Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > microsoft.public.test > #74
| From | David <David.is@home.today> |
|---|---|
| Newsgroups | microsoft.public.test |
| Subject | Linc Davis Script |
| Date | 2025-03-17 07:50 +0000 |
| Message-ID | <m3q2itFgj9gU1@mid.individual.net> (permalink) |
PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=({Soft,Hard}ware
Memory Diagnostics Power FireWire Thunderbolt USB Bluetooth SerialATA
Extensions Applications Frameworks PrefPane Fonts Displays 85 percent
20480 1 MB/s 25000 ports KiB/s DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH
10 "` route -n get default|awk '/e:/{print $2}' `" 25 N\\/A
'|sort|uniq'{,\ -c} 102400 25600 Label 1024 CFBundleIdentifier 25 25 25
1000 MB 10 per\ second 51 5120 files 4 1000 25 5120 -\\t PlistBuddy{,'
2>&1'}' -c Print' OSBundleRequired 1184 20 ' function f() {
n++;sub(/^/,"^");gsub(/\./,"\\.");gsub(/\+/,"\\+");gsub(/\-/,"\\-");gsub(/\?/,"\\?");print|"sort|uniq";};function
g(N,d) { if(n<N) print d;};'
{{,'\.'{kext,xpc,'(appex|pluginkit)'}'\/(Contents\/)?'}Info,'Launch[AD].+'}'\.plist'
'com\.apple\.' );N0=${#p[@]};p[N0]=` networksetup
-listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\)
/,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print
n;exit;} ' `;f=('\n%s'{': ','\n\n'}'%s\n' '\nRAM details\n%s\n' %s\ %s
'%s\n'"${p[50]}"'%s\n' '%s (UID %s) %s %s' '\nContents of %s\n
'"${p[50]}"'mod date: %s\n '"${p[50]}"'checksum: %s\n%s\n' '\n
...and %s more line(s)\n' 'RSSI: %s\nNoise: %s\nTx rate: %s\n'
{Privacy,Mode}': %s\n'
);b=(com.adobe.{AAM.Updater-1.0{,},AdobeCreativeCloud,CS{4,5}ServiceManager,fpsaud,SwitchBoard{,}}
${p[62]}{aelwriter,{AirPortBaseSt,SafariNotific}ationAgent,FolderActions.enabled,installer.osmessagetracing,mrt.uiagent,ReportCrash.Self,{rp,usb}muxd}
com.citrixonline.GoToMeeting.G2MUpdate com.google.keystone.daemon
com.microsoft.office.licensing.helper
com.oracle.java.{Helper-Tool,JavaUpdateHelper{,}}
org.macosforge.xquartz.{privileged_{,},}startx );c=(879294308 4071182229
461455494 3627668074 1083382502 1274181950 1855907737 2758863019
1848501757 464843899 2636415542 3694147963 1233118628 2456546649
2806998573 2778718105 842973933 2051385900 3301885676 891055588
695903914 1443423563 4136085286 523110921 2883943871 3873345487 );S0() {
echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +|
+$/,"");if(q>='${p[$1]}') printf("'"${f[5]}"'",$0,u,q,"'${p[$2]}'");}
';};S4() { echo "${p[56]}"\ ' /'${p[$1]}'$/ { p="'"${p[52]}"'\\
:'${p[$2]}' \""$0"\"";p|getline;close(p);if($0!~/ /)
f();};END{g('$3',"^'"${p[62]}"'")} ';};s=('
s/[0-9A-Za-z._]+@[0-9A-Za-z.]+\.[0-9A-Za-z]{2,4}/EMAIL/g;/faceb/s/(at\.)[^.]+/\1NAME/g;/\/Shared/!s/(\/Users\/)[^
/]+/\1USER/g;s/[-0-9A-Fa-f]{22,}/UUID/g;' ' s/^ +//;/de: S|[nst]:/p;' '
{sub(/^ +/,"")};/er:/;/y:/&&$2<'${p[46]} ' 1s/://;3,6d;/[my].+:/d;s/^
{4}//;H;${ g;s/\n$//;/s: (E[^m]|[^EO])|x([^08]|02[^F]|8[^0])/p;} ' '
5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[47]}')||($1~/^Cond/&&$2!~/^N/)
' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/
0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n''
