htb monitored root方式其中的一种（仅作记录）

快下班时候审出来的，目前root的第5种方式

nagios@monitored:~$ cat /usr/local/nagiosxi/scripts/backup_xi.sh
#!/bin/bash
#
# Creates a Full Backup of Nagios XI
# Copyright (c) 2011-2020 Nagios Enterprises, LLC. All rights reserved.
#BASEDIR=$(dirname $(readlink -f $0))
SBLOG="/usr/local/nagiosxi/var/components/scheduledbackups.log"
ts=`date +%s`# Import Nagios XI and xi-sys.cfg config vars
. $BASEDIR/../etc/xi-sys.cfg
eval $(php $BASEDIR/import_xiconfig.php)###############################
# USAGE / HELP
###############################
usage () {echo ""echo "Use this script to backup Nagios XI."echo ""echo " -n | --name              Set the name of the backup minus the .tar.gz"echo " -p | --prepend           Prepend a string to the .tar.gz name"echo " -a | --append            Append a string to the .tar.gz name"echo " -d | --directory         Change the directory to store the compressed backup"echo ""
}###############################
# ADDING LOGIC FOR NEW BACKUPS
###############################
while [ -n "$1" ]; docase "$1" in-h | --help)usageexit 0;;-n | --name)fullname=$2;;-p | --prepend)prepend=$2".";;-a | --append)append="."$2;;-d | --directory)rootdir=$2;;esacshift
doneecho "\nStarting new backup....\n"# Restart nagios to forcibly update retention.dat
$BASEDIR/manage_services.sh restart nagios
sleep 10if [ -z "$rootdir" ]; thenrootdir="/store/backups/nagiosxi"
fi# Move to root dir to store backups
cd "$rootdir"#############################
# SET THE NAME & TIME
#############################
name=$fullnameif [ -z "$fullname" ]; thenname="$prepend$ts$append"
fi# Clean the name
name=$(echo "$name" | sed -e 's/[^[:alnum:].|-]//g')# Get current Unix timestamp as name
if [ -z "$name" ]; thenname="$ts"
fi# My working directory
mydir=$rootdir/$name# Make directory for this specific backup
mkdir -p "$mydir"##############################
# BACKUP DIRS
############################### Only backup NagiosQL if it exists
if [ -d "/var/www/html/nagiosql" ]; thenecho "Backing up NagiosQL..."tar czfp "$mydir/nagiosql.tar.gz" /var/www/html/nagiosqltar czfp "$mydir/nagiosql-etc.tar.gz" /etc/nagiosql
fiecho "Backing up Nagios Core..."
tar czfp "$mydir/nagios.tar.gz" /usr/local/nagios# Backup ramdisk if it exists
if [ -f "/etc/sysconfig/nagios" ]; thenecho "Copying ramdisk configuration..."cp /etc/sysconfig/nagios "$mydir/ramdisk.nagios"
fiecho "Backing up Nagios XI..."
tar czfp "$mydir/nagiosxi.tar.gz" /usr/local/nagiosxiecho "Backing up MRTG..."
tar czfp "$mydir/mrtg.tar.gz" /var/lib/mrtg
cp /etc/mrtg/mrtg.cfg "$mydir/"
cp -r /etc/mrtg/conf.d "$mydir/"# SNMP configs and MIBS
echo "Backing up the SNMP directories"
tar czfp "$mydir/etc-snmp.tar.gz" /etc/snmp
tar czfp "$mydir/usr-share-snmp.tar.gz" /usr/share/snmpecho "Backing up NRDP..."
tar czfp "$mydir/nrdp.tar.gz" /usr/local/nrdpecho "Backing up Nagvis..." 
tar czfp "$mydir/nagvis.tar.gz" /usr/local/nagvisecho "Backing up nagios user home dir..." 
tar czfp "$mydir/home-nagios.tar.gz" /home/nagios##############################
# BACKUP DATABASES
##############################
echo "Backing up MySQL databases..."
mkdir -p "$mydir/mysql"
if [[ "$cfg__db_info__ndoutils__dbserver" == *":"* ]]; thenndoutils_dbport=`echo "$cfg__db_info__ndoutils__dbserver" | cut -f2 -d":"`ndoutils_dbserver=`echo "$cfg__db_info__ndoutils__dbserver" | cut -f1 -d":"`
elsendoutils_dbport='3306'ndoutils_dbserver="$cfg__db_info__ndoutils__dbserver"
fi
mysqldump -h "$ndoutils_dbserver" --port="$ndoutils_dbport" -u $cfg__db_info__ndoutils__user --password="$cfg__db_info__ndoutils__pwd" --add-drop-database -B $cfg__db_info__ndoutils__db > $mydir/mysql/nagios.sql
