403WebShell

h( )($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms��Sb�,;R''6c2I�!\��kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K��x)1�6@r*2�89ma��&��'ti��{~#��t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1��w�r��l&-t*3�<<�u��#��j&.u��J68\8?"#$%&'()*+,-./0 !
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell403Webshell
Server IP : 10.254.12.21 / Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /opt/eset/RemoteAdministrator/Agent/setup/
Upload File :
[ Back ]
Current File : /opt/eset/RemoteAdministrator/Agent/setup/info_get.command
#!/usr/bin/env bash
# ESET Management Agent
#
# Copyright (c) 2022 ESET, spol. s r.o.

#set -ex

function paths_Linux
{
	echo "BINDIR='/opt/$1/$2/bin'"
	echo "SBINDIR='/opt/$1/$2/sbin'"
	echo "LIBDIR='/opt/$1/$2/lib'"
	echo "MANDIR='/opt/$1/$2/share/man'"
	echo "EETCDIR='/etc/opt/$1/$2'"
	echo "ELIBDIR='/opt/$1/$2/lib'"
	echo "EDOCDIR='/opt/$1/$2/share/doc'"
	echo "EBASEDIR='/var/opt/$1/$2/lib'"
	echo "ECACHEDIR='/var/opt/$1/$2/cache'"
	echo "EDUMPDIR='/var/opt/$1/$2/dumps'"
	echo "LOGROTDDIR='/opt/$1/$2/etc/logrotate.d'"
	echo "INITRCDIR='/opt/$1/$2/etc/init.d'"
	echo "ELOGDIR='/var/log/$2'"
	echo "LOCALEDIR='/opt/$1/$2/locale'"
	echo "ESHAREDIR='/opt/$1/$2/share'"
	echo "ERSRSDIR='/opt/$1/$2/lib/gui'"
	echo "ERAAGENTDIAGNOSTICDIR='/opt/$1/RemoteAdministrator/Agent'"
	echo "ERAPROXYDIAGNOSTICDIR='/opt/$1/RemoteAdministrator/Proxy'"
	echo "ERASERVERDIAGNOSTICDIR='/opt/$1/RemoteAdministrator/Server'"
	echo "ERARDSENSORDIAGNOSTICDIR='/opt/$1/RogueDetectionSensor'"
	echo "ERAMDMDIAGNOSTICDIR='/opt/$1/RemoteAdministrator/MDMCore'"
	echo "ERAVAHDIAGNOSTICDIR='/opt/$1/RemoteAdministrator/VAgentHost'"
}

function paths_Mac
{
	local APPLE_INST_BASE_DIR="/Applications/.$2/Contents"
	local APPLE_INST_APPSUP_DIR="/Library/Application Support/$3/$2"
	echo "BINDIR='$APPLE_INST_BASE_DIR/MacOS'"
	echo "SBINDIR='$APPLE_INST_BASE_DIR/MacOS'"
	echo "LIBDIR='/usr/lib'"
	echo "MANDIR='$APPLE_INST_BASE_DIR/Resources/share/man'"
	echo "EETCDIR='$APPLE_INST_APPSUP_DIR/etc'"
	echo "ELIBDIR='$APPLE_INST_BASE_DIR/MacOS'"
	echo "EDOCDIR='$APPLE_INST_BASE_DIR/Resources/share/doc'"
	echo "EBASEDIR='$APPLE_INST_APPSUP_DIR/modules'"
	echo "ECACHEDIR='$APPLE_INST_APPSUP_DIR/cache'"
	echo "EDUMPDIR='$APPLE_INST_APPSUP_DIR/dumps'"
	echo "LOGROTDDIR='$APPLE_INST_APPSUP_DIR/etc/logrotate.d'"
	echo "INITRCDIR='$APPLE_INST_APPSUP_DIR/etc/init.d'"
	echo "ELOGDIR='$APPLE_INST_APPSUP_DIR/logs'"
	echo "LOCALEDIR='$APPLE_INST_BASE_DIR/..'"
	echo "ESHAREDIR='$APPLE_INST_BASE_DIR/Resources/share'"
	echo "ERSRSDIR='$APPLE_INST_BASE_DIR/Resources'"
	echo "HELPERS='$APPLE_INST_BASE_DIR/Helpers'"
	echo "PLUGINS='$APPLE_INST_BASE_DIR/PlugIns'"
	echo "NSPLUGINS='$APPLE_INST_APPSUP_DIR/PlugIns'"
	echo "CMENU='$APPLE_INST_BASE_DIR/FinderMenu'"
	echo "ERAAGENTDIAGNOSTICDIR='/Applications/ESET Remote Administrator Agent.app/Contents/MacOS'"
}