x;s/\n\n//;/Apple[ ,]|Genesy|Intel|SMSC/d;s/\n.*//;/\)$/p;' '
s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{
s/^.+is |\.//g;p;} ' ' BEGIN { FS=":";if(system("sw_vers
-productVersion|grep -q ^10\.1"))
d="^'"${p[62]}"'launch(d\.peruser\.[0-9]+|ctl\.(Aqua|Background|System))$";}
{ if($2~/[1-9]/) { $2="status: "$2;printf("'"${f[4]}"'",$1,$2);} else
if(!d||$1!~d) print $1;} ' ' { sub(/ :/,"");print|"tail -n'${p[48]}'";}
' ' NR==2&&$4<='${p[49]}' { print $4;} ' ' END {
$2/=256;if($2>='${p[34]}') print int($2) } ' '
NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37
17`" ' NR!=5||$8!~/[RW]/{next};{
$(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0
19 20`" 's:^:/:p;' "`S4 58 35 80`" 's/^.{52}(.+) <.+/\1/p' "`S4 61 33
80`" "`S4 59 35 80`" ' NR>1&&$3!~/0x|\.([0-9]{3,}|[-0-9A-F]{36})$/ {
print $3":"$2;} ' '
/\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:.+//p ' '/^root$/p'
"${p[56]}"\ '
/\.(bundle|component|framework|kext|mdimporter|plugin|qlgenerator|saver|wdgt)$/{f()}
END{g(900,"^/System/")} ' '
/\.dylib$/!d;s/(\.|\+|\-|\?)/\\\1/g;s/^/^/p;' "${p[56]}"\ '
/Temp|emac/{next};/(etc|Preferences|Launch[AD].+)\// {
sub(".(/private)?","");f();} END {
split("'"${b[*]}"'",b);split("'"${c[*]}"'",c);for(i in b) print
b[i]"\.plist\t"c[i];g(500,"Launch");} ' '
/^\/(Ap|Dev|Inc|Prev)/d;/((iTu|ok).+dle|\.(component|mailbundle|mdimporter|plugin|qlgenerator|saver|wdgt))$/p;'
' { gsub(/[()"]/,"",$3);if($2!="="||!$3) $3="N/A";print $3;} ' ' /^\// {
sub("/dev/","",$1);printf("%s: %s\n",$1,$9);} ' p '{print $3"\t"$1}'
's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p'
'$2>'${p[43]}'{$2=$2-1;print}' ' BEGIN {
i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';}
!/^A/{next};/%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";}
/disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) {
d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)"
out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net:
"c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\]
/&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;}
' ' !/^T/ { printf "(static)";exit;} ' '/apsd|BKAg|OpenD/!s/:.+//p' '
(/k:/&& $3!~/(255\.){3}0/)||(/v6:/&&$2!~/A/) ' ' $1=="op" {m=$3};$1~"lN"
{N=$2};$1~"lR" {S=$2};$1~"Tx" {T=$2};$1~/^st/ {s=$2};$1~"li"&&$3!~"wpa2"
{printf("'"${f[9]}"'",toupper($3))};END {
if(S*N*T&&(S-N<'${p[25]}'||T<'${p[55]}'))
printf("'"${f[8]}"'",S,N,T);if(s~/^r/&&m!~/^st/)
printf("'"${f[10]}"'",m);} ' ' BEGIN { FS=":";p="uniq -c|sed -E '"'s/
+\\([0-9]+\\)\\(.+\\)/\\\2 x\\\1/;s/x1$//'"'";} {
n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]$1|p;b=b$1;}
END { close(p);if(b) print("\n\t* Code injection");} ' ' BEGIN{FS=":"} {
$3/=10240;if($3>='${p[27]}')
printf("'"${f[5]}"'",$1,$2,$3,"'"${p[23]}"'");} ' ' END {
if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';}
!/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n "$0;} END {
F=FILENAME;if(!F) exit;if(!f) f="\n [N/A]";"cksum "F|getline
C;split(C, A);C=A[1];"stat -f%Sm "F|getline D;"file -b "F|getline
T;if(T~/^Apple b/) { f="";l=0;while("'"${p[51]}"' "F|getline g) {