res=$?
if [ $res != 0 ]; thenecho "Error backing up MySQL database 'nagios' - check the password in this script!"rm -r "$mydir"exit $res;
fi
if [[ "$cfg__db_info__nagiosql__dbserver" == *":"* ]]; thennagiosql_dbport=`echo "$cfg__db_info__nagiosql__dbserver" | cut -f2 -d":"`nagiosql_dbserver=`echo "$cfg__db_info__nagiosql__dbserver" | cut -f1 -d":"`
elsenagiosql_dbport='3306'nagiosql_dbserver="$cfg__db_info__nagiosql__dbserver"
fi
mysqldump -h "$nagiosql_dbserver" --port="$nagiosql_dbport" -u $cfg__db_info__nagiosql__user --password="$cfg__db_info__nagiosql__pwd" --add-drop-database -B $cfg__db_info__nagiosql__db > $mydir/mysql/nagiosql.sql
res=$?
if [ $res != 0 ]; thenecho "Error backing up MySQL database 'nagiosql' - check the password in this script!"rm -r "$mydir"exit $res;
fi# Only backup PostgresQL if we are still using it 
if [ $cfg__db_info__nagiosxi__dbtype == "pgsql" ]; thenecho "Backing up PostgresQL databases..."mkdir -p "$mydir/pgsql"if [ -z $cfg__db_info__nagiosxi__dbserver ]; thencfg__db_info__nagiosxi__dbserver="localhost"fipg_dump -h $cfg__db_info__nagiosxi__dbserver -c -U $cfg__db_info__nagiosxi__user $cfg__db_info__nagiosxi__db > "$mydir/pgsql/nagiosxi.sql"res=$?if [ $res != 0 ]; thenecho "Error backing up PostgresQL database 'nagiosxi' !"rm -r "$mydir"exit $res;fi
elseif [[ "$cfg__db_info__nagiosxi__dbserver" == *":"* ]]; thennagiosxi_dbport=`echo "$cfg__db_info__nagiosxi__dbserver" | cut -f2 -d":"`nagiosxi_dbserver=`echo "$cfg__db_info__nagiosxi__dbserver" | cut -f1 -d":"`elsenagiosxi_dbport='3306'nagiosxi_dbserver="$cfg__db_info__nagiosxi__dbserver"fimysqldump -h "$nagiosxi_dbserver" --port="$nagiosxi_dbport" -u $cfg__db_info__nagiosxi__user --password="$cfg__db_info__nagiosxi__pwd" --add-drop-database -B $cfg__db_info__nagiosxi__db > $mydir/mysql/nagiosxi.sqlres=$?if [ $res != 0 ]; thenecho "Error backing up MySQL database 'nagiosxi' - check the password in this script!"rm -r "$mydir"exit $res;fi
fi##############################
# BACKUP CRONJOB ENTRIES
##############################
echo "Backing up cronjobs for Apache..."
mkdir -p "$mydir/cron"
if [[ "$distro" == "Ubuntu" ]] || [[ "$distro" == "Debian" ]]; thencp "/var/spool/cron/crontabs/$apacheuser" "$mydir/cron/apache"
elsecp /var/spool/cron/apache "$mydir/cron/apache"
fi##############################
# BACKUP SUDOERS
##############################
# Not necessary##############################
# BACKUP LOGROTATE
##############################
echo "Backing up logrotate config files..."
mkdir -p "$mydir/logrotate"
cp -rp /etc/logrotate.d/nagiosxi "$mydir/logrotate"##############################
# BACKUP APACHE CONFIG FILES
##############################
echo "Backing up Apache config files..."
mkdir -p "$mydir/httpd"
cp -rp "$httpdconfdir/nagios.conf" "$mydir/httpd"
cp -rp "$httpdconfdir/nagiosxi.conf" "$mydir/httpd"
cp -rp "$httpdconfdir/nagvis.conf" "$mydir/httpd"
cp -rp "$httpdconfdir/nrdp.conf" "$mydir/httpd"if [ -d "/etc/apache2/sites-available" ]; thencp -rp /etc/apache2/sites-available/default-ssl.conf "$mydir/httpd"
elsecp -rp "$httpdconfdir/ssl.conf" "$mydir/httpd"
fi##############################
# COMPRESS BACKUP
##############################
echo "Compressing backup..."
tar czfp "$name.tar.gz" "$name"
rm -rf "$name"# Change ownership
chown "$nagiosuser:$nagiosgroup" "$name.tar.gz"if [ -s "$name.tar.gz" ];thenecho " "echo "==============="echo "BACKUP COMPLETE"echo "==============="echo "Backup stored in $rootdir/$name.tar.gz"exit 0;
elseecho " "echo "==============="echo "BACKUP FAILED"echo "==============="echo "File was not created at $rootdir/$name.tar.gz"rm -r "$mydir"exit 1;
fi

