Fantastic bash one-liners:
List all domains on the server:
ls /var/named | grep db | grep -v [host domains to be excluded] | awk -F".db" '{print $1}'
dns-sync all domains on a VPS (internal utility):
for dom in $(ls /var/named | grep db | grep -v [host domains to be excluded] | awk -F".db" '{print $1}'); do dns-sync -s $dom; done
echo "What is the Primary Username?: "; read userna5 ; for dom in $(account-review $userna5 | grep 'Domain:' | awk '{print $2}'); do dns-sync $dom; done
check NS for all domains in a server:
for dom in $(ls /var/named | grep db | grep -v [host domains to be excluded] | awk -F".db" '{print $1}'); do echo $dom && dig +short ns $dom && echo -e "\n"; done
in case "wp plugin list" fails, direct SQL query:
SELECT * FROM wp_options WHERE option_name = 'active_plugins';
identify all references to unsecured HTTP in both site files and loaded content, writing to a file:
echo $(grep -ir '<a href="http://' & grep $(php index.php) -ir '<a href="http://') > MixedContent.txt
Dakota's miracle authentication failure log-checker
read -p "Enter the IP address: " ip; echo -e "\nScanning logs for instances of the IP provided........\n\nThis may take some time, checking archived logs as well...\n"; dovecot_log=$(sudo cat /var/log/maillog | grep 'auth failed' | grep "$ip"; for file in $(sudo ls /var/log/ | grep maillog- | grep gz); do sudo zcat /var/log/$file | grep 'auth failed' | grep "$ip"; done); exim_log=$(sudo cat /var/log/exim_mainlog | grep 'authenticator failed' | grep "$ip"; for file in $(sudo ls /var/log/ | grep exim_mainlog- | grep gz); do sudo zcat /var/log/$file | grep 'authenticator failed' | grep "$ip"; done); dovecot_count=$(echo "$dovecot_log" | grep -c '^'); exim_count=$(echo "$exim_log" | grep -c '^'); cpanel_log=$(sudo cat /usr/local/cpanel/logs/login_log | grep 'FAILED LOGIN' | grep "$ip"); cpanel_count=$(echo "$cpanel_log" | grep -c '^'); modsec_log=$(sudo cat /usr/local/apache/logs/error_log | grep -E 'id "(13052|13051|13504|90334)"' | grep "$ip" | tail -n 1); if [ -n "$dovecot_log" ]; then echo -e "\nIP address detected in Dovecot log.\nInstances of IP found in log = $dovecot_count\n\nMost recent example:\n$(echo "$dovecot_log" | tail -n 1)\n"; fi; if [ -n "$exim_log" ]; then echo -e "\nIP address detected in Exim log.\nInstances of IP found in log = $exim_count\n\nMost recent example:\n$(echo "$exim_log" | tail -n 1)\n"; fi; if [ -n "$cpanel_log" ]; then echo -e "\nIP address detected in cPanel log.\nInstances of IP found in log = $cpanel_count\n\nMost recent example:\n$(echo "$cpanel_log" | tail -n 1)\n"; fi; if [ -n "$modsec_log" ]; then echo -e "\nIP address detected in ModSec log.\n\nMost recent example:\n$modsec_log\n"; fi; if [ -z "$dovecot_log" ] && [ -z "$exim_log" ] && [ -z "$cpanel_log" ] && [ -z "$modsec_log" ]; then echo -e "\nNo issues found"; fi
Friday, 04-Oct-2024 08:28:30 EDT