function paths_Darwin
{
	paths_Mac "$@"
}

function paths_FreeBSD
{
	echo "BINDIR='/usr/local/bin'"
	echo "SBINDIR='/usr/local/sbin'"
	echo "LIBDIR='/usr/local/lib'"
	echo "MANDIR='/usr/local/man'"
	echo "EETCDIR='/usr/local/etc/$2'" 
	echo "ELIBDIR='/usr/local/lib/$2'" 
	echo "EDOCDIR='/usr/local/share/doc/$2'" 
	echo "EBASEDIR='/var/lib/$2'" 
	echo "ECACHEDIR='/var/cache/$2'" 
	echo "EDUMPDIR='/var/dumps/$2'"
	echo "ELOGDIR='/var/log/$2'" 
	echo "LOGROTDDIR='/usr/local/etc/logrotate.d'"
	echo "INITRCDIR='/usr/local/etc/rc.d'"
	echo "LOCALEDIR='/usr/local/share/locale'"
	echo "ESHAREDIR='/usr/local/share/$2'" 
	echo "ERSRSDIR='/usr/local/lib/$2/gui'" 
}

function paths_OpenBSD
{
	echo "BINDIR='/usr/local/bin'"
	echo "SBINDIR='/usr/local/sbin'"
	echo "LIBDIR='/usr/local/lib'"
	echo "MANDIR='/usr/local/man'"
	echo "EETCDIR='/etc/$2'" 
	echo "ELIBDIR='/usr/local/lib/$2'" 
	echo "EDOCDIR='/usr/local/share/doc/$2'" 
	echo "EBASEDIR='/var/lib/$2'" 
	echo "ECACHEDIR='/var/cache/$2'" 
	echo "EDUMPDIR='/var/dumps/$2'"
	echo "ELOGDIR='/var/log/$2'" 
	echo "LOGROTDDIR='/usr/local/etc/logrotate.d'"
	#INITRCDIR=???
	echo "LOCALEDIR='/usr/local/share/locale'"
	echo "ESHAREDIR='/usr/local/share/$2'" 
	echo "ERSRSDIR='/usr/local/lib/$2/gui'" 
}

function paths_NetBSD
{
	echo "BINDIR='/usr/pkg/bin'"
	echo "SBINDIR='/usr/pkg/sbin'"
	echo "LIBDIR='/usr/pkg/lib'"
	echo "MANDIR='/usr/pkg/man'"
	echo "EETCDIR='/usr/pkg/etc/$2'" 
	echo "ELIBDIR='/usr/pkg/lib/$2'" 
	echo "EDOCDIR='/usr/pkg/share/doc/$2'" 
	echo "EBASEDIR='/var/lib/$2'" 
	echo "ECACHEDIR='/var/cache/$2'" 
	echo "EDUMPDIR='/var/dumps/$2'"
	echo "ELOGDIR='/var/log/$2'" 
	echo "LOGROTDDIR='/usr/pkg/etc/logrotate.d'"
	echo "LOCALEDIR='/usr/pkg/share/locale'"
	echo "ESHAREDIR='/usr/pkg/share/$2'" 
	echo "INITRCDIR='/etc/rc.d'"
	echo "ERSRSDIR='/usr/pkg/lib/$2/gui'" 
}

