Linux puskom-ProLiant-DL385-Gen10 5.4.0-150-generic #167~18.04.1-Ubuntu SMP Wed May 24 00:51:42 UTC 2023 x86_64
/
var
/
www
/
html
/
bkd
/
berkas
/
/var/www/html/bkd/berkas/gsc.sh
#!/bin/bash echo "[*] GSocket Detection Scanner" echo ### 1. Cari proses aktif echo "[+] Mencari proses gsocket/gs-netcat..." ps aux | grep -E 'gsocket|gs-netcat' | grep -v grep echo ### 2. Cari proses dengan argumen mencurigakan (listen atau connect) echo "[+] Mencari proses dengan pola argument -s / --server / --client..." ps aux | grep -E '\-s|\-\-server|\-\-client' | grep -v grep echo ### 3. Cek koneksi aktif yang mungkin GSocket gunakan echo "[+] Memeriksa koneksi TCP/UDP..." ss -tunp 2>/dev/null | grep -E 'gsocket|gs-netcat' echo ### 4. Cari file binary gsocket / gs-netcat di disk echo "[+] Mencari file biner gsocket/gs-netcat..." find /usr /bin /sbin /lib /opt /tmp /var -type f \( -name 'gsocket*' -o -name 'gs-netcat*' \) 2>/dev/null echo ### 5. Cek signature biner (walau nama diganti) echo "[+] Memeriksa signature ELF untuk GSocket..." for f in $(find /usr /bin /sbin /lib /opt /tmp /var -type f -executable 2>/dev/null); do if strings "$f" 2>/dev/null | grep -q "Global Socket"; then echo "[!] Signature GSocket ditemukan di: $f" fi done echo echo "[*] Scan selesai."