l++;if(l<=L) f=f"\n "g;};};if(T!~/^(AS.+ (En.+ )?text(, with
v.+)?$|(Bo|PO).+ sh.+ text ex|XM)/) F=F"\n
'"${p[50]}"'"T;printf("'"${f[6]}"'",F,D,C,f);if(l>L)
printf("'"${f[7]}"'",l-L);} ' ' s/^ ?n...://p;s/^ ?p...:/-'$'\t''/p;'
's/0/Off/p' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' '
/kext:/ { split($0,a,":");s=system("'"${p[51]}"'\\ :'${p[53]}'
\""a[1]"\"/*/I*|grep -q Sa");if(!s) a[1]=a[1]" S";if(!a[2])
a[2]="'"${p[28]}"'";printf("'"${f[4]}"'",a[1],a[2]);next;} !/^ *$/ {
p="'"${p[52]}"'\\ :'"${p[35]}"' \""$0"\"/*/'${p[57]}'";p|getline
b;close(p);if(b~/ /||b=="")
b="'"${p[28]}"'";printf("'"${f[4]}"'",$0,b);} ' '/ en/!s/\.//p' '
NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" '
$10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1":
"$9|"sort|uniq";} ' '/^ +r/s/.+"(.+)".+/\1/p'
's/(.+\.wdgt)\/(Contents\/)?'${p[57]}'$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p'
' /l: /{ /DVD/d;s/.+: //;b0'$'\n'' };/s: /{ /V/d;s/^ */-
/;H;};$b0'$'\n'' d;:0'$'\n'' x;/APPLE [^:]+$/d;p;' ' /^find: /d;p;' "`S0
44 45`" ' BEGIN{FS="= "} /Path/{print $2} ' ' /^ *$/d;s/^ */ /;' '
s/^.+ |\(.+\)$//g;p ' "`S4 60 35 20`" ' /2/{print "WARN"};/4/{print
"CRITICAL"};' ' /EVHF|MACR|^s/d;s/^.+: //p;' '
$3~/^[1-9][0-9]{0,2}(\.[1-9][0-9]{0,2}){2}$/ { i++;n=n"\n"$1"\t"$3;} END
{ if(i>1) print n;} ' s/{':[^:]+$','Pr.+n '}'//;s/ +([0-9]+)(.+)/\2:
\1/p;' ' /es: ./{ s/^.+://;b0'$'\n'' };/^ +C.+ted: +[NY]/H;/:$/b0'$'\n''
d;:0'$'\n'' x;/: +N/d;s/\n.+//p;' ' 1d;/:$/b0'$'\n'' $b0'$'\n'' /(D|^
*Loc.+): /{ s/^.+: //;H;};/(By|m): /H;d;:0'$'\n'' x;/[my]:
[AM]|^\/Vo/d;s/(^|\n) [ -~]+//g;s/(.+)\n(.+)/\2:\1/;s/\n//g;/[ -~]/p;'
's/$/:(0|-(4[34])?)$/p' ' /^ {6}[^ ]/d;s/:$//;/([^ey]|[^n]e):/d;/e:
Y/d;s/: Y.+//g;H;${ g;s/ \n (\n)/\1/g;s/\n +(M[^ ]+)[ -~]+/
(\1)/;s/\n$//;/( {8}[^ ].*){2,}/p;} ' ' BEGIN{FS=":"} {
$3/=10;if($3>='${p[41]}')
printf("'"${f[5]}"'",$1,$2,$3,"'"${p[42]}"'");} ' ' BEGIN{FS=":"} $1>1 {
if(!$4) $4="kernel_task";else { p="ps -c -ocomm -p"$4"|sed 1d";p|getline
n;close(p);if(n) $4=n;};print $4" -> "$2" (UID "$3") x"$1;} '
);c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat
sar ps crontab iotop top pkgutil "${p[52]}\\" whoami cksum kextstat
launchctl smcDiagnose sysctl\ -n defaults\ read stat lsbom 'mdfind
-onlyin /' ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;'
pluginkit scutil 'dtrace -q -n' profiles sed\ -En awk
/S*/*/P*/*/*/C*/*/airport networksetup mdutil lsof test osascript\ -e
netstat mdls kextfind );S1() { printf
kMDItemContentTypeTree=${p[62]}$1;};S2() { printf
'L*/Ca*/'${p[62]}'Saf*/E*/* -d 1 -name '${p[57]}' -exec '"${c1[14]}"'
:'$1' {} \;|uniq';};c2=(${p[62]}loginwindow\ LoginHook ' /L*/P*/loginw*'
"'tell app \"System Events\" to get properties of login items'|tr ,
\\\n" "`S2 CFBundleDisplayName`" '~ $TMPDIR.. \( -flags
+sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' -i '-nl
-print' '-F \$Sender -k Level Nle 3 -k Facility CReq
"apple\.(bird|i?clou)"'"${p[30]}" '{/,}L*/{Con,Pref}* -type f ! -size 0
-name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm
sysload boot-args status " -F '\$Time \$(RefProc): \$Message' -k Sender