function paths_SunOS
{
	echo "BINDIR='/opt/$2/bin'" 
	echo "SBINDIR='/opt/$2/sbin'" 
	echo "LIBDIR='/opt/$2/lib'" 
	echo "MANDIR='/opt/$2/man'" 
	echo "EETCDIR='/etc/opt/$2'" 
	echo "ELIBDIR='/opt/$2/lib'" 
	echo "EDOCDIR='/opt/$2/share/doc'" 
	echo "EBASEDIR='/var/opt/$2/lib'" 
	echo "ECACHEDIR='/var/opt/$2/cache'" 
	echo "EDUMPDIR='/var/opt/$2/dumps'"
	echo "ELOGDIR='/var/opt/$2/log'" 
#		LOGROTDDIR="/etc/opt/$2/logrotate.d" 
	echo "LOCALEDIR='/opt/$2/locale'" 
	echo "ESHAREDIR='/opt/$2/share'" 
	echo "INITRCDIR='/etc/opt/$2/init.d'" 
	echo "ERSRSDIR='/opt/$2/lib/gui'" 
}
PROVIDER="eset"
PACKAGE="esets"
PROVIDER_TM="ESET"

function paths {
    paths_`uname -s` "$PROVIDER" "$PACKAGE" "$PROVIDER_TM"
}
eval "`paths`"
#!/usr/bin/env bash

# Commands that should be run on customer system to collect required info about system, EAV,... for support purpose only. 
#
# Must be run under root user.
#
# checking user rights
SCP_VER="1.34"
export LC_ALL=C

Args=("$@")
PROVIDER_UPPER="`echo $PROVIDER | tr '[a-z]' '[A-Z]'`"

function call_stat
{
	STAT="`which stat 2>/dev/null`"
	if [ -x "$STAT" ]; then
		$STAT "$1" >> "$2"
	else
		ls -ald "$1" >> "$2"
	fi
}

function reexec_sudo
{
	SUDO="`which sudo 2>/dev/null`"
	if [ -x "$SUDO" ]; then
		exec $SUDO $@
	else
		echo "You must run this script as root!"
		exit 1
	fi
}

function call_tar
{
	SRC=$2
	DST_PREFIX=$1
	( tar -czf ${DST_PREFIX}.tgz $SRC 2>/dev/null && echo ${DST_PREFIX}.tgz ) || ( gtar -czf ${DST_PREFIX}.tgz $SRC 2>/dev/null && echo $DST_PREFIX.tgz ) || ( tar -cf ${DST_PREFIX}.tar $SRC && echo ${DST_PREFIX}.tar ) || echo ""
}

function get_child_pid
{
	COMMAND=$1
	EPPID=$2
	echo  `ps -Ao pid,ppid,comm | grep $COMMAND | awk '{ if ($2 == '$EPPID') {print $1} }'`
}

function call_lsof
{
	EPID=$1
	LSOF="`which lsof 2>/dev/null`"
	if [ -x "$LSOF" ] ; then
		$LSOF -p "$EPID"
	else
		LSOF="/usr/proc/bin/pfiles"
		if [ -x "$LSOF" ] ; then
			$LSOF "$EPID"
		else
			echo "lsof doesn't exists!"
		fi
	fi
}

if [ $UID != 0 ]; then
	echo
	echo "*********************************************************************************************************"
	echo "* $PROVIDER_UPPER support data collector, v$SCP_VER                                                                    *"
	echo "*********************************************************************************************************"
	echo "*"
	echo "* Usage:"
	echo "*     info_get.command                    - collect all logs required by $PROVIDER_TM's Support"
	echo "*     info_get.command --no-productlogs   - collect all logs required by $PROVIDER_TM's Support without"
	echo "*                                           product's logs"
	echo "*"
	echo "* Script execution needs approx. 120sec to collect all required data, please do not interrupt it."
	echo "* NOTE: only user with admin privileges could run this script!"
	echo "*"
	echo "*********************************************************************************************************"

	# collect user id & groups info as current user
	echo "id:" `id` > /tmp/user_info.txt;
	echo "HDIR:" $HOME >> /tmp/user_info.txt;
	echo "SHL:" $SHELL >> /tmp/user_info.txt;
	call_stat $HOME /tmp/user_info.txt

	# re-execute itself under root user
	reexec_sudo "$0" $@
fi

function collect_logs1 {
	echo "Collecting logs1..."
	FNAME="./elog1.txt"
	echo `date` " - print output" > $FNAME
	
