[31m gather start at 33[0m`date` echo -e 33[36m ------------------------------- 33[0melse echo -e os: 33[32m${os} ${os_re}33[0m echo -e kernel: 33[32m${os_ke}33[0m echo -e 33[36m ------------------------------- 33[0m echo -e 33[31m gather start at `date`... 33[0m echo -e 33[36m ------------------------------- 33[0mfi}# dir structfuntree(){ if command -v tree > /dev/null 2>&1; then for i in ${a_dir[@]} do echo -e 33[36m----------------------------------------------------33[0m >> $result_tree echo -e 33[32m${i}33[0m >> $result_tree echo -e 33[36m----------------------------------------------------33[0m >> $result_tree tree ${i} >> $result_tree 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m directory structure info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m directory structure info ...... 33[31mfailed33[0m fi else for s in ${a_dir[@]} do echo -e 33[36m----------------------------------------------------33[0m >> $result_tree echo -e 33[32m${s}33[0m >> $result_tree echo -e 33[36m----------------------------------------------------33[0m >> $result_tree ls -r -t -s -a ${s} >> tree.txt 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m directory structure info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m directory structure info ...... 33[31mfailed33[0m fi fi}# find keyfunkey(){ echo -e 33[36m----------------------------------------------------33[0m >> $result_key echo -e 33[32mfind keyword info33[0m >> $result_key echo -e 33[36m----------------------------------------------------33[0m >> $result_key # find the keyword--pass echo -e 33[32minclude the keyword--pass info33[0m >> $result_key find / -maxdepth 4 -name *.conf -type f -exec grep -hn pass {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.ini -type f -exec grep -hn pass {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.log -type f -exec grep -hn pass {} ; >> $result_key 2>&1 # find the keyword--include current user echo -e 33[32minclude the keyword--`whoami` info33[0m >> $result_key find / -maxdepth 4 -name *.conf -type f -exec grep -hn `whoami` {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.ini -type f -exec grep -hn `whoami` {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.log -type f -exec grep -hn `whoami` {} ; >> $result_key 2>&1 # find the keyword--sqlserver echo -e 33[32minclude the keyword--sqlserver info33[0m >> $result_key find / -maxdepth 4 -name *.conf -type f -exec grep -hn mssql {} ; >> $result_key 2>&1 find / -maxdepth 4 -name *.conf -type f -exec grep -hn sqlserver {} ; >> $result_key 2>&1 # find the keyword--mysql echo -e 33[32minclude the keyword--mysql info33[0m >> $result_key find / -maxdepth 4 -name *.my.cnf -type f -exec grep -hn mysql {} ; >> $result_key 2>&1 # find files that were modified within 72 hours echo -e 33[32mwere modified within 72 hours file info33[0m >> $result_key find / -name *.* -ctime -2 >> $result_key 2>&1 # find the suid file with root access echo -e 33[32mthe suid file with root access info33[0m >> $result_key find / -uid 0 -perm -4000 -type f >> $result_key 2>&1 if [[ $? -eq 0 ]] then echo >> $result_key echo -e 33[31m gather33[0m find keyword info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m find keyword info ...... 33[31mfailed33[0m fi}# common modefunsip(){ # release information echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mrelease info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/*-release >> $result_file 2>&1 cat /proc/version >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m release info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m release info ...... 33[31mfailed33[0m fi # ifconfig echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mip address info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ip address show >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m ip address info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m ip address info ...... 33[31mfailed33[0m fi # arp echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32marp info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file arp -v >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m arp info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m arp info ...... 33[31mfailed33[0m fi # route echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mroute info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file route -v >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m route info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m route info ...... 33[31mfailed33[0m fi # /etc/passwd echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32msystem passwd file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file if [ $userinfo ] then echo -e $userinfo >> $result_file 2>&1 else : fi hashesinpasswd=`grep -v '^[^:]*:[x]' /etc/passwd 2>/dev/null` if [ $hashesinpasswd ] then echo -e e[00;33mit looks like we have password hashes in /etc/passwd!e[00m$hashesinpasswd >> $result_file 2>&1 else : fi if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/passwd ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/passwd ...... 33[31mfailed33[0m fi # /etc/shadow echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32msystem shadow file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/shadow >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/shadow ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/shadow ...... 33[31mfailed33[0m fi # /etc/sudoers echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32msystem sudoers file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/sudoers 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/sudoers ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/sudoers ...... 33[31mfailed33[0m fi # compgen echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32muser executable commands file info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file compgen -c >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m user executable commands ...... 33[32mok33[0m else echo -e 33[31m gather33[0m user executable commands ...... 33[31mfailed33[0m fi # password policy information echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mpassword policy info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/login.defs 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/login.defs ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/login.defs ...... 33[31mfailed33[0m fi # /root echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mchecks root home directory info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ls -ahl /root/ >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m root home directory ...... 33[32mok33[0m else echo -e 33[31m gather33[0m root home directory ...... 