其中

# Restart nagios to forcibly update retention.dat
$BASEDIR/manage_services.sh restart nagios
sleep 10

会重启nagios服务，看下manage_services.sh

nagios@monitored:~$ cat /usr/local/nagiosxi/scripts/manage_services.sh
#!/bin/bash
#
# Manage Services (start/stop/restart)
# Copyright (c) 2015-2020 Nagios Enterprises, LLC. All rights reserved.
#
# =====================
# Built to allow start/stop/restart of services using the proper method based on
# the actual version of operating system.
#
# Examples:
# ./manage_services.sh start httpd
# ./manage_services.sh restart mysqld
# ./manage_services.sh checkconfig nagios
#BASEDIR=$(dirname $(readlink -f $0))# Import xi-sys.cfg config vars
. $BASEDIR/../etc/xi-sys.cfg# Things you can do
first=("start" "stop" "restart" "status" "reload" "checkconfig" "enable" "disable")
second=("postgresql" "httpd" "mysqld" "nagios" "ndo2db" "npcd" "snmptt" "ntpd" "crond" "shellinaboxd" "snmptrapd" "php-fpm")# Helper functions
# -----------------------contains () {local array="$1[@]"local seeking=$2local in=1for element in "${!array}"; doif [[ "$element" == "$seeking" ]]; thenin=0breakfidonereturn $in
}# Verify to avoid abuse
# -----------------------# Check to verify the proper usage format
# ($1 = action, $2 = service name)if ! contains first "$1"; thenecho "First parameter must be one of: ${first[*]}"exit 1
fiif ! contains second "$2"; thenecho "Second parameter must be one of: ${second[*]}"exit 1
fiaction=$1# if service name is defined in xi-sys.cfg use that name
# else use name passed
if [ "$2" != "php-fpm" ] && [ ! -z "${!2}" ];thenservice=${!2}
elseservice=$2
fi# if the action is status, add -n 0 to args to stop journal output
# on CentOS/RHEL 7 systems
args=""
if [ "$action" == "status" ]; thenargs="-n 0"
fi# Special case for ndo2db since we don't use it anymore
if [ "$service" == "ndo2db" ]; thenecho "OK - Nagios XI 5.7 uses NDO3 build in and no longer uses the ndo2db service"exit 0
fi# Run the command
