S17.shell脚本每日一练
shell 脚本 每日
2023-09-14 09:15:22 时间
33.每隔10秒钟到系统上获取已经登录的用户信息;如果发现用户admin登录,则发邮件
[root@rocky8 ~]# useradd admin; echo 123456 |passwd --stdin admin
Changing password for user admin.
passwd: all authentication tokens updated successfully.
[root@rocky8 bin]# vim until_hacker.sh
#!/bin/bash
#
#**********************************************************************************************
#Author: Raymond
#QQ: 88563128
#Date: 2021-10-10
#FileName: until_hacker.sh
#URL: raymond.blog.csdn.net
#Description: The test script
#Copyright (C): 2021 All rights reserved
#*********************************************************************************************
until who |grep -q "^admin\>" ;do
sleep 10
done
echo hacker login at `date +"%F %T"` |mail -s warning 88563128@qq.com
[root@rocky8 bin]# bash until_hacker.sh
[root@centos7 ~]# ssh admin@172.31.1.8
admin@172.31.1.8's password:
Last login: Sun Oct 10 16:29:37 2021 from 172.31.0.7
[admin@rocky8 ~]$
#登录就发邮件
[root@rocky8 bin]# vim until_hacker2.sh
#!/bin/bash
#
#**********************************************************************************************
#Author: Raymond
#QQ: 88563128
#Date: 2021-10-10
#FileName: until_hacker2.sh
#URL: raymond.blog.csdn.net
#Description: The test script
#Copyright (C): 2021 All rights reserved
#*********************************************************************************************
until false ;do
who |grep -q "^admin\>" && echo hacker login at `date +"%F %T"` |mail -s warning 88563128@qq.com
sleep 10
done
[root@rocky8 bin]# bash until_hacker2.sh
[root@centos7 ~]# ssh admin@172.31.1.8
admin@172.31.1.8's password:
Last login: Sun Oct 10 16:33:05 2021 from 172.31.0.7
[admin@rocky8 ~]$
[admin@rocky8 ~]$ exit
logout
Connection to 172.31.1.8 closed.
#只要发现登录就一直发邮件
34.每隔3秒钟到系统上获取已经登录的用户信息;如果发现用户hacker登录,则将登录时间和主机记录于日志/var/log/login.log中,并退出脚本
[root@rocky8 bin]# vim until_hacker3.sh
#!/bin/bash
#
#*********************************************************************************************
#Author: Raymond
#QQ: 88563128
#Date: 2021-10-10
#FileName: until_hacker3.sh
#URL: raymond.blog.csdn.net
#Description: The test script
#Copyright (C): 2021 All rights reserved
#*********************************************************************************************
until false;do
if who |grep "^hacker\>"&>/dev/null;then
who|grep "^hacker\>">/var/log/login.log
break
fi
sleep 3
done
[root@rocky8 ~]# useradd hacker
[root@rocky8 ~]# echo 123456 |passwd --stdin hacker
Changing password for user hacker.
passwd: all authentication tokens updated successfully.
[root@centos7 ~]# ssh hacker@10.0.0.8
The authenticity of host '10.0.0.8 (10.0.0.8)' can't be established.
ECDSA key fingerprint is SHA256:fUCdE0Lsxgab+roZ/EFe+btNS2VNOZYabFbNk7JfS98.
ECDSA key fingerprint is MD5:49:ed:65:c6:e9:74:3a:a3:1b:8f:0f:e5:57:8d:87:26.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.8' (ECDSA) to the list of known hosts.
hacker@10.0.0.8's password:
[hacker@rocky8 ~]$
[root@rocky8 ~]# cat /var/log/login.log
hacker pts/2 2021-10-10 20:11 (10.0.0.7)
相关文章
- linux shell 脚本攻略学习7---tr命令详解
- linux shell 脚本攻略学习5---find命令详解
- Linux Shell脚本自动化编程实战- shell内置命令 break、continue
- linux shell 脚本攻略学习16--wc命令详解,tree命令详解
- Shell脚本了解
- Shell脚本中$0、$?、$!、$$、$*、$#、$@等的意义
- Linux Shell脚本自动化编程实战-shell变量(一)
- linux的shell脚本运行python程序
- 21.第六章 Shell脚本编程基础入门-- shell 脚本语言的基本用法(四)
- shell编程===执行shell脚本的四种方法
- shell脚本58问
- shell命令执行hive脚本的方式
- shell脚本踩坑之换行符
- 让shell脚本变成可执行文件
- S32.shell脚本每日一练
- S25.shell脚本每日一练
- S15.shell脚本每日一练
- S10.shell脚本每日一练
- shell脚本if流程控制详解