33[31mfailed33[0m fi # netstat echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mnet status33[0m >> $result_file echo -e 33[36m------------------tcp---port------------------------33[0m >> $result_file netstat -antp >> $result_file 2>&1 echo -e 33[36m------------------udp---port------------------------33[0m >> $result_file netstat -anup >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m netstat ...... 33[32mok33[0m else echo -e 33[31m gather33[0m netstat ...... 33[31mfailed33[0m fi # process echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mprocess info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ps aux >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m process info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m process info ...... 33[31mfailed33[0m fi # services echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mservices info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/services 2>/dev/null | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m services info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m services info ...... 33[31mfailed33[0m fi # iptables echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32miptables info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file iptables -nl >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m iptables info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m iptables info ...... 33[31mfailed33[0m fi # bash env echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mbash env33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mcurrent user 33[0m >> $result_file echo -e 33[36m-----------------------33[0m >> $result_file envinfo=`env 2>/dev/null | grep -v 'ls_colors' 2>/dev/null` if [ $envinfo ] then echo -e $envinfo >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file else : fi cat ~/.bashrc 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo $path >> $result_file 2>&1 echo -e 33[36m-----------------------33[0m >> $result_file echo -e 33[32msystem env profile 33[0m >> $result_file echo -e 33[36m-----------------------33[0m >> $result_file cat /etc/profile 2>/dev/null | grep -v -e '^$' | grep -v # >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m bash env ...... 33[32mok33[0m else echo -e 33[31m gather33[0m bash env ...... 33[31mfailed33[0m fi # command history histfile=~/.bash_history export histtimeformat=%y-%m-%d:%h-%m-%s:`whoami`: set -o history echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mcommand history33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file history >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat $histfile >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m command history ...... 33[32mok33[0m else echo -e 33[31m gather33[0m command history ...... 33[31mfailed33[0m fi # user login info echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mlogin info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file w >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file last >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file lastlog >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m login info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m login info ...... 33[31mfailed33[0m fi # hosts echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mhosts info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file find /etc /home -type f ( -name *.rhosts -o -name *.equiv ) >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/hosts >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m hosts info ...... 33[32mok33[0m else echo -e 33[31m gather33[0m hosts info ...... 33[31mfailed33[0m fi # fstab echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mmount info33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/fstab >> $result_file 2>&1 if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m /etc/fstab ...... 33[32mok33[0m else echo -e 33[31m gather33[0m /etc/fstab ...... 33[31mfailed33[0m fi # ssh authkey config echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mssh auth key config33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file sshfiles=`find / ( -name id_dsa* -o -name id_rsa* -o -name known_hosts -o -name authorized_hosts -o -name authorized_keys ) -exec ls -la {} 2>/dev/null ;` if [ $sshfiles ]; then echo -e e[00;31mssh keys/host information found in the following locations:e[00m$sshfiles >> $result_file 2>&1 echo -e >> $result_file 2>&1 else : fi if [ -d ${ssh_dir} ] then for i in `ls -1 ${ssh_dir} >> $result_file 2>&1` do cat ${ssh_dir}${i} >> $result_file 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m ssh auth key ...... 33[32mok33[0m else echo -e 33[31m gather33[0m ssh auth key ...... 33[31mfailed33[0m fi else echo -e 33[31m gather33[0m ssh auth key ...... 33[31mfailed33[0m echo -e 33[31m.ssh no such file or directory33[0m >> $result_file fi # crontab echo -e 33[36m----------------------------------------------------33[0m >> $result_file echo -e 33[32mcrontab config33[0m >> $result_file echo -e 33[36m----------------------------------------------------33[0m >> $result_file ls -al /etc/cron* >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cat /etc/rc.local >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file cut -d : -f 1 /etc/passwd | xargs -n1 crontab -l -u >> $result_file 2>&1 echo -e 33[36m----------------------------------------------------33[0m >> $result_file if [ -d ${con_dir} ] then for i in `ls -1 ${con_dir} >> $result_file 2>&1` do cat ${con_dir}${i} >> $result_file 2>&1 done if [[ $? -eq 0 ]] then echo >> $result_file echo -e 33[31m gather33[0m crontab ...... 33[32mok33[0m else echo -e 33[31m gather33[0m crontab ...... 33[31mfailed33[0m fi else echo -e 33[31m gather33[0m crontab ...... 33[31mfailed33[0m echo -e 33[31m no such file or directory33[0m >> $result_file fi }# getopts# ./gather -t 10 -swhile getopts shta argsdocase $args in s) # common mode funsys funsip ;; a) # all funsys funsip funtree funkey ;; k) # key funsys funkey ;; t) # dir struct funsys funtree ;; h) # help echo common mode: -s echo full mode: -a echo dirtree mode: -t echo find keyword mode: -k usage ;; *) # param error echo $1 is not an option usage ;;esacdonefooter
物联网概念及常见的物联网协议详解
全面屏手机最终体?它的屏占比还可以更大吗
最糟糕季度表现:前三月集成电路产量下降 4.2%
虚拟机:Linux设置core dump文件名的格式
苹果iOS14中“中国特供”的新功能
Linux服务器信息收集工具,附脚本!
iphone8什么时候上市?iphone8最新消息:iphone8外观基本确定,3D脸部扫描+LOGO指纹识别
编码器5v差分信号脉冲数据采集模块/流量测量
一起看看仪表控制系统中的这些“坑”
高速公路供配电系统电力监控系统设计方案
创维企鹅极光盒子评测 提升客厅娱乐体验的一大利器
DS90UB914QSQ DS90UB913QSQ 车载IC 原装现货 昂捷电子
安全风险无处不在,教你如何保护隐私安全
如何通过网关实现PLC的远程控制和程序上下载?
NXP无线MCU新产品问市,实现更高带宽和更低延迟
如何区分Intel、AMD各自平台的芯片组主板型号?
台积电:下半年晶圆厂产能利用率将大幅提升
ANSYS的二次开发技术
国庆在VR中看阅兵,新华社推VR+5G+8K直播矩阵
选层电池扣改作5号电池夹