	# get mount files
	echo "mount:" >> $FNAME
	mount >> $FNAME
	echo "" >> $FNAME
	echo "df:" >> $FNAME
	df >> $FNAME
	
	if [ -f "/var/run/${PACKAGE}_daemon.pid" ]; then
		EPPID="`cat /var/run/${PACKAGE}_daemon.pid`"
		# get pid of child ${PACKAGE}_daemon process
		EPID="`get_child_pid ${PACKAGE}_daemon $EPPID`"

		if [ "$EPID" != "" ]; then			
			echo "" >> $FNAME
			ps -Aj | grep $PACKAGE >> $FNAME
			echo "" >> $FNAME
			$SBINDIR/${PACKAGE}_daemon --status 2>/dev/null >> $FNAME
			# make it several times
			COUNT=0
			while [ $COUNT -lt 3 ]; do
				echo "" >> $FNAME
				echo `date` " - $COUNT. print open files for process ${PACKAGE}_daemon[$EPID]" >> $FNAME
				
				call_lsof $EPID >> $FNAME
				
				let COUNT=COUNT+1;
				# must be greater then 10 sec.
				sleep 11;
			done
		fi
	else
		echo "" >> $FNAME
		echo "WARNING: ${PROVIDER} daemon is not runnig, er=1" >> $FNAME
	fi
	if [ -f "/selinux/enforcing" ]; then
		echo "" >> $FNAME
		echo "SELinux: `cat /selinux/enforcing`" >> $FNAME
	else
		echo "" >> $FNAME
		echo "No '/selinux/enforcing' found" >> $FNAME
	fi
	echo "" >> $FNAME
	echo `date` " - finished" >> $FNAME
}

function collect_logs2 {
	echo "Collecting logs2..."
	# do not change output file name!!!
	# products with ver 4.0.xx doesn't supports interrupt
	VER_MAJOR="`$SBINDIR/${PACKAGE}_daemon --version 2>/dev/null | cut -d " " -f 3 | cut -d "." -f 1`"
	VER_MINOR="`$SBINDIR/${PACKAGE}_daemon --version 2>/dev/null | cut -d " " -f 3 | cut -d "." -f 2`"
	if [ $VER_MAJOR ] && [ $VER_MINOR ]; then
		VER=$[$[$VER_MAJOR*1000]+$[$VER_MINOR]]
		if [ $VER -gt 4000 ]; then
			FNAME="/tmp/escan_files"
			if [ -f "/var/run/${PACKAGE}_daemon.pid" ]; then
				EPPID="`cat /var/run/${PACKAGE}_daemon.pid`"
				# get pid of child ${PACKAGE}_daemon process
				EPID="`get_child_pid ${PACKAGE}_daemon $EPPID`"

				if [ "$EPID" != "" ]; then			
					echo `date` " - print output ps -Aj" > $FNAME
					ps -Aj | grep ${PACKAGE} >> $FNAME
					# make it several times
					COUNT=0
					while [ $COUNT -lt 3 ]; do
						echo "" >> $FNAME
						echo `date` " - $COUNT. send INT to ${PACKAGE}_daemon[$EPID]" >> $FNAME
						kill -INT $EPID 2>/dev/null;
						let COUNT=COUNT+1;
						# must be greater then 10 sec.
						sleep 11;
					done
					echo "" >> $FNAME
					echo `date` " - finished" >> $FNAME
				fi
			else
				echo "" >> $FNAME
				echo "WARNING: ${PACKAGE} daemon is not runnig, er=2" >> $FNAME
			fi
			test -f $FNAME && cp -Rf $FNAME ./elog2.txt
			test -f $FNAME && unlink $FNAME
		fi
	fi
}

function collect_eea {
	FILE_EEA=/opt/eset/eea/sbin/collect_logs.sh
	if [ -f "$FILE_EEA" ]; then
		echo "Log collecting script for EEA found. Initializing log collection..."
		sh $FILE_EEA
	fi
}

function collect_efs {
	FILE_EFS=/opt/eset/efs/sbin/collect_logs.sh
	if [ -f "$FILE_EFS" ]; then
		echo "Log collecting script for EFS found. Initializing log collection..."
		sh $FILE_EFS
	fi
}

