|
Line
Link Here
|
| 0 |
-- chkrootkit.orig 2008-04-12 13:39:50.000000000 +0300 |
0 |
++ chkrootkit 2008-04-12 13:31:03.000000000 +0300 |
|
Lines 12-17
Link Here
|
| 12 |
|
12 |
|
| 13 |
# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` |
13 |
# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` |
| 14 |
IFPROMISC="/usr/sbin/ifpromisc" |
14 |
IFPROMISC="/usr/sbin/ifpromisc" |
|
|
15 |
CHKDIRS="/usr/sbin/chkdirs" |
| 15 |
CHKLASTLOG="/usr/sbin/chklastlog" |
16 |
CHKLASTLOG="/usr/sbin/chklastlog" |
| 16 |
CHKPROC="/usr/sbin/chkproc" |
17 |
CHKPROC="/usr/sbin/chkproc" |
| 17 |
CHKWTMP="/usr/sbin/chkwtmp" |
18 |
CHKWTMP="/usr/sbin/chkwtmp" |
|
Lines 723-730
Link Here
|
| 723 |
if [ "${QUIET}" != "t" ]; then printn \ |
724 |
if [ "${QUIET}" != "t" ]; then printn \ |
| 724 |
"Searching for suspicious files and dirs, it may take a while... "; fi |
725 |
"Searching for suspicious files and dirs, it may take a while... "; fi |
| 725 |
|
726 |
|
| 726 |
files=`${find} ${DIR} -name ".[A-Za-z]*" -o -name "...*" -o -name ".. *"` |
727 |
files=`${find} ${DIR} ! -type d ! -size 0 ! -name .packlist -name ".[A-Za-z]*" -o -name "...*" -o -name ".. *"` |
| 727 |
dirs=`${find} ${DIR} -type d -name ".*"` |
728 |
dirs=`${find} ${DIR} ! -path /usr/lib/nessus/plugins/.desc -type d -name ".*"` |
| 728 |
if [ "${files}" = "" -a "${dirs}" = "" ] |
729 |
if [ "${files}" = "" -a "${dirs}" = "" ] |
| 729 |
then |
730 |
then |
| 730 |
if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi |
731 |
if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi |
|
Lines 1616-1622
Link Here
|
| 1616 |
expertmode_output "${CMD} -l -u nobody" |
1617 |
expertmode_output "${CMD} -l -u nobody" |
| 1617 |
return 5 |
1618 |
return 5 |
| 1618 |
fi |
1619 |
fi |
| 1619 |
if ${CMD} -l -u nobody >/dev/null 2>&1 ; then |
1620 |
if [ -n "$(${CMD} -l -u nobody 2>/dev/null)" ]; then |
| 1620 |
${echo} "Warning: crontab for nobody found, possible Lupper.Worm... " |
1621 |
${echo} "Warning: crontab for nobody found, possible Lupper.Worm... " |
| 1621 |
if ${CMD} -l -u nobody 2>/dev/null | ${egrep} $CRONTAB_I_L >/dev/null 2>&1 |
1622 |
if ${CMD} -l -u nobody 2>/dev/null | ${egrep} $CRONTAB_I_L >/dev/null 2>&1 |
| 1622 |
then |
1623 |
then |