Req 'fsev|kern|launchd' -k RefProc Rne 'Aq|WebK' -k Message Rne
'08012|Goog|ksadm|probe|Roame|SMC:|smcD|sserti|suhel| VALI|ver-r|xpma'
-k Message Req 'abn|bad |Beac|caug|corru|dead[^bl]|FAIL|fail|GPU |hfs:
Ru|idle ex|inval|jnl:|last value [1-9]|lv_c|NVDA\(|pagin|pci pa|proc:
t|Roamed|rror|SL|TCON|Throttli|tim(ed? ?|ing )o|WARN' " '-du -n DEV -n
EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc
/var/db/r*/'${p[62]}'*.{BS,Bas,Es,J,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag*
-type f -regex .\*[cght] ! -name .?\* ! -name \*ag \( -exec grep -lq
"^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N
-t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '/S*/*/Ca*/*xpc* >&- ||echo
No' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' "`S1
"{bundle,mach-o-dylib}"`" "`S2 ${p[35]}`"
"/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,mach_i*/*,pam.d/*,ssh{,d}_config,*.local}
{,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t
{/S*/,/,}L*/Lau*/*t .launchd.conf" list getenv
/Library/Preferences/${p[62]}alf\ globalstate --proxy '-n get default'
-I --dns -get{dnsservers,info}\ "${p[N0]}" -P -m\ / '' -n1 '-R -l1 -n1
-o prt -stats command,uid,prt' '--regexp --files
'${p[62]}'pkg.*'"${p[29]}" -kl -l -s\ / '-R -l1 -n1 -o mem -stats
command,uid,mem' '+c0 -i4TCP:0-1023' ${p[62]}dashboard\ layer-gadgets
'-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled'
"+c0 -l|awk '{print(\$1,\$3)}'${p[30]}|sort -n|tail -1|awk
'{print(\$2,\$3,\$1)}'" -m 'L*/{Con*/*/Data/L*/,}Pref* -type f -size 0c
-name *.plist.???????|wc -l' kern.memorystatus_vm_pressure_level '3>&1
>&- 2>&3' '-F \$Message -k Sender kernel -k Message CReq "'{'n Cause:
-','a underr|I/O e'}'"'"${p[30]}" '-app Safari UserStyleSheetEnabled'
-name\ kMDItem${p[35]} -T\ hfs '-F "" -k Sender hidd -k Nle 3|wc -l' {\
"' syscall:::return /errno != 0/ {@o[execname,uid]=count()} "\ ,\ "'
syscall::"{recvfrom,sendto}":return {@o[execname,uid]=sum(arg0)} "\ }\ "
tick-10sec { trunc(@o,1);printa(\"%s:%d:%@d\",@o);exit(0);} '" "'
syscall::execve:return, syscall::posix_spawn:return {
printf(\"%s:%d:%d\n\",execname,uid,ppid);} tick-10sec { exit(0);}
'""${p[30]}""|sed -E 's/ +([0-9]+) /\1:/'" );N1=${#c2[@]};for j in
{0..15};do c2[N1+j]=SP${p[j]}DataType;done;l=({Restricted\
,Lock,Pro}files POST Battery {Safari,App,{Bad,Loaded}\ kernel}\
extensions Heat System\ load boot\ args FileVault Diagnostic\ reports
Log {Free\ space,Swap}' (MiB)' Activity 'CPU per process' Login\ hook
'I/O per process' Mach\ ports User Daemons Agents XPC\ cache Startup\
items {Admin,Root}\ access Bundles {,Inserted\ }dylibs Stylesheet Font\
issues Firewall Proxies DNS TCP/IP Wi-Fi 'Elapsed time (sec)'
{Root,User}\ crontab {Global,User}' login items' Spotlight Memory
Listeners Widgets Parental\ Controls Prefetching Nets Descriptors Bad\
plists {I/O,iCloud,HID,System}\ errors 'High file counts' Memory\
pressure Volumes SMC Current\ {down,up}stream\ data Shutdowns Forks
);N3=${#l[@]};for i in {0..8};do l[N3+i]=${p[5+i]};done;A0() {
Q=5;v[2]=1;id -G|grep -qw 80;v[1]=$?;((v[1]))||{ Q=7;sudo