function check_3rd_party_sw {
	PRODUCT_TABLE=(
		# INTEGO
		'/Library/LaunchDaemons/com.intego.personalantispam.daemon.plist'
		'/Library/LaunchDaemons/com.intego.PersonalBackup.daemon.plist'
		'/Library/LaunchDaemons/com.intego.ContentBarrier.daemon.plist'
		'/Library/LaunchDaemons/com.intego.VirusBarrierX6.daemon.plist'
		'/Library/LaunchDaemons/com.intego.VirusBarrierX6.scanner.daemon.plist'
		'/Library/LaunchDaemons/com.intego.commonservices.daemon.plist'
		'/Library/LaunchDaemons/com.intego.commonservices.icalserver.plist'
		'/Library/LaunchDaemons/com.intego.netupdate.daemon.plist'
		'/Library/LaunchDaemons/com.intego.task.manager.daemon.plist'
		# KASPERSKY
		'/Library/LaunchDaemons/com.kaspersky.kav.plist'
		# NORTON
		'/Library/LaunchDaemons/com.symantec.npfbootstrap.plist'
		'/Library/LaunchDaemons/com.symantec.deepsight-extractor.plist'
		'/Library/LaunchDaemons/com.symantec.symdaemon.plist'
		# SOPHOS
		'/Library/LaunchDaemons/com.sophos.notification.plist'
		# BITDEFENDER
		'/Library/LaunchDaemons/com.bitdefender.avp.Enterprise.plist'
		'/Library/LaunchDaemons/com.bitdefender.avp.AuthHelperTool.plist'
		'/Library/LaunchDaemons/com.bitdefender.avp.UpgDaemon.plist'
		# CLAM
		'/usr/local/clamXav'
		# MCAFEE
		'/usr/local/McAfee/AppProtection'
		'/usr/local/McAfee/Firewall'
		'/usr/local/McAfee/AntiMalware'
		'/Library/LaunchDaemons/com.mcafee.virusscan.fmpd.plist'
		'/Library/LaunchDaemons/com.mcafee.virusscan.ScanManager.plist'
		'/Library/LaunchDaemons/com.mcafee.virusscan.VShieldEPOInterface.plist'
		'/Library/LaunchDaemons/com.mcafee.virusscan.eupdate.plist'
		# TREND
		'/Library/StartupItems/iCoreService'
		#AVAST
		'/Library/LaunchDaemons/com.avast.MacAvast.LaunchDaemon.plist'
		'/Applications/avast!.app'
		# DRWEB
		'/Library/LaunchDaemons/com.drweb.drwebd.plist'
		# FSECURE
		'/Library/LaunchDaemons/com.f-secure.aua.plist'
		'/Library/LaunchDaemons/com.f-secure.fsavd.plist'
		# IAV
		'/Library/iAntiVirus/iavd'
		# PANDA
		'/Library/LaunchDaemons/com.pandasecurity.panda_av_daemon.plist'
		# MACSCAN
		'/Applications/MacScan 2'
	)
	
	echo "Collecting 3rd party SW..."
	AVFNAME="./av_vendor_check.txt"
	echo `date` " - checking 3rd party SW:" > $AVFNAME
	ELEMENTS=${#PRODUCT_TABLE[@]}
	for (( i=0;i<$ELEMENTS;i++)); do
		test -f "${PRODUCT_TABLE[${i}]}" && echo "${PRODUCT_TABLE[${i}]}" >> $AVFNAME
		test -d "${PRODUCT_TABLE[${i}]}" && echo "${PRODUCT_TABLE[${i}]}" >> $AVFNAME
	done
}

function collect_datadir {
	#if [ "$COLLECT_PRODUCT_LOGS" = "NO" ]; then
	#	return 0
	#fi
	DATAFILE="./data.txt"
	if [ ! -d "$EBASEDIR" ]; then
		echo "Directory ${EBASEDIR} does not exist" > $DATAFILE
		return 0
	fi
	pushd "$EBASEDIR" > /dev/null 2>&1 # switch to $EBASEDIR
	echo "modules:" > $DATAFILE
	for i in `ls -1 em0*.dat 2>/dev/null`;
	do
		grep -HanE "^(type|build|version)" $i >> $DATAFILE
	done
	popd > /dev/null 2>&1 # return to old directory
	mv "$EBASEDIR/$DATAFILE" .
	echo "" >> $DATAFILE
	echo "listing:" >> $DATAFILE
	ls -RGl "$EBASEDIR" >> $DATAFILE
	echo "" >> $DATAFILE
	echo "content:" >> $DATAFILE
	cat "$EBASEDIR/data/data.txt" >> $DATAFILE
}

