使用shell脚本监控用户登陆服务器并发送提示信息给微信
发布时间:2020-12-15 23:18:18 所属栏目:安全 来源:网络整理
导读:1.需要在/etc/ssh/目录下面创建一个名为sshrc的文件,执行权限可给可不给,那么在有人通过ssh远程登录这台服务器的时候,这段脚本就会被执行 #!/bin/ bash ###V1 - 2018 - 10 - 24 ###CropID = ‘ xxxxxxxxxx ‘ Secret = ‘ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
1.需要在/etc/ssh/目录下面创建一个名为sshrc的文件,执行权限可给可不给,那么在有人通过ssh远程登录这台服务器的时候,这段脚本就会被执行 #!/bin/bash ###V1-2018-10-24### CropID=‘xxxxxxxxxx‘ Secret=‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx‘ GURL="https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=$CropID&corpsecret=$Secret" #Gtoken=$(/usr/bin/curl $GURL -H "DNT: 1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: zh-CN,zh;q=0.8" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/42.0.2311.135 BIDUBrowser/8.1 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8" -H "X-DevTools-Emulate-Network-Conditions-Client-Id: B546FC80-414C-403F-95F0-EB0F70E58EF7" -H "Connection: keep-alive" -H "Cache-Control: max-age=0" --compressed | awk -F " ‘{print $4}‘) Gtoken=$(/usr/bin/curl -s -G $GURL | awk -F" ‘{print $10}‘) PURL="https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=$Gtoken" function body() { local int appId=1000002 #local userId=$1 local userId="LinYouYi" local partyId=2 local msg=‘有用户上线请注意:n主机名:‘`hostname`‘n主机ip:‘`curl ifconfig.me`‘n登录用户:‘`whoami`‘n登录时间:‘`date` printf ‘{n‘ printf ‘t"touser":"‘"$userId""",n" printf ‘t"toparty":"‘"$partyId""",n" printf ‘t"msgtype": "text",‘"n" printf ‘t"agentid":"‘"$appId""",n" printf ‘t"text":{n‘ printf ‘tt"content":"‘"$msg"" printf ‘nt},n‘ printf ‘t"safe":"0"n‘ printf ‘}n‘ } #/usr/bin/curl --data-ascii "$(body $1)" $PURL /usr/bin/curl --data-ascii "$(body)" $PURL (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |