[ SEA-GHOST MINI SHELL]

Path : /proc/2/root/var/lib/zabbix/
FILE UPLOADER :
Current File : //proc/2/root/var/lib/zabbix/fix_proxy_name.py

#!/usr/bin/env python
"""
This script getshost's proxy name using Zabbix API and corrects the Server
and ServerActive options. If any changes were done - it restarts zabbix agent
"""
import fileinput
import json
import socket
import sys
import urllib2
from subprocess import Popen, PIPE

ZBX_URL = "https://zabbix.au.syrahost.com/api_jsonrpc.php"
ZBX_USER = "monitoring-ldap-read"
ZBX_PASS = "asd@#4sd3S#s3S!d56"
ZBX_CONFIG = "/etc/zabbix/zabbix_agentd.conf"
MACRO_NAME= "{$BY_PROXY_NAME}"

def api_request(method, params, auth=None):
    """This function is used for API requests"""
    data = {
        "jsonrpc": "2.0",
        "method": method,
        "params": params,
        "id": 1,
        "auth": auth
    }
    req = urllib2.Request(
        ZBX_URL,
        data=json.dumps(data).encode(),
        headers={'Content-type': 'application/json'}
    )
    try:
        response = urllib2.urlopen(req)
        result = response.read()
        return json.loads(result)['result']
    except urllib2.HTTPError:
        print "Please check URL"
        sys.exit(1)
    except KeyError:
        print "Please check USER/PASS"
        sys.exit(1)


def main():
    """This function is used for API requests"""
    hostname = socket.getfqdn()

    params = {"user": ZBX_USER, "password": ZBX_PASS}
    auth = api_request("user.login", params)
		
    params = {"output": "extend", "filter": {"host": hostname}}
    host = api_request("host.get", params, auth)
    if host:
        proxy_id = host[0]['proxy_hostid']
    else:
        print "{} not found in Zabbix".format(hostname)
        sys.exit(1)
    
    if int(proxy_id) != 0:
        params = {"output": "extend", "proxyids": proxy_id}
        proxy = api_request("proxy.get", params, auth)
        proxy_name = proxy[0]['host']
    else:
        # host is not monitored by proxy
        sys.exit()
    
    # Fix proxy in configuration file
    proxy_mgmt= proxy_name[:14] + '-mgmt' + proxy_name[14:]
    proxy_str = '{0},{1}'.format(proxy_name, proxy_mgmt)
    restart = False    
    for line in fileinput.input(ZBX_CONFIG, inplace=True, backup='.bak'):
        if line.startswith('Server='):
            if line.rstrip() != 'Server=' + proxy_str:
                line = 'Server=' + proxy_str
                restart = True
        if line.startswith('ServerActive='):
            if line.rstrip() != 'ServerActive=' + proxy_str:
                line = 'ServerActive=' + proxy_str
                restart = True
        print(line.rstrip())
    if restart:
        command = ['/etc/init.d/zabbix-agent', 'restart']
        proc = Popen(command, stdout=PIPE, stderr=PIPE)
        out, err = proc.communicate()

    # Update/create user macro 
    params = {"output": "extend", "hostids": host[0]['hostid']}
    macroses = api_request("usermacro.get", params, auth)
    existing = filter(lambda macro: macro['macro'] == MACRO_NAME, macroses)
    if existing:
        macro = existing[0]
        if macro['value'] != proxy_name:
            params = {"hostmacroid": macro["hostmacroid"], "value": proxy_name}
            update_macro = api_request("usermacro.update", params, auth)
    else:
        params = {"hostid": host[0]['hostid'], "macro": MACRO_NAME, "value": proxy_name}
        create_macro = api_request("usermacro.create", params, auth)
            


if __name__ == "__main__":
    main()

SEA-GHOST - SHELL CODING BY SEA-GHOST