-v;v[2]=$?;((v[2]))||Q=8;};v[3]=`date +%s`;date '+Start time: %T
%D%n';printf '\n[Process started]\n\n'>&4;printf 'Revision: %s\n\n'
${p[54]};};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]}
${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=`
while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}"
\"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v"
]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}"
"$i";done<<<"${v[$2]}" `;[[ "$v" ]];};A'$((7+i))'() { v=` eval sudo
"${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v"
]];};';done;A9(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0
1;do eval ' B'$i'() { v=No;((v['$((i+1))']==0))&&v=;};B'$((3+i))'() {
v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){
v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf
"${v[$1]}") <(printf "${v[$2]}")|awk -F: '
{printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Ev
"${v[$1]}"<<<"$v"|sort`;};C0() { [[ "$v" ]]&&sed -E "$s"<<<"$v";};C1() {
[[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v"|sed -E "$s";};C2() {
v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E
"${s[63]}"<<<"$v"`&&C1 1 $1;};C4() { echo $'\t'"Part $((++P)) of $Q done
at $((`date +%s`-v[3])) sec">&4;};C5() { sudo -k;pbcopy<<<"$o";exit
2>&-;};for i in 1 2 7 8;do for j in 0 2 3;do eval D$i$j'(){ A'$i' $1 $2
$3; C'$j' $4;};';done;done;trap C5 2;o=$({ A0;D20 0 $((N1+1)) 2;D10 0
$N1 1;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 22;A1 0 $((N1+2)) 3;C0;A1 0
$((N1+15)) 74;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;D13 0 $((N1+9))
59 $((N3+4));for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 0
$((N1+8)) 71 $((N3+3));D13 1 10 7 9;D13 1 11 8 10;B1&&D73 19 53 67
60;D22 2 12 9 11;D12 3 13 10 12;D22 6 36 13 15;D22 20 52 66 58;D22 7 37
14 16;D23 8 15 38 17;D22 9 16 16 18;C4;B1&&{ D82 35 49 61 51;D82 11 17
17 20;D82 28 60 45 61;C4;D82 28 61 45 62;D82 28 62 75 56;D83 28 63 76
64;};D22 12 44 54 45;D22 12 39 15 21;D13 25 37 32 31;B1&&{ D73 21 0 32
19;D73 10 42 32 40;D82 29 35 46 2;};D12 34 43 53 44;D12 22 20 32 25;D22
0 $((N1+14)) 51 33;D12 21 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2
19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 38 5 68 50;D23 33 34 42
37;B1&&D83 35 45 55 46;D23 32 31 43 38;D23 4 19 44 13;B0&&{ C4;D13 5 55
69 53&&D23 6 58 31 59;D12 5 59 32 55;D13 5 54 70 63;D23 5 14 12
14;C4;};A1 13 40 18;B2 4;B4 4 5 19;A1 17 41 20;C4;B7 5;C3 8;B4 4 6 21;B4
4 7 22;B5 6 7;B3 6 6 73;B1&&{ A8 18 26 23;B7 6;B4 0 0 11;C3 23;};A2 18
26 23;B7 6;B4 0 0 11;C3 24;D13 4 21 24 26;D23 14 1 62 42;D13 37 2 48
43;D13 10 42 32 41;D12 36 47 32 48;A1 4 3 60;B2 30;A1 4 24 60;B2 31;B6
30 31 4;C3 5;D12 21 56 35 32;D12 21 48 49 49;B3 4 22 57;A1 21 46 56;B7
22;B3 0 0 58;C3 47;D13 5 7 69 54;D22 4 4 50 0;D12 4 51 32 1;D23 22 9 37
57;A2 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;D13
4 8 41 52;C4;B4 4 12 26;for i in {0..3};do A1 0 $((N1+10+i)) 72;B7 12;B4
0 0 52;C3 $((N3+5+i));((i==2))&&C4;done;A1 24 22 29;B7 12;B2 14;A4 39 57
30 0;B2 15;B6 14 15 4;C3 29;B3 4 13 27;A1 24 23 32;B7 13;C3 30;B4 4 16
