Linux moon.hostseba.com 4.18.0-553.51.1.lve.el8.x86_64 #1 SMP Tue May 6 15:14:12 UTC 2025 x86_64
LiteSpeed
Server IP : 103.174.152.68 & Your IP : 216.73.216.9
Domains :
Cant Read [ /etc/named.conf ]
User : julaysp1
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
opt /
imunify360 /
venv /
share /
imunify360 /
scripts /
Delete
Unzip
Name
Size
Permission
Date
Action
migrate_csf
[ DIR ]
drwxr-xr-x
2025-09-13 06:27
check-detached.py
1.11
KB
-rwxr-xr-x
2025-07-23 06:47
check_recurrent.py
1.85
KB
-rwxr-xr-x
2025-08-22 12:13
create_default_config
1.23
KB
-rwxr-xr-x
2025-07-23 06:47
csf_tool
2.75
KB
-rwxr--r--
2025-08-22 12:13
delay_on_cron_call.py
1.12
KB
-rwxr-xr-x
2025-08-28 14:27
disable_3rd_party_ids
1.01
KB
-rwxr--r--
2025-08-22 12:13
imunify-disable-cpu-accounting.sh
792
B
-rwxr--r--
2025-07-23 06:47
imunify-doctor.sh
17.1
KB
-rwxr--r--
2025-07-23 06:47
imunify-force-update.sh
3.16
KB
-rwxr--r--
2025-07-23 06:47
lfd_block.py
2.96
KB
-rwxr--r--
2025-08-22 12:13
mk_apache_conf_digest.pl
3.54
KB
-rwxr--r--
2025-08-22 12:13
purge-clamav
535
B
-rwxr-xr-x
2025-07-23 06:47
remove_hardened_php.py
3.92
KB
-rwxr-xr-x
2025-08-22 12:13
rules_checker.py
10.8
KB
-rw-r--r--
2025-08-22 12:13
send-notifications
7.66
KB
-rwsrwx---
2025-07-23 06:47
setup_cagefs.py
3.72
KB
-rwx------
2025-08-28 14:27
track-fpfn-submissions.sh
3.8
KB
-rwxr-xr-x
2025-07-23 06:47
update_components_versions.py
4.46
KB
-rwxr-xr-x
2025-07-23 06:47
whitelist_cache.py
1.46
KB
-rwxr-xr-x
2025-08-22 12:13
Save
Rename
#!/opt/imunify360/venv/bin/python3 -u """BLOCK_REPORT script invoked by Login Failure Daemon (CSF) for a blocked ip. - report the incident to imunify360 - run the replaced user BLOCK_REPORT script (block_report_user) """ import json import logging import os import socket import subprocess import sys from collections import namedtuple import defence360agent.internals.logger BLOCK_REPORT_TIMEOUT = 10 # seconds SOCKET = "/var/run/defence360agent/generic_sensor.sock.2" Event = namedtuple( "Event", ( "ip", "ports", "permanent", "inout", "timeout", "message", "logs", "trigger", ), ) def run_user_script( args, *, logger=None, timeout=None, # see defence360/src/asyncclient/defence360agent/plugins/sensor/lfd.py script=os.path.join(os.path.dirname(__file__), "block_report_user"), ): if os.path.isfile(script): if os.path.realpath(script) == os.path.abspath(__file__): # If for whatever reason script tries to call itself, ignore it logger.error("Not running %s since it is a loop", script) return try: # NOTE: ignore user script errors subprocess.run([script] + args, timeout=timeout) except subprocess.TimeoutExpired: raise TimeoutError("imunify lfd_block user script timeout") def main(logger): if len(sys.argv) != (len(Event._fields) + 1): # logger.warning is to find evidence of call without arguments # in logs (to find a possible automation call mistake) logger.warning( "This script is intended to be used as " "BLOCK_REPORT script for CSF" ) sys.exit(1) e = Event(*sys.argv[1:]) with socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) as sock: sock.settimeout(BLOCK_REPORT_TIMEOUT) try: sock.connect(SOCKET) msg = { "method": "INCIDENT", "attackers_ip": e.ip, "plugin_id": "lfd", "ttl": e.timeout, "rule": e.trigger, "name": e.trigger, "message": e.message, } sock.sendall(json.dumps(msg).encode() + b"\n") except ( ConnectionRefusedError, FileNotFoundError, ): # allow other errors to propagate # agent appears to be turned off or hanged pass # do nothing except socket.timeout: # also do nothing logger.debug("failed to send incident report in time") finally: run_user_script( sys.argv[1:], timeout=BLOCK_REPORT_TIMEOUT, logger=logger ) if __name__ == "__main__": defence360agent.internals.logger.reconfigure() logger = logging.getLogger(sys.argv[0]) try: main(logger) except Exception: # <-- ignore SystemExit # do not left unreported logger.exception("imunify lfd_block script error")