403Webshell
Server IP : 146.190.157.162  /  Your IP : 216.73.217.6
Web Server : Apache
System : Linux ubuntu-s-2vcpu-4gb-amd-sfo3-01-KIT-DIGITAL 6.5.0-44-generic #44-Ubuntu SMP PREEMPT_DYNAMIC Fri Jun 7 15:10:09 UTC 2024 x86_64
User : businessweek ( 639)
PHP Version : 8.2.10-2ubuntu2.2
Disable Function : exec,passthru,shell_exec,system,proc_open,popen,pcntl_exec,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_signal,pcntl_signal_dispatch,pcntl_getpriority,pcntl_setpriority,dl,putenv,parse_ini_file,show_source
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/www/html//cleanup_meta_redirect.sh
#!/bin/bash

DB_USER="uosolutions"
DB_HOST="10.124.0.3"

echo -n "MySQL password: "
read -s DB_PASS
echo

MYSQL="mysql -u${DB_USER} -p${DB_PASS} -h ${DB_HOST} -N -B"

DATABASES=$($MYSQL -e "SHOW DATABASES;" 2>/dev/null)

MODIFIED_DBS=()

USHORT_REGEX="(urshort|ushort|u-short|urshort\.live)\\.[a-z0-9.-]+"
USHORT_URL_REGEX="https?:\/\/[^\"\\'[:space:]]*(urshort|ushort|u-short|urshort\.live)[^\"\\'[:space:]]*"


for DB in $DATABASES; do

  DB_MODIFIED=0

  POSTS_TABLES=$($MYSQL -e "
    SELECT table_name
    FROM information_schema.tables
    WHERE table_schema='${DB}'
    AND table_name LIKE '%posts';
  " 2>/dev/null)

  OPTIONS_TABLES=$($MYSQL -e "
    SELECT table_name
    FROM information_schema.tables
    WHERE table_schema='${DB}'
    AND table_name LIKE '%options';
  " 2>/dev/null)

  for POSTS_TABLE in $POSTS_TABLES; do

    AFFECTED=$($MYSQL -e "
      SELECT COUNT(*)
      FROM \`${DB}\`.\`${POSTS_TABLE}\`
      WHERE
        post_content REGEXP '<meta[^>]+http-equiv=[\"\\']refresh[\"\\']'
        OR post_content REGEXP '<script[^>]*>[^<]*window\\.location'
        OR post_content REGEXP '${USHORT_REGEX}'
        OR post_content LIKE '%vEk0r4%';
    " 2>/dev/null)

    if [ "$AFFECTED" != "" ] && [ "$AFFECTED" -gt 0 ]; then
      echo "[+] Limpiando $DB.$POSTS_TABLE ($AFFECTED filas)"

      $MYSQL -e "
        UPDATE \`${DB}\`.\`${POSTS_TABLE}\`
        SET post_content =
          REGEXP_REPLACE(
            REGEXP_REPLACE(
              REGEXP_REPLACE(
                REGEXP_REPLACE(
                  post_content,
                  '<meta[^>]+http-equiv=[\"\\']refresh[\"\\'][^>]*>',
                  ''
                ),
                '<script[^>]*>[^<]*window\\.location[^<]*</script>',
                ''
              ),
              '<script[^>]*>[^<]*${USHORT_REGEX}[^<]*</script>',
              ''
            ),
            '${USHORT_URL_REGEX}',
            ''
          )
        WHERE
          post_content REGEXP '${USHORT_REGEX}'
          OR post_content LIKE '%vEk0r4%';
      "

      DB_MODIFIED=1
    fi
  done

  for OPTIONS_TABLE in $OPTIONS_TABLES; do

    AFFECTED=$($MYSQL -e "
      SELECT COUNT(*)
      FROM \`${DB}\`.\`${OPTIONS_TABLE}\`
      WHERE
        option_value REGEXP '<script'
        OR option_value REGEXP '<meta'
        OR option_value REGEXP '${USHORT_REGEX}'
        OR option_value LIKE '%vEk0r4%';
    " 2>/dev/null)

    if [ "$AFFECTED" != "" ] && [ "$AFFECTED" -gt 0 ]; then
      echo "[+] Limpiando $DB.$OPTIONS_TABLE ($AFFECTED filas)"

      $MYSQL -e "
        UPDATE \`${DB}\`.\`${OPTIONS_TABLE}\`
        SET option_value =
          REGEXP_REPLACE(
            REGEXP_REPLACE(
              REGEXP_REPLACE(
                REGEXP_REPLACE(
                  option_value,
                  '<script[^>]*>.*?</script>',
                  ''
                ),
                '<meta[^>]*>',
                ''
              ),
              'window\\.location[^;]*;',
              ''
            ),
            '${USHORT_URL_REGEX}',
            ''
          )
        WHERE
          option_value REGEXP '${USHORT_REGEX}'
          OR option_value REGEXP '<script'
          OR option_value REGEXP '<meta'
          OR option_value LIKE '%vEk0r4%';
      "

      DB_MODIFIED=1
    fi

    $MYSQL -e "
      UPDATE \`${DB}\`.\`${OPTIONS_TABLE}\` h
      JOIN \`${DB}\`.\`${OPTIONS_TABLE}\` s
        ON s.option_name='siteurl'
      SET h.option_value=s.option_value
      WHERE h.option_name='home';
    "

    DB_MODIFIED=1

  done

  if [ "$DB_MODIFIED" -eq 1 ]; then
    MODIFIED_DBS+=("$DB")
  fi

done

echo
echo "Bases de datos modificadas:"
if [ ${#MODIFIED_DBS[@]} -eq 0 ]; then
  echo " - Ninguna"
else
  for DB in "${MODIFIED_DBS[@]}"; do
    echo " - $DB"
  done
fi

Youez - 2016 - github.com/yon3zu
LinuXploit