]>
Commit | Line | Data |
---|---|---|
c7338f1b | 1 | diff -Nur chkrootkit-0.48.orig/chkrootkit chkrootkit-0.48/chkrootkit |
2 | --- chkrootkit-0.48.orig/chkrootkit 2007-12-17 19:54:42.000000000 +0100 | |
3 | +++ chkrootkit-0.48/chkrootkit 2008-01-02 15:48:19.000000000 +0100 | |
4 | @@ -158,23 +158,23 @@ | |
7396ff59 | 5 | fi |
6 | ||
7 | if [ "${EXPERT}" = "t" ]; then | |
6eecdcbe | 8 | - expertmode_output "./ifpromisc" -v |
9 | + expertmode_output "/usr/bin/chkrootkit-ifpromisc" -v | |
7396ff59 | 10 | return 5 |
11 | fi | |
6eecdcbe | 12 | - if [ ! -x ./ifpromisc ]; then |
13 | - echo "not tested: can't exec ./ifpromisc" | |
14 | + if [ ! -x /usr/bin/chkrootkit-ifpromisc ]; then | |
15 | + echo "not tested: can't exec /usr/bin/chkrootkit-ifpromisc" | |
16 | return ${NOT_TESTED} | |
e2cdd59e | 17 | else |
6eecdcbe | 18 | - [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q |
19 | + [ "${QUIET}" != "t" ] && /usr/bin/chkrootkit-ifpromisc -v || /usr/bin/chkrootkit-ifpromisc -q | |
20 | fi | |
7396ff59 | 21 | } |
22 | ||
c855298d | 23 | chkutmp() { |
24 | - if [ ! -x ./chkutmp ]; then | |
25 | - echo "not tested: can't exec ./chkutmp" | |
26 | + if [ ! -x /usr/bin/chkrootkit-chkutmp ]; then | |
27 | + echo "not tested: can't exec /usr/bin/chkrootkit-chkutmp" | |
28 | return ${NOT_TESTED} | |
29 | fi | |
30 | - if ./chkutmp | |
31 | + if /usr/bin/chkrootkit-chkutmp | |
32 | then | |
33 | if [ "${QUIET}" != "t" ]; then echo "chkutmp: nothing deleted"; fi | |
34 | fi | |
c7338f1b | 35 | @@ -182,8 +182,8 @@ |
c855298d | 36 | } |
37 | ||
7396ff59 | 38 | z2 () { |
39 | - if [ ! -x ./chklastlog ]; then | |
40 | - echo "not tested: can't exec ./chklastlog" | |
cf2a8946 | 41 | + if [ ! -x /usr/bin/chkrootkit-chklastlog ]; then |
42 | + echo "not tested: can't exec /usr/bin/chkrootkit-chklastlog" | |
7396ff59 | 43 | return ${NOT_TESTED} |
44 | fi | |
45 | ||
c7338f1b | 46 | @@ -196,32 +196,32 @@ |
6eecdcbe | 47 | fi |
7396ff59 | 48 | |
49 | if [ "${EXPERT}" = "t" ]; then | |
50 | - expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" | |
cf2a8946 | 51 | + expertmode_output "/usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG}" |
7396ff59 | 52 | return 5 |
53 | fi | |
54 | ||
55 | - if ./chklastlog -f ${WTMP} -l ${LASTLOG} | |
cf2a8946 | 56 | + if /usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG} |
7396ff59 | 57 | then |
c855298d | 58 | if [ "${QUIET}" != "t" ]; then echo "chklastlog: nothing deleted"; fi |
7396ff59 | 59 | fi |
60 | } | |
61 | ||
62 | wted () { | |
63 | - if [ ! -x ./chkwtmp ]; then | |
64 | - echo "not tested: can't exec ./chkwtmp" | |
cf2a8946 | 65 | + if [ ! -x /usr/bin/chkrootkit-chkwtmp ]; then |
66 | + echo "not tested: can't exec /usr/bin/chkrootkit-chkwtmp" | |
7396ff59 | 67 | return ${NOT_TESTED} |
68 | fi | |
69 | ||
eb06d3e0 | 70 | if [ "$SYSTEM" = "SunOS" ]; then |
7396ff59 | 71 | - if [ ! -x ./check_wtmpx ]; then |
72 | - echo "not tested: can't exec ./check_wtmpx" | |
cf2a8946 | 73 | + if [ ! -x /usr/bin/chkrootkit-check_wtmpx ]; then |
74 | + echo "not tested: can't exec /usr/bin/chkrootkit-check_wtmpx" | |
7396ff59 | 75 | else |
76 | if [ "${EXPERT}" = "t" ]; then | |
b49a9f40 | 77 | - expertmode_output "./check_wtmpx" |
cf2a8946 | 78 | + expertmode_output "/usr/bin/chkrootkit-check_wtmpx" |
7396ff59 | 79 | return 5 |
80 | fi | |
d0a23021 | 81 | if [ -f ${ROOTDIR}var/adm/wtmp ]; then |
6eecdcbe | 82 | - if ./check_wtmpx |
83 | + if /usr/bin/chkrootkit-check_wtmpx | |
84 | then | |
85 | if [ "${QUIET}" != "t" ]; then \ | |
c855298d | 86 | echo "check_wtmpx: nothing deleted in /var/adm/wtmpx"; fi |
