wok-current diff chkrootkit/stuff/chkrootkit.u @ rev 19453

Up firefox-official (49.0.2)
author Aleksej Bobylev <al.bobylev@gmail.com>
date Fri Oct 21 10:19:29 2016 +0300 (2016-10-21)
parents 53abdfcf11d4
children 5b354223d4ec
line diff
     1.1 --- a/chkrootkit/stuff/chkrootkit.u	Mon Jun 15 09:16:13 2015 +0200
     1.2 +++ b/chkrootkit/stuff/chkrootkit.u	Fri Oct 21 10:19:29 2016 +0300
     1.3 @@ -1,5 +1,5 @@
     1.4 ---- chkrootkit-0.48/chkrootkit
     1.5 -+++ chkrootkit-0.48/chkrootkit
     1.6 +--- chkrootkit-0.50/chkrootkit
     1.7 ++++ chkrootkit-0.50/chkrootkit
     1.8  @@ -591,8 +591,13 @@
     1.9         if [ ! -z "${SHELL}" -a ! -z "${HOME}" ]; then
    1.10         expertmode_output "${find} ${ROOTDIR}${HOME} ${findargs} -name .*history \
    1.11 @@ -15,7 +15,7 @@
    1.12         fi
    1.13   
    1.14         return 5
    1.15 -@@ -991,7 +996,9 @@
    1.16 +@@ -986,7 +991,9 @@
    1.17      ### Suckit
    1.18      if [ -f ${ROOTDIR}sbin/init ]; then
    1.19         if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit... "; fi
    1.20 @@ -26,7 +26,7 @@
    1.21   	      cat ${ROOTDIR}/proc/1/maps | ${egrep} "init." ) >/dev/null 2>&1
    1.22           then
    1.23           echo "Warning: ${ROOTDIR}sbin/init INFECTED"
    1.24 -@@ -1190,7 +1195,12 @@
    1.25 +@@ -1190,7 +1197,12 @@
    1.26         files=`${find} ${ROOTDIR}${HOME} ${findargs} -name '.*history' -size 0`
    1.27         [ ! -z "${files}" ] && \
    1.28           echo "Warning: \`${files}' file size is zero"
    1.29 @@ -38,9 +38,9 @@
    1.30  +      fi
    1.31  +      files1=`eval ${find} ${ROOTDIR}${HOME} ${findargs} -name '.*history' $files1`
    1.32         [ ! -z "${files1}" ] && \
    1.33 -         echo "Warning: \`${files}' is linked to another file"
    1.34 +         echo "Warning: \`${files1}' is linked to another file"
    1.35      fi
    1.36 -@@ -1600,6 +1610,9 @@
    1.37 +@@ -1600,6 +1612,9 @@
    1.38   chk_netstat () {
    1.39       STATUS=${NOT_INFECTED}
    1.40   NETSTAT_I_L="/dev/hdl0/dev/xdta|/dev/ttyoa|/dev/pty[pqrsx]|/dev/cui|/dev/hdn0|/dev/cui221|/dev/dszy|/dev/ddth3|/dev/caca|^/prof|/dev/tux|grep|addr\.h|__bzero"