[ SEA-GHOST MINI SHELL]

Path : /proc/2/root/proc/3/cwd/var/lib/zabbix/
FILE UPLOADER :
Current File : //proc/2/root/proc/3/cwd/var/lib/zabbix/daily_reports.py

#!/usr/bin/python
import json
import sys
import time
import csv
import smtplib
import mimetypes
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.mime.base import MIMEBase
from email import encoders
from datetime import datetime
from datetime import date
from pyzabbix.api import ZabbixAPI


ZURL = sys.argv[1]
ZUSER = sys.argv[2]
ZPASS = sys.argv[3]
TGNAME = sys.argv[4]
MAILTO = sys.argv[5]

dt = date.today()
dt_timestamp = time.mktime(dt.timetuple())

with open(TGNAME + '_report.csv', mode='w') as csv_file:
    employee_writer = csv.writer(csv_file, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL)
    employee_writer.writerow(["TriggerID","Start Time","End Time","Duration(s)","Host","Trigger"])

zapi = ZabbixAPI(ZURL, user=ZUSER, password=ZPASS)

subgroups_get = zapi.do_request('hostgroup.get',{'output': 'extend'})

for group in subgroups_get.get("result"):
    groupname = group["name"]
    groupid = group["groupid"]

    if TGNAME in groupname:
        events_raw = zapi.do_request('event.get',{'output': 'extend', 'groupids': groupid, 'time_from': dt_timestamp, 'severities': 4})

        for i in events_raw.get("result"):
            triggerid = i["objectid"]
            eventid = i["eventid"]
            eventname = i["name"]
            start_clock = i["clock"]
            end_r_eventid = i["r_eventid"]

            if int(end_r_eventid) != 0:
                end_events_raw = zapi.do_request('event.get',{'output': 'extend', 'eventids': end_r_eventid})
                res = end_events_raw.get("result")
                k = json.dumps(res, indent=4)
                end_clock = json.loads(k)[0]['clock']
                duration = int(end_clock) - int(start_clock)
                start_clock_dt = datetime.fromtimestamp(int(start_clock))
                end_clock_dt = datetime.fromtimestamp(int(end_clock))

                if int(duration) > 3600:
                    host_get = zapi.do_request('host.get',{'output': 'extend', 'triggerids': triggerid})
                    host_raw = host_get.get("result")
                    host_json = json.dumps(host_raw, indent=4)
                    host_name = json.loads(host_json)[0]['host']
                    with open(TGNAME + '_report.csv', mode='a') as csv_file:
                        employee_writer = csv.writer(csv_file, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL)
                        employee_writer.writerow([triggerid,start_clock_dt,end_clock_dt,duration,host_name,eventname])
#                    print triggerid,start_clock_dt,end_clock_dt,duration,host_name,eventname
if sum(1 for line in open(TGNAME + '_report.csv')) > 1:
    emailfrom = "zabbixmail@dreamscapenetworks.com"
    emailto = MAILTO
    fileToSend = TGNAME + "_report.csv"
    username = "zabbixmail@dreamscapenetworks.com"
    password = "qk5%vt}h<}P34sNN"

    msg = MIMEMultipart()
    msg["From"] = emailfrom
    msg["To"] = emailto
    msg["Subject"] = TGNAME + "| Daily trigger report"
    body = 'This is daily stats of triggers with high severity which did not resolve more than 1 hour. In case of any questions look at problems page directly  https://zabbix.au.ds.network/zabbix.php?action=problem.view or ask your questions to someone of the Monitoring team'
    msg.attach(MIMEText(body,'plain'))
    msg.preamble = TGNAME

    ctype, encoding = mimetypes.guess_type(fileToSend)
    if ctype is None or encoding is not None:
        ctype = "application/octet-stream"

    maintype, subtype = ctype.split("/", 1)

    if maintype == "text":
        fp = open(fileToSend)
        # Note: we should handle calculating the charset
        attachment = MIMEText(fp.read(), _subtype=subtype)
        fp.close()
    elif maintype == "image":
        fp = open(fileToSend, "rb")
        attachment = MIMEImage(fp.read(), _subtype=subtype)
        fp.close()
    elif maintype == "audio":
        fp = open(fileToSend, "rb")
        attachment = MIMEAudio(fp.read(), _subtype=subtype)
        fp.close()
    else:
        fp = open(fileToSend, "rb")
        attachment = MIMEBase(maintype, subtype)
        attachment.set_payload(fp.read())
        fp.close()
        encoders.encode_base64(attachment)
    attachment.add_header("Content-Disposition", "attachment", filename=fileToSend)
    msg.attach(attachment)

    server = smtplib.SMTP("email.dreamscapenetworks.com:587")
    server.starttls()
    server.login(username,password)
    server.sendmail(emailfrom, emailto.split(','), msg.as_string())
    server.quit()

SEA-GHOST - SHELL CODING BY SEA-GHOST