ROOTPLOIT
Server: Apache
System: Linux node6122.myfcloud.com 6.14.3-x86_64-linode168 #1 SMP PREEMPT_DYNAMIC Mon Apr 21 19:47:55 EDT 2025 x86_64
User: bashacomputer (1004)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /lib64/nagios/plugins/
Upload Files
File: //lib64/nagios/plugins/check_litespeed
#!/usr/bin/env python
# Nagios check for LiteSpeed VirtualHosts REQ_PER_SEC
# Author: Tsvetan Gerov <tsvetan@worldhost.group>
# v2.1

from __future__ import print_function
import re
import glob
import sys
import argparse
import os

if not os.path.exists("/usr/local/lsws/bin/lshttpd"):
    print("[OK] LiteSpeed not found!")
    sys.exit(0)

if not os.path.exists("/dev/shm/lsws/status/.rtreport"):
    print("[OK] LiteSpeed is not enabled")
    sys.exit(0)

parser = argparse.ArgumentParser()
parser.add_argument('-c', type=int, default=200, help='Threshold value for CRITICAL high traffic domains')
parser.add_argument('-w', type=int, default=50, help='Threshold value for WARNING moderate traffic domains')
args = parser.parse_args()

directory = '/dev/shm/lsws/status/'
file_pattern = '.rtreport*'
files = glob.glob(directory + file_pattern)

domain_info = {}

for filename in files:
    with open(filename, 'r') as file:
        content = file.read()
        matches = re.findall(r'REQ_RATE \[APVH_(.*?)\]: .* REQ_PER_SEC: ([0-9.]+)', content)
        for domain, requests_per_sec in matches:
            domain = domain.split(':')[0].replace("APVH_", "")
            requests_per_sec = int(float(requests_per_sec))
            if domain in domain_info:
                domain_info[domain] += requests_per_sec
            else:
                domain_info[domain] = requests_per_sec

high_traffic_domains = [(domain, requests_per_sec) for domain, requests_per_sec in domain_info.items() if requests_per_sec > args.c]
moderate_traffic_domains = [(domain, requests_per_sec) for domain, requests_per_sec in domain_info.items() if requests_per_sec > args.w]

if high_traffic_domains:
    merged_high_traffic = [(domain, sum([requests_per_sec for _, requests_per_sec in high_traffic_domains if _ == domain])) for domain, _ in high_traffic_domains]
    output = "[CRITICAL] " + ", ".join(["{} ({:.1f} req/s)".format(domain, requests_per_sec) for domain, requests_per_sec in merged_high_traffic])
    print(output)
    sys.exit(2)
elif moderate_traffic_domains:
    merged_moderate_traffic = [(domain, sum([requests_per_sec for _, requests_per_sec in moderate_traffic_domains if _ == domain])) for domain, _ in moderate_traffic_domains]
    output = "[WARNING] " + ", ".join(["{} ({:.1f} req/s)".format(domain, requests_per_sec) for domain, requests_per_sec in merged_moderate_traffic])
    print(output)
    sys.exit(1)
else:
    print("[OK] No high traffic domains found")
    sys.exit(0)
@ Telegram