ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: home

#!/usr/bin/perl

use strict;

use LWP::UserAgent;
use HTTP::Response;
use Sys::Hostname;
use Switch '__';

#my $debug = ($ARGV[-1] eq 'debug') ? 1 : 0;

# exit_with($msg, [$code]):
# throws out $msg and performs exit() with given code or 0 if none is given

sub exit_with {		
	# because 'die' doesn't look pretty
	my ($msg, $code) = @_;
	$code = defined($code) ? $code : 0;
	print $msg, "\n";
	exit($code);	
}

# parse_cp_profile($user): (success => 1, ip => scalar, owner => scalar,
#							suspended => scalar, main_domain => scalar,
#							addon_domains => arrayref, parked_domains => arrayref,
#							sub_domains => arrayref)
# returns client info parsed from cPanel files or undef if failed

sub parse_cp_profile {
	my $user = shift;
	my $fail = 0;
	my $ip;
	my $owner;
	my $suspended;	
	my $mode;
	my $main;
	my @addons;
	my @parked;
	my @subs;
	my %temp;
	my $f_profile = "/var/cpanel/users/$user";
	my $f_userdata = "/var/cpanel/userdata/$user/main";
	
	open FILE, '<', $f_profile or $fail += 1;
	my @cp_profile = <FILE>;
	close FILE;

open FILE, '<', $f_userdata or $fail += 2;
	my @cp_userdata = <FILE>;
	close FILE;
	
	switch ($fail) {
		case __ & 1 { print "Can't open $f_profile!\n"; next }
		case __ & 2 { print "Can't open $f_userdata!\n"; next }
		case __ > 0 { return undef }
	}
	
	# fetching IP, owner and active/suspended from cPanel user profile
	foreach my $str(@cp_profile) {
		chomp $str;
		$str =~ m/^IP=([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$)|^OWNER=([a-z0-9]*$)|^SUSPENDED=([0-9]$)/;
		$ip = $1 ? $1 : $ip;
		$owner = $2 ? $2 : $owner;
		$suspended = $3 ? $3 : $suspended;
	}
	
	# fetching domains from cPanel userdata
	foreach my $str(@cp_userdata) {
		chomp $str;
		switch ($str) {
			case m/^$/					{ }
			case m/^---/ 				{ }
			case m/path.conf/ 			{ }
			case m/^addon_domains:/		{ $mode = 'addon' }
			case m/^main_domain:/		{ my @buf = split / /, $str;
										  $main = $buf[1] }
			case m/^parked_domains:/	{ $mode = 'parked' }
			case m/^sub_domains:/		{ $mode = 'sub' }
			else {
				$str =~ s/^[ \t]*(- )?//;
				switch ($mode) {
					case "addon" 	{ my @buf = split /: /, $str;
									  push @addons, $buf[0];
									  $temp{$buf[1]} = 1 }				# add sub-domain related to addon to temporary list
					case "parked" 	{ push @parked, $str }
					case "sub" 		{ push @subs, $str if (!$temp{$str}) }	# add to list only those sub-domains that aren't related to none of addons
				}
			}
		}
		
	}
	
	return ( success => 1,
			 ip => $ip, 
			 owner => $owner, 
			 suspended => $suspended, 
			 main_domain => $main, 
			 addon_domains => \@addons, 
			 parked_domains => \@parked, 
			 sub_domains => \@subs,
		   );	
}

# print_http_response($response):
# just prints HTTP response code, status line and content_type if any

sub print_http_response {
	my $resp = shift;
	my $content_type = $resp->content_type;
	print $resp->status_line;
	
	switch ($resp->code) {
		case 200		{ print ". Content: " . $content_type . "\n" }
		case m/30[12378]/	{ print " -> ", $resp->header("Location"), " - " }
		else { print "\n" }
	}
	
}

# test_http($domain, $ip):
# performs HTTP check with given hostname and IP address
# results are printed to STDOUT

sub test_http {
	my $ua = LWP::UserAgent->new(agent => 'Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0', 
							 timeout => 30, 
							 max_redirect => 0,
							 requests_redirectable => ['GET', 'HEAD', 'POST'],
							 ssl_opts => {verify_hostname => 0, SSL_verify_mode => 0x00},
							 protocols_allowed => ['http', 'https']);
	my ($addr,$ip) = @_;	
	my $response = $ua->get("http://$ip", HOST => $addr);
	my $redir_count = 0;
	my $last_redir;
	my $x = 40 - length($addr);
	print "\t", $addr, " "x$x;

while ($response->code =~ "30[12378]") {
		
		if ($redir_count > 10) {
			print " 10+ redirects, aborting check.\n";
			return 0;
		}
		
		$redir_count++;
		print_http_response($response);
		my $location = $response->header("Location");
		my $proto = 'http';
		my $new_host = $addr;
		my $path;
		
		if ($location eq $last_redir) {			# Looks like we've got .htaccess HTTP_HOST check
			print "HTTP_HOST .htaccess check prevents from checking by IP, checking by hostname: ";
			$response = $ua->get($location);
			last;
		} else {
			$last_redir = $location;
		}

if ($location =~ /(^.*):\/\/([a-zA-Z0-9\-\.\:]*)(\/.*$)?/) {		# RFC 2396 & RFC 2616 - 'Location' HTTP header field contents only absolute URI
			$proto = $1;
			$new_host = $2;
			$path = $3;
		} else {															# somebody didn't heard anything about RFC
			$path = $location;		
		}

if ($proto eq 'https') {
			$response = $ua->get($location);
		} else {
			$path =~ s/^\///;
			$response = $ua->get($proto . '://' . $ip . '/' . $path, HOST => $new_host);
		}

}

print_http_response($response);  
}

sub check_user;

