CHips L MINI SHELL

CHips L pro

Current Path : /opt/zabbix_scripts/
Upload File :
Current File : //opt/zabbix_scripts/cpanel_compromised_account.sh.Nov1

#/bin/bash

SPAMTEST=$(awk "/^$(date --date="-15min" "+%F %R:")/{p++} p" /var/log/exim_mainlog  |grep ' <= ' |grep ' U=' |egrep -v 'T="Cron|U=mailnull|T="lfd' |awk -F'U=' '{print $2}'|awk '{print $1}' |sort |uniq -c |sort -n|awk '{ if ($1>25) print $1 " mails sent from user "$2}')

if [[ -n "$SPAMTEST" ]]; then
        echo "CRITICAL: Possible compromised accounts using PHP script to send high volumes recently: $SPAMTEST"
        exit 2
else
        echo "OK: No compromised accounts found in the mail log"
        exit 0
fi

Copyright 2K16 - 2K18 Indonesian Hacker Rulez