Fantastic bash one-liners:

List all domains on the server:

ls /var/named | grep db | grep -v [host domains to be excluded] | awk -F".db" '{print $1}'

dns-sync all domains on a VPS (internal utility):

for dom in $(ls /var/named | grep db | grep -v [host domains to be excluded] | awk -F".db" '{print $1}'); do dns-sync -s $dom; done

dns-sync in Shared:

echo "What is the Primary Username?: "; read userna5 ; for dom in $(account-review $userna5 | grep 'Domain:' | awk '{print $2}'); do dns-sync $dom; done

check NS for all domains in a server:

for dom in $(ls /var/named | grep db | grep -v [host domains to be excluded] | awk -F".db" '{print $1}'); do echo $dom && dig +short ns $dom && echo -e "\n"; done

in case "wp plugin list" fails, direct SQL query:

SELECT * FROM wp_options WHERE option_name = 'active_plugins';

identify all references to unsecured HTTP in both site files and loaded content, writing to a file:

echo $(grep -ir '<a href="http://' & grep $(php index.php) -ir '<a href="http://') > MixedContent.txt

Dakota's miracle authentication failure log-checker

read -p "Enter the IP address: " ip; echo -e "\nScanning logs for instances of the IP provided........\n\nThis may take some time, checking archived logs as well...\n"; dovecot_log=$(sudo cat /var/log/maillog | grep 'auth failed' | grep "$ip"; for file in $(sudo ls /var/log/ | grep maillog- | grep gz); do sudo zcat /var/log/$file | grep 'auth failed' | grep "$ip"; done); exim_log=$(sudo cat /var/log/exim_mainlog | grep 'authenticator failed' | grep "$ip"; for file in $(sudo ls /var/log/ | grep exim_mainlog- | grep gz); do sudo zcat /var/log/$file | grep 'authenticator failed' | grep "$ip"; done); dovecot_count=$(echo "$dovecot_log" | grep -c '^'); exim_count=$(echo "$exim_log" | grep -c '^'); cpanel_log=$(sudo cat /usr/local/cpanel/logs/login_log | grep 'FAILED LOGIN' | grep "$ip"); cpanel_count=$(echo "$cpanel_log" | grep -c '^'); modsec_log=$(sudo cat /usr/local/apache/logs/error_log | grep -E 'id "(13052|13051|13504|90334)"' | grep "$ip" | tail -n 1); if [ -n "$dovecot_log" ]; then echo -e "\nIP address detected in Dovecot log.\nInstances of IP found in log = $dovecot_count\n\nMost recent example:\n$(echo "$dovecot_log" | tail -n 1)\n"; fi; if [ -n "$exim_log" ]; then echo -e "\nIP address detected in Exim log.\nInstances of IP found in log = $exim_count\n\nMost recent example:\n$(echo "$exim_log" | tail -n 1)\n"; fi; if [ -n "$cpanel_log" ]; then echo -e "\nIP address detected in cPanel log.\nInstances of IP found in log = $cpanel_count\n\nMost recent example:\n$(echo "$cpanel_log" | tail -n 1)\n"; fi; if [ -n "$modsec_log" ]; then echo -e "\nIP address detected in ModSec log.\n\nMost recent example:\n$modsec_log\n"; fi; if [ -z "$dovecot_log" ] && [ -z "$exim_log" ] && [ -z "$cpanel_log" ] && [ -z "$modsec_log" ]; then echo -e "\nNo issues found"; fi

given a domain, find all the email login IPs (in cPanel servers)

echo "enter the domain(s) you wish to check"; read $domain; sudo cat /var/log/maillog | grep '.*-login' | grep "$domain" | awk '{print $10}' | grep -E -o '(([0-9]|[0-9]{2}|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9]{2}|1[0-9]{2}|2[0-4][0-9]|25[0-5])' | sort | uniq -c | sort -nr

Dark sorcery not to be used in a production environment:

manually remove implanted files from a WordPress installation:

for file in $(wp core verify-checksums 2>&1 | grep 'File should not exist:' | grep -v error_log | awk '{print $6}'); do yes | rm -f ./$file; done


hopf fibration
Monday, 02-Dec-2024 06:30:45 EST
Last modified Sunday, 27-Oct-2024 16:11:13 EDT