function collect_diskutil {
	echo "Collecting disklogs..."
	DUFILE="./diskutil.txt"
	echo "list:" > $DUFILE
	diskutil List >> $DUFILE
	echo "====================" >> $DUFILE
	echo "appleRaidList:" >> $DUFILE
	diskutil AppleRaid list >> $DUFILE
	echo "====================" >> $DUFILE
	echo "CoreStorageList:" >> $DUFILE
	diskutil CoreStorage list >> $DUFILE
}

function collect_system_info {
	FILE="./system_info.spx"
	
	system_profiler -xml > $FILE 2> /dev/null
}

function collect_ioreg {
	FILE="./ioreg.txt"
	ioreg -l > $FILE;
	
	FILE="./ioreg_eset.txt"
	ioreg -l -p IOEsetPlane > $FILE
}

function collect_netstat {
	FILE=".netstat_root_table.txt"
	netstat -rn > $FILE
}

function collect_old_paths 
{
	# here should be old versions of runtime collected paths, example:
	# test -d <old_path> && cp -RLf <old_path> ./<old_path_out>
	echo "Collecting obsolete path logs..."
	EETCDIR_OLD="$BINDIR/../etc"
	test -f "$EETCDIR_OLD/${PACKAGE}.cfg" && cp -f "$EETCDIR_OLD/${PACKAGE}.cfg" ./${PACKAGE}.cfg.old		# get CFG from ECS 6.0.13 or EAVBE4.1.96.0 or older
	if [ "$COLLECT_PRODUCT_LOGS" = "YES" ]; then
		ELOGDIR_OLD="$BINDIR/../var/log"
		test -d "$ELOGDIR_OLD" && mkdir -p ./${PACKAGE}_logs.old
		test -d "$ELOGDIR_OLD" && cp -Rf "$ELOGDIR_OLD/" ./${PACKAGE}_logs.old								# get product logs from ECS 6.0.13 or EAVBE4.1.96.0 or older
	fi
}

function run_diagnostic_tool
{
	DIAGNOSTIC_DIR="$1"
	DIAGNOSTIC_EXE="$2"
	DST_DIR="$3"
	if ! [ -z ${DIAGNOSTIC_DIR+x} ]; then
		test -f "$DIAGNOSTIC_DIR/$DIAGNOSTIC_EXE" && cd "$DIAGNOSTIC_DIR" && "$DIAGNOSTIC_DIR/$DIAGNOSTIC_EXE" --zippath="$DST_DIR/era" --actions=1 > /dev/null
	fi
}

function collect_era
{
	echo "Collecting logs3..."
	CURRENT_DIR="`pwd`"

	run_diagnostic_tool "$ERAAGENTDIAGNOSTICDIR" "DiagnosticAgent" "$CURRENT_DIR" || run_diagnostic_tool "$ERAAGENTDIAGNOSTICDIR" "Diagnostic" "$CURRENT_DIR"

	run_diagnostic_tool "$ERAPROXYDIAGNOSTICDIR" "DiagnosticProxy" "$CURRENT_DIR" || run_diagnostic_tool "$ERAPROXYDIAGNOSTICDIR" "Diagnostic" "$CURRENT_DIR"

	run_diagnostic_tool "$ERASERVERDIAGNOSTICDIR" "DiagnosticServer" "$CURRENT_DIR" || run_diagnostic_tool "$ERASERVERDIAGNOSTICDIR" "Diagnostic" "$CURRENT_DIR"

	run_diagnostic_tool "$ERARDSENSORDIAGNOSTICDIR" "DiagnosticRDSensor" "$CURRENT_DIR" || run_diagnostic_tool "$ERARDSENSORDIAGNOSTICDIR" "Diagnostic" "$CURRENT_DIR"

	run_diagnostic_tool "$ERAMDMDIAGNOSTICDIR" "DiagnosticMDM" "$CURRENT_DIR" || run_diagnostic_tool "$ERAMDMDIAGNOSTICDIR" "Diagnostic" "$CURRENT_DIR"

	run_diagnostic_tool "$ERAVAHDIAGNOSTICDIR" "DiagnosticVAH" "$CURRENT_DIR" || run_diagnostic_tool "$ERAVAHDIAGNOSTICDIR" "Diagnostic" "$CURRENT_DIR"

