Linux puskom-ProLiant-DL385-Gen10 5.4.0-150-generic #167~18.04.1-Ubuntu SMP Wed May 24 00:51:42 UTC 2023 x86_64

/var/www/html/bkd/berkas/

/var/www/html/bkd/berkas/4.sh

#!/bin/bash echo "[*] GSocket Network Behavior Scanner" echo # 1. List semua koneksi TCP/UDP aktif dengan proses echo "[+] Memeriksa koneksi TCP/UDP aktif..." ss -tunp 2>/dev/null | grep ESTAB > /tmp/gsocket_conns.txt if [ ! -s /tmp/gsocket_conns.txt ]; then echo "[+] Tidak ada koneksi ESTABLISHED." else cat /tmp/gsocket_conns.txt fi echo # 2. Filter koneksi keluar ke internet (bukan LAN) echo "[+] Mendeteksi koneksi outbound non-LAN..." grep -E -v "127\.|::1|10\.|192\.168\.|172\.(1[6-9]|2[0-9]|3[0-1])" /tmp/gsocket_conns.txt || echo "[+] Tidak ada koneksi keluar mencurigakan." echo # 3. Cari proses di port GSocket default echo "[+] Mengecek port GSocket default (443, 80, 31337)..." ss -tunp 2>/dev/null | grep -E ':443|:80|:31337' || echo "[+] Tidak ada port default GSocket terbuka." echo # 4. Cek signature binary "Global Socket" echo "[+] Mengecek signature binary pada proses aktif..." pids=$(ss -tunp 2>/dev/null | awk '{print $7}' | grep -oE '[0-9]+' | sort -u) for pid in $pids; do exe=$(readlink -f /proc/$pid/exe 2>/dev/null) if [ -f "$exe" ] && strings "$exe" 2>/dev/null | grep -q "Global Socket"; then echo "[!] Signature GSocket ditemukan di proses PID $pid ($exe)" fi done echo echo "[*] Scan selesai."