c7338f1b | 87 | @@ -232,12 +232,12 @@ |
eb06d3e0 | 88 | WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` |
7396ff59 | 89 | |
eb06d3e0 | 90 | if [ "${EXPERT}" = "t" ]; then |
91 | - expertmode_output "./chkwtmp -f ${WTMP}" | |
cf2a8946 | 92 | + expertmode_output "/usr/bin/chkrootkit-chkwtmp -f ${WTMP}" |
eb06d3e0 | 93 | return 5 |
94 | fi | |
7396ff59 | 95 | fi |
96 | ||
97 | - if ./chkwtmp -f ${WTMP} | |
cf2a8946 | 98 | + if /usr/bin/chkrootkit-chkwtmp -f ${WTMP} |
7396ff59 | 99 | then |
c855298d | 100 | if [ "${QUIET}" != "t" ]; then echo "chkwtmp: nothing deleted"; fi |
7396ff59 | 101 | fi |
ef7cad36 | 102 | @@ -275,8 +275,8 @@ |
abb05b7a | 103 | prog="" |
d8f4eeda | 104 | if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ |
ef7cad36 | 105 | `echo ${V} | ${awk} '{ if ($1 > 4.3 || $1 < 6.0) print 1; else print 0 }'` -eq 1 \) \) -a "${ROOTDIR}" = "/" ]; then |
106 | - [ -x ./chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="./chkproc" | |
107 | - [ -x ./chkdirs ] && prog="$prog ./chkdirs" | |
108 | + [ -x /usr/bin/chkrootkit-chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="/usr/bin/chkrootkit-chkproc" | |
109 | + [ -x /usr/bin/chkrootkit-chkdirs ] && prog="$prog /usr/bin/chkrootkit-chkdirs" | |
110 | if [ "$prog" = "" ]; then | |
111 | echo "not tested: can't exec $prog" | |
112 | return ${NOT_TESTED} | |
c7338f1b | 113 | @@ -288,7 +288,7 @@ |
114 | PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |${awk} -F . '{ print $1 "." $2 $3 }' | ${awk} '{ if ($0 > 3.19) print 3; else if ($0 < 2.015) print 1; else print 2 }'` | |
115 | [ "$PV" = "" ] && PV=2 | |
d0a23021 | 116 | [ "${SYSTEM}" = "SunOS" ] && PV=0 |
117 | - expertmode_output "./chkproc -v -v -p $PV" | |
118 | + expertmode_output "/usr/bin/chkrootkit-chkproc -v -v -p $PV" | |
119 | return 5 | |
7396ff59 | 120 | fi |
121 | ||
ef7cad36 | 122 | @@ -315,7 +315,7 @@ |
d0a23021 | 123 | if [ "${DEBUG}" = "t" ]; then |
c855298d | 124 | ${echo} "*** PV=$PV ***" |
7396ff59 | 125 | fi |
ef7cad36 | 126 | - if ./chkproc -p ${PV}; then |
127 | + if /usr/bin/chkrootkit-chkproc -p ${PV}; then | |
128 | if [ "${QUIET}" != "t" ]; then echo "chkproc: nothing detected"; fi | |
7396ff59 | 129 | else |
ef7cad36 | 130 | echo "chkproc: Warning: Possible LKM Trojan installed" |
c7338f1b | 131 | @@ -324,7 +324,7 @@ |
132 | for i in /usr/share /usr/bin /usr/sbin /lib; do | |
133 | [ -d $i ] && dirs="$dirs $i" | |
134 | done | |
135 | - if ./chkdirs $dirs; then | |
136 | + if /usr/bin/chkrootkit-chkdirs $dirs; then | |
137 | if [ "${QUIET}" != "t" ]; then echo "chkdirs: nothing detected"; fi | |
138 | else | |
139 | echo "chkdirs: Warning: Possible LKM Trojan installed" | |
140 | @@ -1690,18 +1690,18 @@ | |
7396ff59 | 141 | |
142 | if [ "${SYSTEM}" = "Linux" ] | |
143 | then | |
6eecdcbe | 144 | - if [ ! -x ./strings-static ]; then |
b49a9f40 | 145 | - printn "can't exec ./strings-static, " |
d0a23021 | 146 | + if [ ! -x /usr/bin/chkrootkit-strings-static ]; then |
147 | + printn "can't exec /usr/bin/chkrootkit-strings-static, " | |
7396ff59 | 148 | return ${NOT_TESTED} |
149 | fi | |
150 | ||
151 | if [ "${EXPERT}" = "t" ]; then | |
d0a23021 | 152 | - expertmode_output "./strings-static -a ${CMD}" |
153 | + expertmode_output "/usr/bin/chkrootkit-strings-static -a ${CMD}" | |
7396ff59 | 154 | return 5 |
155 | fi | |
156 | ||
b49a9f40 | 157 | ### strings must be a statically linked binary. |
6eecdcbe | 158 | - if ./strings-static -a ${CMD} > /dev/null 2>&1 |
d0a23021 | 159 | + if /usr/bin/chkrootkit-strings-static -a ${CMD} > /dev/null 2>&1 |
7396ff59 | 160 | then |
161 | STATUS=${INFECTED} | |
162 | fi |