#!/bin/bash
#需要root权限
echo "Linux安全检查与应急响应工具"
echo "Version:1.3"
echo "Author:Daily"
echo "Date:2020-11-11"
dos2unix buying.sh
date=$(date +%Y%m%d-%H%M%S)
ipadd=$(ifconfig -a | grep -w inet | grep -v 127.0.0.1 | awk 'NR==1{print $2}')
check_file="/tmp/buying_${ipadd}_${date}/check_file/"
danger_file="/tmp/buying_${ipadd}_${date}/danger_file.txt"
log_file="/tmp/buying_${ipadd}_${date}/log/"
rm -rf $check_file
rm -rf $danger_file
rm -rf log_file
mkdir /tmp/buying_${ipadd}_${date}/
echo "检查发现危险项,请注意:" > ${danger_file}
mkdir $check_file
echo "" >> $danger_file
mkdir $log_file
cd $check_file
if [ $(whoami) != "root" ];then
echo "安全检查必须使用root账号,否则某些项无法检查"
exit 1
fi
saveresult="tee -a checkresult.txt"
echo "[0.1]正在检查IP地址....." && "$saveresult"
echo -------------0.IP及版本-------------------
echo -------------0.1IP地址-------------------
echo "[0.1]正在检查IP地址....." | $saveresult
ip=$(ifconfig -a | grep -w inet | awk '{print $2}')
if [ -n "$ip" ];then
(echo "[*]本机IP地址信息:" && echo "$ip") | $saveresult
else
echo "[!!!]本机未配置IP地址" | $saveresult
fi
printf "\n" | $saveresult
echo ------------12历史命令--------------------------
echo ------------12.1系统操作历史命令---------------
echo ------------12.1.1系统操作历史命令---------------
echo "[12.1.1]正在检查操作系统历史命令....." | $saveresult
history=$(more /root/.bash_history)
if [ -n "$history" ];</
挖矿病毒检测脚本
最新推荐文章于 2024-03-27 19:22:28 发布