Something just ran this on my server. Does anyone know what it is and why this script thinks it’s okay to install root SSH keys on my server without my consent?
Adding ssh key to /root/.ssh/authorized_keys
PermitRootLogin need to set to yes
Trying to set PermitRootLogin to yes
Found AllowUsers string
User root not allowed
Adding root to AllowUsers
Ignore history
Insert to line 12
Set binary service systemd-lvm-monitor
Binary service /lib/systemd/systemd-lvm-monitor not exist
Set stat info /lib/systemd/systemd-lvm-monitor
Restore stat info /lib/systemd
Create service systemd-lvm-monitor
Trying to start systemd-lvm-monitor
Trying check status systemd-lvm-monitor
● systemd-lvm-monitor.service - LVM monitoring service
Loaded: loaded (/lib/systemd/system/systemd-lvm-monitor.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2025-02-03 19:29:07 PST; 9ms ago
Main PID: 424184 (systemd-lvm-mon)
Tasks: 4 (limit: 9394)
Memory: 1.9M
CPU: 5ms
CGroup: /system.slice/systemd-lvm-monitor.service
└─424184 /lib/systemd/systemd-lvm-monitor
Feb 03 19:29:07 ols-server systemd[1]: Started LVM monitoring service.
● lscpd.service - LSCPD Daemon
Loaded: loaded (/etc/systemd/system/lscpd.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2025-02-03 19:29:09 PST; 10ms ago
Process: 424207 ExecStart=/usr/local/lscp/bin/lscpdctrl start (code=exited, status=0/SUCCESS)
Main PID: 424222 (lscpd)
CGroup: /system.slice/lscpd.service
├─424222 "lscpd (main)"
├─424224 "lscpd (lscgid)"
├─424225 "lscpd (#01)"
└─424226 /usr/local/CyberCP/bin/lswsgi -m /usr/local/CyberCP/CyberCP/wsgi.py
Feb 03 19:29:07 ols-server systemd[1]: Starting LSCPD Daemon...
Feb 03 19:29:07 ols-server lscpdctrl[424207]: [OK] lscpd: pid=424222.
Feb 03 19:29:09 ols-server systemd[1]: Started LSCPD Daemon.
Trying check vulnerability CVE-2024-51568
This target is vulnerable
Successfully patched vulnerability
Trying check vulnerability CVE-2024-51567
This target is not vulnerable
Trying check vulnerability CVE-2024-51378
This target is not vulnerable
Restarted lscpd
Status of lscpd: