1 diff -Nur chkrootkit-0.48.orig/chkrootkit chkrootkit-0.48/chkrootkit
2 --- chkrootkit-0.48.orig/chkrootkit 2007-12-17 19:54:42.000000000 +0100
3 +++ chkrootkit-0.48/chkrootkit 2008-01-02 15:48:19.000000000 +0100
7 if [ "${EXPERT}" = "t" ]; then
8 - expertmode_output "./ifpromisc" -v
9 + expertmode_output "/usr/bin/chkrootkit-ifpromisc" -v
12 - if [ ! -x ./ifpromisc ]; then
13 - echo "not tested: can't exec ./ifpromisc"
14 + if [ ! -x /usr/bin/chkrootkit-ifpromisc ]; then
15 + echo "not tested: can't exec /usr/bin/chkrootkit-ifpromisc"
18 - [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q
19 + [ "${QUIET}" != "t" ] && /usr/bin/chkrootkit-ifpromisc -v || /usr/bin/chkrootkit-ifpromisc -q
24 - if [ ! -x ./chkutmp ]; then
25 - echo "not tested: can't exec ./chkutmp"
26 + if [ ! -x /usr/bin/chkrootkit-chkutmp ]; then
27 + echo "not tested: can't exec /usr/bin/chkrootkit-chkutmp"
31 + if /usr/bin/chkrootkit-chkutmp
33 if [ "${QUIET}" != "t" ]; then echo "chkutmp: nothing deleted"; fi
39 - if [ ! -x ./chklastlog ]; then
40 - echo "not tested: can't exec ./chklastlog"
41 + if [ ! -x /usr/bin/chkrootkit-chklastlog ]; then
42 + echo "not tested: can't exec /usr/bin/chkrootkit-chklastlog"
49 if [ "${EXPERT}" = "t" ]; then
50 - expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}"
51 + expertmode_output "/usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG}"
55 - if ./chklastlog -f ${WTMP} -l ${LASTLOG}
56 + if /usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG}
58 if [ "${QUIET}" != "t" ]; then echo "chklastlog: nothing deleted"; fi
63 - if [ ! -x ./chkwtmp ]; then
64 - echo "not tested: can't exec ./chkwtmp"
65 + if [ ! -x /usr/bin/chkrootkit-chkwtmp ]; then
66 + echo "not tested: can't exec /usr/bin/chkrootkit-chkwtmp"
70 if [ "$SYSTEM" = "SunOS" ]; then
71 - if [ ! -x ./check_wtmpx ]; then
72 - echo "not tested: can't exec ./check_wtmpx"
73 + if [ ! -x /usr/bin/chkrootkit-check_wtmpx ]; then
74 + echo "not tested: can't exec /usr/bin/chkrootkit-check_wtmpx"
76 if [ "${EXPERT}" = "t" ]; then
77 - expertmode_output "./check_wtmpx"
78 + expertmode_output "/usr/bin/chkrootkit-check_wtmpx"
81 if [ -f ${ROOTDIR}var/adm/wtmp ]; then
83 + if /usr/bin/chkrootkit-check_wtmpx
85 if [ "${QUIET}" != "t" ]; then \
86 echo "check_wtmpx: nothing deleted in /var/adm/wtmpx"; fi
88 WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"`
90 if [ "${EXPERT}" = "t" ]; then
91 - expertmode_output "./chkwtmp -f ${WTMP}"
92 + expertmode_output "/usr/bin/chkrootkit-chkwtmp -f ${WTMP}"
97 - if ./chkwtmp -f ${WTMP}
98 + if /usr/bin/chkrootkit-chkwtmp -f ${WTMP}
100 if [ "${QUIET}" != "t" ]; then echo "chkwtmp: nothing deleted"; fi
104 if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \
105 `echo ${V} | ${awk} '{ if ($1 > 4.3 || $1 < 6.0) print 1; else print 0 }'` -eq 1 \) \) -a "${ROOTDIR}" = "/" ]; then
106 - [ -x ./chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="./chkproc"
107 - [ -x ./chkdirs ] && prog="$prog ./chkdirs"
108 + [ -x /usr/bin/chkrootkit-chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="/usr/bin/chkrootkit-chkproc"
109 + [ -x /usr/bin/chkrootkit-chkdirs ] && prog="$prog /usr/bin/chkrootkit-chkdirs"
110 if [ "$prog" = "" ]; then
111 echo "not tested: can't exec $prog"
114 PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |${awk} -F . '{ print $1 "." $2 $3 }' | ${awk} '{ if ($0 > 3.19) print 3; else if ($0 < 2.015) print 1; else print 2 }'`
115 [ "$PV" = "" ] && PV=2
116 [ "${SYSTEM}" = "SunOS" ] && PV=0
117 - expertmode_output "./chkproc -v -v -p $PV"
118 + expertmode_output "/usr/bin/chkrootkit-chkproc -v -v -p $PV"
123 if [ "${DEBUG}" = "t" ]; then
124 ${echo} "*** PV=$PV ***"
126 - if ./chkproc -p ${PV}; then
127 + if /usr/bin/chkrootkit-chkproc -p ${PV}; then
128 if [ "${QUIET}" != "t" ]; then echo "chkproc: nothing detected"; fi
130 echo "chkproc: Warning: Possible LKM Trojan installed"
132 for i in /usr/share /usr/bin /usr/sbin /lib; do
133 [ -d $i ] && dirs="$dirs $i"
135 - if ./chkdirs $dirs; then
136 + if /usr/bin/chkrootkit-chkdirs $dirs; then
137 if [ "${QUIET}" != "t" ]; then echo "chkdirs: nothing detected"; fi
139 echo "chkdirs: Warning: Possible LKM Trojan installed"
140 @@ -1690,18 +1690,18 @@
142 if [ "${SYSTEM}" = "Linux" ]
144 - if [ ! -x ./strings-static ]; then
145 - printn "can't exec ./strings-static, "
146 + if [ ! -x /usr/bin/chkrootkit-strings-static ]; then
147 + printn "can't exec /usr/bin/chkrootkit-strings-static, "
151 if [ "${EXPERT}" = "t" ]; then
152 - expertmode_output "./strings-static -a ${CMD}"
153 + expertmode_output "/usr/bin/chkrootkit-strings-static -a ${CMD}"
157 ### strings must be a statically linked binary.
158 - if ./strings-static -a ${CMD} > /dev/null 2>&1
159 + if /usr/bin/chkrootkit-strings-static -a ${CMD} > /dev/null 2>&1