	cd "$CURRENT_DIR"
}

function collect_product
{
	echo "Collecting products logs..."
	test -f "$EETCDIR/${PACKAGE}.cfg" && cp -f "$EETCDIR/${PACKAGE}.cfg" .
	test -d "$ECACHEDIR/data" && cp -RLf "$ECACHEDIR/data" ./${PACKAGE}_cache
	test -f "$SBINDIR/${PACKAGE}_daemon" && "$SBINDIR/${PACKAGE}_daemon" --version > ./${PACKAGE}_daemon_version.txt
	test -f "$SBINDIR/${PACKAGE}_daemon" && $SBINDIR/${PACKAGE}_daemon --modules_info 2>/dev/null > modules_info.txt
	if [ "$COLLECT_PRODUCT_LOGS" = "YES" ]; then
		test -d "$ELOGDIR" && mkdir -p ./${PACKAGE}_logs
		test -d "$ELOGDIR" && cp -Rf "$ELOGDIR/" ./${PACKAGE}_logs
		test -d "$EDUMPDIR" && cp -RLf "$EDUMPDIR" ./${PACKAGE}_dumps
		test -f /tmp/bt.${PACKAGE}* && cp -f /tmp/bt.${PACKAGE}* .
	fi
	collect_era
	collect_eea
	collect_efs
	collect_datadir
}

function collect_journal
{
	local FNAME="journal.txt"
	if [ -x /usr/bin/journalctl ]; then
		local cmd="journalctl -n 100000"
		echo `date` " - $cmd" > $FNAME
		$cmd >> $FNAME
	fi
}

function collect_system_Linux
{
	for ((i=0;i<8;i++)) ; do 
		(echo "%PID %PPID %CPU %MEM ARGS $(date)" && ps -e -o pid,ppid,pcpu,pmem,args --sort=pcpu | cut -d" " -f1-50| tail -n 80) >> ps.txt
		sleep 1;
	done

	test -d /var/log/audit && cp -RLf /var/log/audit .
	iptables-save > iptables-save.txt 2>/dev/null
	collect_journal
}

function collect_system_FreeBSD
{
	echo > /dev/null
}

function collect_system_OpenBSD
{
	echo > /dev/null
}

function collect_system_NetBSD
{
	echo > /dev/null
}

function collect_system_SunOS
{
	echo > /dev/null
	SVC_LOG="`ls -d /var/svc/log/* | grep $PACKAGE`"
	if [ "$SVC_LOG" ] ; then
		mkdir svc
		cp $SVC_LOG ./svc
	fi
}

function collect_system_Mac
{
	top -o cpu -F -R -l 8 -c a > top.txt
	kextstat > kextstat.txt
	sw_vers > ./sw_vers.txt
	ls -Gl /Applications/ > ./apps.txt
	ls -Gl /Library/ > ./library.txt
	test -d /Library/Server && ls -Gl /Library/Server/ > ./library_server.txt
	ls -Gl /var/db/receipts/ > ./var_db_receipts.txt
	echo "serveradmin presence test:" > serveradmin_v.txt;  serveradmin -v >> serveradmin_v.txt 2>> serveradmin_v.txt
	ls -Gle $HOME/ > ./home.txt
	test -d $HOME/Library/Logs/CrashReporter && cp -RLf $HOME/Library/Logs/CrashReporter ./User
	test -d ./User/CrashReporter/MobileDevice && rm -Rf ./User/CrashReporter/MobileDevice
	test -d $HOME/Library/Logs/DiagnosticReports && cp -RLf $HOME/Library/Logs/DiagnosticReports ./User
	test -d /Library/Logs/CrashReporter && cp -RLf /Library/Logs/CrashReporter ./System
	test -d ./System/CrashReporter/MobileDevice && rm -Rf ./System/CrashReporter/MobileDevice
	test -d /Library/Logs/PanicReporter && cp -RLf /Library/Logs/PanicReporter ./System
	test -d /Library/Logs/HangReporter && cp -RLf /Library/Logs/HangReporter ./System
	test -d /Library/Logs/DiagnosticReports && cp -RLf /Library/Logs/DiagnosticReports ./System
	test -d /Library/StartupItems && ls -Gl /Library/StartupItems/ > ./start_up_items.txt
	test -d /Library/LaunchAgents && ls -Gl /Library/LaunchAgents/ > ./launched_agents.txt
	test -d $HOME/Library/LaunchAgents && ls -Gl $HOME/Library/LaunchAgents/ > ./launched_agents_user.txt
	test -d /Library/LaunchDaemons && ls -Gl /Library/LaunchDaemons/ > ./launched_daemons.txt
	