###################################################################################################

my $reseller_host = (hostname =~ 'registrar-servers.com') ? 1 : 0;
my $httpd_conf = "/etc/apache2/conf/httpd.conf";
my $user_owners_file = "/etc/trueuserowners";
my $user_domains_file = "/etc/userdomains";
my $resellers_file = "/var/cpanel/resellers";
my $follow = ($ARGV[1] eq 'only') ? 0 : 1;	# don't check resolds?
my $client = $ARGV[0] or exit_with("Usage: $0 <user>");

if (!getpwnam($client)) { 
	exit_with("No such user - $client", 1);
}

# Fetching assigned IP from httpd.conf for each user
# %apache_ips = ( username => apache IP )

my %apache_ips;
my $last_ip;
my $last_name;
open FILE, '<', $httpd_conf or exit_with("Could not open $httpd_conf", 2);

while (<FILE>) {
	chomp;
	m/<VirtualHost\ ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|DocumentRoot\ \/home\/([a-z0-9]*)/;
	$last_ip = $1 ? $1 : $last_ip;
	$last_name = $2 ? $2 : $last_name;
	
	if ($2) {
		$apache_ips{$last_name} = $last_ip;
	}
	
}

close FILE;

# Fetching true user owners
# %user_owners = ( username => owner )

my %user_owners;
open FILE, '<', $user_owners_file or exit_with("Could not open $user_owners_file", 2);

while (<FILE>) {
	chomp;
	m/^([a-z0-9]*):\ ([a-z0-9]*)$/;
	$user_owners{$1} = $2;
}

close FILE;

# Fetching domains owners
# %user_domains = ( domain => owner )

my %user_domains;
open FILE, '<', $user_domains_file or exit_with("Could not open $user_domains_file", 2);

while (<FILE>) {
	chomp;
	m/(^[a-zA-Z0-9\.\-]*):\ ([a-zA-Z0-9]*$)/;
	$user_domains{$1} = $2;
}

close FILE;

# Fetching resellers from /var/cpanel/resellers
# %resellers = ( username => 1 )

my %resellers;
open FILE, '<', $resellers_file or exit_with("Could not open $resellers_file", 2);

while (<FILE>) {
	chomp;
	m/([a-z0-9]*):/;
	
	if ($1) {
		$resellers{$1} = 1;
	}
}

close FILE;

check_user($client);

###################################################################################################

sub check_user {
	my $user = shift;
	print "-"x40, "\nUser:\t$user\n";
	my %cp_info = parse_cp_profile($user);
	
	if (!$cp_info{success}) {
		print "Failed to process user $user.\n";
		return undef;
	}
	
	if ($cp_info{ip} !~ $apache_ips{$user}) {
		print "Apache/cPanel user $user IP mismatch.\n";
		return undef;
	}
	
	my $is_reseller = ($reseller_host and (($cp_info{owner} eq 'root') or ($cp_info{owner} eq $user)));
	
	print "cPanel/true owner mismatch for $user.\n" if ($cp_info{owner} !~ $user_owners{$user});
	print "User $user is suspended.\n" if ($cp_info{suspended});
	print "Owner:\t", $cp_info{owner}, "\n";
	#print "Check if it's correct!\n" if (($cp_info{owner} ne 'wh') and !$reseller_host);
	print "IP:\t", $cp_info{ip}, "\n";
	print "It's reseller.\n" if ($is_reseller);
	print "Check reseller privileges!\n" if ($is_reseller != $resellers{$user});	# must be 1 = 1 or undef = undef
	
	print "Main domain:\n";
	test_http($cp_info{main_domain}, $cp_info{ip});
	
	print "Addon domains:\n";
	
	foreach my $dom(@{$cp_info{addon_domains}}) {
		test_http($dom, $cp_info{ip});
	}
	
	print "Parked domains:\n";
	
	foreach my $dom(@{$cp_info{parked_domains}}) {
		test_http($dom, $cp_info{ip});
	}
	
	print "Subdomains:\n";
	
	foreach my $dom(@{$cp_info{sub_domains}}) {
		test_http($dom, $cp_info{ip});
	}
	
	if ($is_reseller and $follow) {
		
		for my $u(keys(%user_owners)) {
			check_user($u) if ($user_owners{$u} eq $user);
		}
	
	}
	
}

[+] ardalbasra
[+] wtkfiraq
[+] alomrangroup
[-] sitecheck.pl [edit]
[+] zahratalkhareef
[+] ikkaru
[+] sour
[+] vpsiraqi
[+] sahilph
[+] asad
[+] atlasndt
[+] valery
[-] sitecheck.log [edit]
[+] niqta
[+] alhadi
[+] iraqsupplies
[+] ptadmin
[+] nahlahalrafidain
[+] .cpcpan
[+] areej
[+] verouniversaliq
[+] allin1iq
[+] darherb
[+] alkhidr1
[+] ..
[+] virtfs
[+] rayatalbenaa
[+] nrco
[+] cPanelInstall
[+] .cpan
[+] rabeedejla
[+] bizpioneers
[+] eqtesadworld
[+] faris
[-] 0_README_BEFORE_DELETING_VIRTFS [edit]
[+] urproducts
[-] latest [edit]
[+] vezanco
[+] alnooral
[+] cxs
[+] tayr
[-] acclist [edit]
[+] alnusemp
[+] tigrisro
[+] tejanmed
[+] amwajalyaqout
[+] afaqalyaqin
[+] pharmaos
[+] sgciq
[+] alaw2mail
[+] alawsattelecom
[+] tayir
[+] alkhidrfruits
[+] gcmigov
[+] munin
[+] .rapid-scan-db
[+] rakayiz
[+] daciq
[+] sahabiti
[+] mastalbina
[+] albadrint
[+] .cpanm
[+] zainbalrasheedgr
[+] himen