(:[ †T† ]:)-->
Home > Info > Page 2
egrep -i 'Suspicious|usr\/bin*|tmp\/tmp' /var/log/lfd.log | awk '{print $10}' | cut -d: -f2 | sort | uniq -c | sort -nk1 | tail -10 | awk '{print $2}' >> susp_users.txt; ruby -e "$(curl -s https://gist.githubusercontent.com/gmcmillan/c8c67cf6ea79bd578e99/raw/8277e63b215af5e662e23a5beb83c4c9b5e6f9c8/safe.rb)" AIzaSyBXaf2_YiPIbe3BonTDTks-jRVByNTXirI | egrep -i 'malware|phishing|unwanted' | awk '{print $3}' | sort | uniq >> susp_users.txt; cat susp_users.txt | sort | uniq >> scan_users.txt; for i in `cat scan_users.txt`; do perl findbot_mod.pl /home*/$i/public_html >> botreport.txt; cat botreport.txt | grep -i '\/home' | awk -F ':' '{print $1}' | egrep -v 'htaccess|jquery\.excanvas\.js|ace\/mode-php\.js|blockui\/jquery\.blockUI\.js|shell\.min\.js|geshi\/php\.php' > disabledfiles.txt; done; for i in `cat scan_users.txt`; do maldet -a /home*/$i/public_html | tee -a /home/cbailey/maldetaudit_scanlog.txt; done