	if [ -f /usr/bin/log ]; then
		echo "Collecting system logs from macOS 10.12+ ..."
		# for macOS 10.12+, generate last 3 days logs history
#		log show --last 3d --source --info --debug > /tmp/syslogs-dump.log
		log show --last 3d --source --style syslog --info --debug > /tmp/syslogs-dump.syslogstyle.log
#		log show --last 3d --source --style json --info --debug > /tmp/syslogs-dump.jsonstyle.log

		test -f /tmp/syslogs-dump.log && cp -f /tmp/syslogs-dump.log ./syslogs-dump.log
		test -f /tmp/syslogs-dump.syslogstyle.log && cp -f /tmp/syslogs-dump.syslogstyle.log ./syslogs-dump.syslogstyle.log
		test -f /tmp/syslogs-dump.jsonstyle.log && cp -f /tmp/syslogs-dump.jsonstyle.log ./syslogs-dump.jsonstyle.log
	fi	
	
	collect_diskutil
	collect_system_info
	collect_ioreg
	collect_netstat
	check_3rd_party_sw
}

function collect_system_Darwin
{
	collect_system_Mac "$@"
}

function collect_system_common
{
	uname -a > uname.txt
	test -f /tmp/user_info.txt && cp -f /tmp/user_info.txt ./user_info.txt
	test -f /var/log/system.log && cp -f /var/log/system.log* .
	test -f /var/log/mail.log && cp -f /var/log/mail.log* .
	test -f /var/log/kernel.log && cp -f /var/log/kernel.log* .
	test -f /var/log/install.log && cp -f /var/log/install.log* .
	test -f /var/log/daemon.log && cp -f /var/log/daemon.log* .
	test -f /var/log/syslog && cp -f /var/log/syslog* .
	test -f /var/log/messages && cp -f /var/log/messages* .
	test -f /etc/ld.so.preload && cp -f /etc/ld.so.preload .
}


function collect_system
{
	echo "Collecting system logs..."
	collect_system_common
	collect_system_`uname -s` "$@"
}

# pre-cleaning
echo ""
echo "Cleaning..."
rm -rf /tmp/customer_info.*
rm -rf ~/customer_info.*

#
mkdir -p /tmp/customer_info.${PROVIDER}/User
mkdir -p /tmp/customer_info.${PROVIDER}/System
mkdir -p /tmp/customer_info.${PROVIDER}/${PACKAGE}_cache
cd /tmp/customer_info.${PROVIDER}/

# collecting currently processed file's data
collect_logs1
collect_logs2

# collect system logs
collect_system

#collect configuration & product version
echo "$PROVIDER_UPPER support data collector, v$SCP_VER" > scp_ver.txt

COLLECT_PRODUCT_LOGS="YES"
if [ ${#Args[@]} -gt 0 ]; then
	# there is some input arguments
	if [ "${Args[0]}" = "-no_productlogs"	\
		 -o "${Args[0]}" = "-no-productlogs"	\
		 -o "${Args[0]}" = "--no-productlogs" ]; then
		COLLECT_PRODUCT_LOGS="NO"
	fi
fi

collect_product
collect_old_paths

# packing data
PKG="`call_tar /tmp/customer_info .`"
if [ -z "$PKG" ] ; then
	echo "Cannot call tar for customer_info in `pwd`"
	exit 1
fi

DEST_DIR=~
if [ -d ~/Desktop ] ; then
	DEST_DIR=~/Desktop
fi
mv $PKG $DEST_DIR/

# cleaning
cd /tmp
test -d /tmp/customer_info.${PROVIDER}/ && rm -Rf /tmp/customer_info.${PROVIDER}/

PKG="`basename $PKG`"

# inform about sending the result to ${PROVIDER} support
echo
echo
echo "Send file '${DEST_DIR}/${PKG}' to ${PROVIDER_UPPER}'s support"
echo
Youez - 2016 - github.com/yon3zu
LinuXploit