[ SEA-GHOST MINI SHELL]

Path : /proc/2/root/proc/3/task/3/cwd/bin/
FILE UPLOADER :
Current File : //proc/2/root/proc/3/task/3/cwd/bin/dovecot-sysreport

#!/usr/bin/env bash

set -eu

dest="dovecot-sysreport-$(uname -n)-$(date +'%s').tar.gz"
conf_flag=""
binary=""
core=""
copy_files=""
keep_temp=0

PARAMS=""
SRTEMP="`mktemp -d`"

if test "x$SRTEMP" = x; then
  echo "Could not create temp directory"
  exit 1
fi

while (( "$#" )); do
  case "$1" in
    -d|--destination)

      if [ "$#" -lt "2" ] ; then
        echo "Usage: $0 $1 <destination.tar.gz>"
        exit 1
      fi
      dest=$2
      shift 2
      ;;

    -c|--config)

      if [ "$#" -lt "2" ] ; then
        echo "Usage: $0 $1 <config_file>"
        exit 1
      fi
      conf_flag="-c $2"
      shift 2
      ;;

    -o|--core)

      gdb=`which gdb`
      if [ "$gdb" = "" ]; then
        echo "gdb not found"
        exit 1
      fi

      if [[ "$#" -lt 2 ]] ; then
        echo "Usage: $0 $1 [<binary>] <core> [...]"
        exit 1
      fi

      while [[ "$#" -ge 2 ]]; do
        # see if binary parameter is specified
        binary=$2
        if ! [ -r "$binary" ]; then
          echo "$binary not readable"
          exit 1
        fi
        binary_info=$(file "$binary")
        if echo "$binary_info" | grep "core file.*execfn: '" >/dev/null; then
          # no binary specified - detect it
          binary=$(echo "$binary_info" | sed "s;^.*execfn: '\([^\']\+\)'.*$;\1;")
          if ! [ -r "$binary" ]; then
            echo "Detected binary path '$binary' from core file, but it is not readable"
            exit 1
          fi
          echo "Core file was detected to be generated by $binary"
        else
          shift
        fi

        core=$2
        shift
        if ! [ -s "$core" ]; then
          echo "$core not found or it is empty"
          exit 1
        fi

        echo "gathering core file dependencies..."
        core_files=$((echo "info shared"; sleep 1) | $gdb $binary $core | grep '^0x.*/' | sed 's,^[^/]*,,')
        copy_files="$copy_files $binary $core_files"
        cp $core $SRTEMP
      done
      shift
      ;;

    -k|--keeptemp)

      keep_temp=1
      shift
      ;;

    -h|--help)

      echo -e "dovecot-sysreport \t[-h|--help] [-o|--core [binary] core [...]] [-d|--destination dest]
      \t\t\t[-k|--keeptemp] -- utility to gather information from the current
      \t\t\tsystem to be reported for dovecot bug fixes."
      echo ""
      echo -e "where:"
      echo ""
      echo -e "\t-h, --help\t\tShow the contents of this help."
      echo -e "\t-d, --destination\tThe file location which the report archive should be put to.
      \t\t\t\tThe default value is dovecot-sysreport-<hostname>-<current_timestamp>.tar.gz"
      echo -e "\t-c, --config\t\tSpecify the root configuration file of dovecot."
      echo -e "\t-o, --core\t\tInclude an specific core file along with its dependencies."
      echo -e "\t-k, --keeptemp\t\tDo not remove temp files at the end."
      exit 0
      ;;

    --)

      shift
      break
      ;;

    -*|--*=)

      echo "Error: Unsupported flag $1" >&2
      exit 1
      ;;

    *)

      PARAMS="$PARAMS $1"
      shift
      ;;

  esac
done

eval set -- "$PARAMS"

mkdir $SRTEMP/conf

doveconf $conf_flag -n > $SRTEMP/conf/dovecot.conf

unwrap_and_hide_pass () {
  files=`grep -zPo 'dict\s*{[^}]*}' $1 | grep -zPo '.*=.*:\K(.*)' | tr '\0' '\n'`
  files="$files `grep -zPo 'args\s*=\s*\K(.*)' $1 | tr '\0' '\n'`"
  for cf in $files; do
    if [ -r "$cf" ]; then
      if [[ ! -z `grep -vhIE '^([^:]*:){6}[^:]*$' $cf` ]]; then
        unwrap_and_hide_pass $cf
        mkdir -p $SRTEMP/conf"$(dirname "$cf")"
        if [[ -x "$(command -v python)" ]]; then
          python <<HEREDOC
import re
conf =  open('$cf', 'r').read()
hidden = re.sub('(?<!no)((?:password|key|nonce|dnpass)\s*=\s*).*?(?=$|\s)', '\g<1>#hidden', conf)
f = open('$SRTEMP/conf$cf', "w")
f.write(hidden)
f.close()
HEREDOC
        elif [[ -x "$(command -v perl)" ]]; then
          perl -pe 's/(?<!no)((?:password|key|nonce|dnpass)\s*=\s*).*?(?=$|\s)/\1#hidden/g' \
            $cf > $SRTEMP/conf$cf
        else
          echo "perl or python is required to hide your passwords in dovecot's"
          echo "configuration files. Either install at least one of them or"
          echo "continue at your own peril. Do you want to continue (N/y)? "
          read permit
          if [ "$permit" != "Y" ] && [ "$permit" != "y" ]; then
            exit 1
          fi
          cat $cf > $SRTEMP/conf$cf
        fi
      fi
    fi
  done
}

echo "Gathering configurations ..."
unwrap_and_hide_pass $SRTEMP/conf/dovecot.conf

echo "Gathering system informations ..."
doveadm $conf_flag log errors > $SRTEMP/log_errors || :
(printf "# Start: "; date) >$SRTEMP/ps_output
ps auxwww | grep '[d]ovecot' >> $SRTEMP/ps_output
(printf "# End: "; date) >>$SRTEMP/ps_output
doveadm $conf_flag service status > $SRTEMP/service_status || :
doveadm $conf_flag process status > $SRTEMP/process_status || :
uptime > $SRTEMP/uptime_output
doveadm $conf_flag stats dump > $SRTEMP/stats_dump || :
sleep 3
echo -e "\n\n###################### AFTER 3 SECONDS ######################\n\n" | \
  tee -a $SRTEMP/ps_output $SRTEMP/service_status $SRTEMP/process_status \
  $SRTEMP/uptime_output $SRTEMP/stats_dump > /dev/null
(printf "# Start: "; date) >>$SRTEMP/ps_output
ps auxwww | grep '[d]ovecot' >> $SRTEMP/ps_output
(printf "# End: "; date) >>$SRTEMP/ps_output
doveadm $conf_flag service status >> $SRTEMP/service_status || :
doveadm $conf_flag process status >> $SRTEMP/process_status || :
uptime >> $SRTEMP/uptime_output
doveadm $conf_flag stats dump >> $SRTEMP/stats_dump || :

cf=`pwd`
cd $SRTEMP
echo "Creating archive ..."
tar -czf `if [[ "$dest" = /* ]]; then echo $dest; else echo $cf/$dest; fi` --dereference \
  $copy_files *

function cleanup {
  if [ $keep_temp = 0 ]; then
    echo "Removing temp files at $SRTEMP ..."
    rm -rf $SRTEMP
  else
    echo "Temp files remains untouched at $SRTEMP ..."
  fi
}

trap cleanup EXIT

echo "All done! Please report file $dest"

SEA-GHOST - SHELL CODING BY SEA-GHOST