# -----------------------# CentOS / Red Hatif [ "$distro" == "CentOS" ] || [ "$distro" == "RedHatEnterpriseServer" ] || [ "$distro" == "EnterpriseEnterpriseServer" ] || [ "$distro" == "OracleServer" ]; then# Check for enable/disable verbif [ "$action" == "enable" ] || [ "$action" == "disable" ]; thenif [ `command -v systemctl` ]; then`which systemctl` --no-pager "$action" "$service"elif [ `command -v chkconfig` ]; thenchkconfig_path=`which chkconfig`if [ "$action" == "enable" ]; then"$chkconfig_path" --add "$service"return_code=$?elif [ "$action" == "disable" ]; then"$chkconfig_path" --del "$service"return_code=$?fifiexit $return_codefiif [ `command -v systemctl` ]; then`which systemctl` --no-pager "$action" "$service" $argsreturn_code=$?if [ "$service" == "mysqld" ] && [ $return_code -ne 0 ]; thenservice="mariadb"`which systemctl` "$action" "$service" $argsreturn_code=$?fielif [ ! `command -v service` ]; then"/etc/init.d/$service" "$action"return_code=$?else`which service` "$service" "$action"return_code=$?fi
fi# OpenSUSE / SUSE Enterpriseif [ "$distro" == "SUSE LINUX" ]; thenif [ "$dist" == "suse11" ]; then`which service` "$service" "$action"return_code=$?fi
fi# Ubuntu / Debianif [ "$distro" == "Debian" ] || [ "$distro" == "Ubuntu" ]; then# Adjust the shellinabox service, no trailing 'd' in Debian/Ubuntuif [ "$service" == "shellinaboxd" ]; thenservice="shellinabox"fiif [ `command -v systemctl` ]; then`which systemctl` --no-pager "$action" "$service" $argsreturn_code=$?else`which service` "$service" "$action"return_code=$?fi
fi# Others?exit $return_code

能看到会是识别完系统做对应的服务操作，其实等同于是一个systemctl
有趣的是$BASEDIR/manage_services.sh restart nagios会重启nagios服务

systemctl status nagios能看到服务的位置

Process: 8416 ExecStartPre=/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

这个是有权限修改的

-rwxrwxrwx 1 nagios nagios 16864 Jan 17 05:09 /usr/local/nagios/bin/nagios

所以重新编译一个丢进去让她启动弹shell回来就行
在这里插入图片描述

htb monitored root方式其中的一种（仅作记录）

相关文章

SCI 2区论文：医疗保健中心训练有素的脑膜瘤分割模型的性能测试-基于四个回顾性多中心数据集的二次分析

PE解释器之PE文件结构（二）

软件测试|sqlalchemy一对一关系详解

Ubuntu使用QtCreator + CMake 开发C/C++程序

Hugging Face怎么通过国内镜像去进行模型下载（hf-mirror.com）

(Bean实例化的基本流程 )学习Spring的第六天

深入理解 Kubernetes Ingress：路由流量、负载均衡和安全性配置

取代房子，中国又一种资本在崛起（深度）

JVM工作原理与实战(二十)：直接内存

Spring Cloud详细入门使用

Codeforces Round 919 (Div. 2) A~E

定时器开发基础

JavaScript 自定义分页组件

蓝桥杯（C++ 整数删除优先队列）

2023 年顶级前端工具

经典数据库练习题及答案

JavaScript DOM可以做什么？

深度学习模型之yolov8实例分割模型TesorRT部署-python版本

【计算机网络】

智能驾驶新浪潮：SSD与UFS存储技术如何破浪前行？-UFS篇