Skip to content

Instantly share code, notes, and snippets.

@ahhh

ahhh/hostcheck.sh

Created May 26, 2015 02:25
Show Gist options
  • Save ahhh/0efe95f4a338200eb490 to your computer and use it in GitHub Desktop.
Save ahhh/0efe95f4a338200eb490 to your computer and use it in GitHub Desktop.
Download ZIP
Linux based info gather script
Raw
hostcheck.sh
#/bin/sh
#Sys Info
echo "----------SYSINFO CHECK----------" > hostcheck.txt
echo "uname -a" >> hostcheck.txt
uname -a >> hostcheck.txt
echo "cat /etc/issue" >> hostcheck.txt
cat /etc/issue >> hostcheck.txt
echo "cat /etc/*-release" >> hostcheck.txt
cat /etc/*-release >> hostcheck.txt
echo "env" >> hostcheck.txt
env >> hostcheck.txt
echo "set" >> hostcheck.txt
set >> hostcheck.txt
# Sticky bit - Only the owner of the directory or the owner of a file can delete or rename here
echo "find / -perm -1000 -type d 2>/dev/null" >> hostcheck.txt
find / -perm -1000 -type d 2>/dev/null >> hostcheck.txt
# SGID (chmod 2000) - run as the group, not the user who started it.
echo "find / -perm -g=s -type f 2>/dev/null" >> hostcheck.txt
find / -perm -g=s -type f 2>/dev/null >> hostcheck.txt
# SUID (chmod 4000) - run as the owner, not the user who started it.
echo "find / -perm -u=s -type f 2>/dev/null" >> hostcheck.txt
find / -perm -u=s -type f 2>/dev/null >> hostcheck.txt
# world-writeable files
echo "find / -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print" >> hostcheck.txt
find / -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print >> hostcheck.txt
# Noowner files
echo "find /dir -xdev \( -nouser -o -nogroup \) -print" >> hostcheck.txt
find /dir -xdev \( -nouser -o -nogroup \) -print >> hostcheck.txt
#Processes
echo "----------PROCESS CHECK----------" >> hostcheck.txt
echo "ps aux" >> hostcheck.txt
ps aux >> hostcheck.txt
echo "service --status-all " >> hostcheck.txt
service --status-all >> hostcheck.txt
echo "ls -alh /etc/apache" >> hostcheck.txt
ls -alh /etc/apache >> hostcheck.txt
echo "ls -alh /usr/sbin/httpd" >> hostcheck.txt
ls -alh /usr/sbin/httpd >> hostcheck.txt
#File Sys
echo "----------FILE SYS CHECK----------" >> hostcheck.txt
echo "ls -alh /etc/fstab" >> hostcheck.txt
ls -alh /etc/fstab >> hostcheck.txt
echo "cat /etc/fstab" >> hostcheck.txt
cat /etc/fstab >> hostcheck.txt
echo "mount" >> hostcheck.txt
mount >> hostcheck.txt
echo "df -h " >> hostcheck.txt
df -h >> hostcheck.txt
#Startup Processes
echo "----------STARTUP PROCESS CHECK----------" >> hostcheck.txt
echo "ls –lah /etc/rc.d/rc3.d/S*" >> hostcheck.txt
ls –lah /etc/rc.d/rc3.d/S* >> hostcheck.txt
echo "chkconfig –list" >> hostcheck.txt
chkconfig –list >> hostcheck.txt
echo "crontab -l" >> hostcheck.txt
crontab -l >> hostcheck.txt
echo "ls -lah /etc/cron*" >> hostcheck.txt
ls -lah /etc/cron* >> hostcheck.txt
#Network connections
echo "----------NETWORK CONNECTION CHECK----------" >> hostcheck.txt
echo "ipstat -a >> hostcheck.txt" >> hostcheck.txt
ipstat -a >> hostcheck.txt
echo "netstat -lnptu" >> hostcheck.txt
netstat -lnptu >> hostcheck.txt
echo "lsof -i " >> hostcheck.txt
lsof -i >> hostcheck.txt
echo "iptables -l" >> hostcheck.txt
iptables -l >> hostcheck.txt
echo "hostname" >> hostcheck.txt
hostname >> hostcheck.txt
echo "dnsdomainname" >> hostcheck.txt
dnsdomainname >> hostcheck.txt
echo "arp -e" >> hostcheck.txt
arp -e >> hostcheck.txt
echo "route" >> hostcheck.txt
route >> hostcheck.txt
echo "ls -lah /etc/network/interfaces" >> hostcheck.txt
ls -lah /etc/network/interfaces >> hostcheck.txt
echo "cat /etc/network/interfaces" >> hostcheck.txt
cat /etc/network/interfaces >> hostcheck.txt
echo "ls -alh /etc/resolv.conf" >> hostcheck.txt
ls -alh /etc/resolv.conf >> hostcheck.txt
echo "cat /etc/resolv.conf" >> hostcheck.txt
cat /etc/resolv.conf >> hostcheck.txt
echo "ls -alh /etc/hosts.allow" >> hostcheck.txt
ls -alh /etc/hosts.allow >> hostcheck.txt
echo "cat /etc/hosts.allow" >> hostcheck.txt
cat /etc/hosts.allow >> hostcheck.txt
echo "ls -alh /etc/hosts.deny" >> hostcheck.txt
ls -alh /etc/hosts.deny >> hostcheck.txt
echo "cat /etc/hosts.deny" >> hostcheck.txt
cat /etc/hosts.deny >> hostcheck.txt
#Users
echo "-----------USER INFO CHECK----------" >> hostcheck.txt
echo "ls -alh /etc/passwd" >> hostcheck.txt
ls -alh /etc/passwd >> hostcheck.txt
echo "cat /etc/passwd" >> hostcheck.txt
cat /etc/passwd >> hostcheck.txt
echo "ls -alh /etc/shadow" >> hostcheck.txt
ls -alh /etc/shadow >> hostcheck.txt
echo "cat /etc/shadow" >> hostcheck.txt
cat /etc/shadow >> hostcheck.txt
echo "ls -lah /etc/group" >> hostcheck.txt
ls -lah /etc/group >> hostcheck.txt
echo "cat /etc/group" >> hostcheck.txt
cat /etc/group >> hostcheck.txt
echo "ls -lah /etc/sudoers" >> hostcheck.txt
ls -lah /etc/sudoers >> hostcheck.txt
echo "cat /etc/sudoers" >> hostcheck.txt
cat /etc/sudoers >> hostcheck.txt
echo "ls -lah /etc/shells" >> hostcheck.txt
ls -lah /etc/shells >> hostcheck.txt
echo "cat /etc/shells" >> hostcheck.txt
cat /etc/shells >> hostcheck.txt
echo "last" >> hostcheck.txt
last >> hostcheck.txt
echo "ls -ahlR /root/ " >> hostcheck.txt
ls -ahlR /root/ >> hostcheck.txt
echo "ls -ahlR /home/" >> hostcheck.txt
ls -ahlR /home/ >> hostcheck.txt
#Logging
echo "----------LOG CHECK----------" >> hostcheck.txt
echo "ls -alh /etc/syslog.conf" >> hostcheck.txt
ls -alh /etc/syslog.conf >> hostcheck.txt
echo "cat /etc/syslog.conf" >> hostcheck.txt
cat /etc/syslog.conf >> hostcheck.txt
echo "ls -alh /var/log" >> hostcheck.txt
ls -alh /var/log >> hostcheck.txt
#Enjoy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment