Last active
December 14, 2015 03:19
-
-
Save mariusv/5020408 to your computer and use it in GitHub Desktop.
Check if your server was compromised with the rootkit which leaves a backdoor on the system and gains the full root access to Linux-based servers.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| lib64=/lib64/libkeyutils.so.1.9 | |
| lib64_1=/lib64/libkeyutils-1.2.so.2 | |
| if [ -f $lib64 ]; then | |
| echo The server is compromised, $lib64 found please open a ticket so we can help you to fix it!! | |
| exit 0 | |
| fi | |
| if [ -f $lib64_1 ]; then | |
| echo The server is compromised, $lib64_1 found please open a ticket so we can help you to fix it!! | |
| exit 0 | |
| fi | |
| echo "Cannot find compromised library your server is safe" | |
| exit 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment