-
-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathuploads-php-scan.sh
More file actions
57 lines (45 loc) · 2.39 KB
/
uploads-php-scan.sh
File metadata and controls
57 lines (45 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/usr/bin/env bash
#----------------------------------------------------------------------------------
# EngineScript - A High-Performance WordPress Server Built on Ubuntu and Cloudflare
#----------------------------------------------------------------------------------
# Website: https://EngineScript.com
# GitHub: https://github.com/Enginescript/EngineScript
# License: GPL v3.0
#----------------------------------------------------------------------------------
# EngineScript Variables
source /usr/local/bin/enginescript/enginescript-variables.txt || { echo "Error: Failed to source /usr/local/bin/enginescript/enginescript-variables.txt" >&2; exit 1; }
source /home/EngineScript/enginescript-install-options.txt || { echo "Error: Failed to source /home/EngineScript/enginescript-install-options.txt" >&2; exit 1; }
# Source shared functions library
source /usr/local/bin/enginescript/scripts/functions/shared/enginescript-common.sh || { echo "Error: Failed to source /usr/local/bin/enginescript/scripts/functions/shared/enginescript-common.sh" >&2; exit 1; }
#----------------------------------------------------------------------------------
# Start Main Script
#----------------------------------------------------------------------------
# Forked from https://github.com/A5hleyRich/simple-automated-tasks
# Include config
source /home/EngineScript/sites-list/sites.sh
source /home/EngineScript/enginescript-install-options.txt || { echo "Error: Failed to source /home/EngineScript/enginescript-install-options.txt" >&2; exit 1; }
# Store sites with errors
ERRORS=""
for i in "${SITES[@]}"
do
cd "/var/www/sites/$i/html"
# Verify checksums
cd "/var/www/sites/$i/html/wp-content/uploads"
numFiles=$(find . -name '*.php' \
! -path './sucuri/*' \
! -path './wp-migrate-db/*' \
| wc -l)
if [[ "$numFiles" -gt 0 ]]; then
ERRORS="$ERRORS $i"
fi
cd "/var/www/sites/$i/html"
done
# Trim leading space if ERRORS is not empty
ERRORS="${ERRORS##*( )}"
if [[ -n "$ERRORS" ]]; then
# Use multiple -d options for clarity and proper quoting
curl -u "$PUSHBULLET_TOKEN": https://api.pushbullet.com/v2/pushes \
-d type=note \
-d "title=Server: $IP_ADDRESS" \
-d "body=Found PHP in the uploads directory for the following sites: $ERRORS"
fi