65;A1 26 50 64;B7 16;C3 6;D13 40 6 32 7;A9;C2 39;C4;} 4>&2 2>/dev/null;);C5
=
2. Select and Copy the text above starting at "PATH" and ending at "C5".
Be careful not to include any other characters or spaces before or after
your selection.
3. Open your Terminal app
(Just click ⌘ + Space bar and type "Terminal" then hit enter to open it)
4. Type the word "bash" into the Terminal Window
The terminal will then read something like
4. Click the Terminal window and paste the script (⌘ + v)
You will be asked for your password. Whenever you enter your password in
the Terminal you should always check that "Secure Keyboard Entry" under
the "Terminal" tab has a checkmark next to it and not a minus sign.
While you probably have been typing in your password for every popup
that asks, it should be noted that this script is safe and makes no
changes. It only reads and reports on various items.
5. Let the script run.
It will display that part 8 of 8 has been completed and following this,
the result will be automatically copied to your clipboard.
6. Open TextEdit and paste the results to the blank document.
Look for "bad extensions" and other items that may be of interest.
Ref:-
https://sites.google.com/site/howtotellifyourmacishacked/is-etrecheck-malware
=
ChatGPT says ....
That script appears to be an obfuscated macOS diagnostic or
security-related script, possibly written by *Linc Davis*, a well-known
contributor on Apple Support Communities. The script is highly complex
and makes use of shell commands, text processing utilities (`awk`,
`sed`, `grep`), and system diagnostics tools to gather information about
a Mac system. It seems to check hardware, network status, installed
software, system logs, and other components.
### **How to Run It**
To execute it, follow these steps:
1. **Copy the script**
Save the script as a file, e.g., `linc_script.sh`.
2. **Make it Executable**
Open Terminal and navigate to the script’s location, then run:
```bash
chmod +x linc_script.sh
```
3. **Run It with Elevated Privileges**
Since the script likely queries system-level information, you might
need `sudo`:
```bash
sudo ./linc_script.sh
```
*You’ll be prompted for your administrator password.*
4. **Examine the Output**
- The script may display system diagnostics, configurations, or
other system details.
- Some parts of it seem to filter logs, system extensions, and
network settings.
### **Safety Considerations**
- **Understand What It Does:** The script appears to collect various
system details, so **do not run it blindly** on a critical machine.
- **Check the Source:** If you obtained this script from an unknown or
untrusted source, review it carefully before execution.
- **Run in a Safe Environment:** Consider running it on a test system or
inside a virtual machine.
Would you like help analyzing specific parts of the script to better
understand its function?
Back to microsoft.public.test | Previous | Next — Next in thread | Find similar
Linc Davis Script David <David.is@home.today> - 2025-03-17 07:50 +0000 Re: Linc Davis Script "David B." <BD@hotmail.co.uk> - 2025-07-29 15:25 +0100
csiph-web