1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
From: Richard Lewis <richard.lewis.debian@googlemail.com>
Date: Wed, 16 Oct 2024 09:27:33 +0100
Subject: chkrootkit: chk_chfn
Forwarded: yes
(Forwarded by email: 21 Dec 2024)
---
chkrootkit | 23 +++++++++++++----------
1 file changed, 13 insertions(+), 10 deletions(-)
diff --git a/chkrootkit b/chkrootkit
index 126a045..0d0508a 100755
--- a/chkrootkit
+++ b/chkrootkit
@@ -1441,8 +1441,8 @@ exclude_fstype ()
chk_chfn () {
STATUS=${NOT_INFECTED}
- CMD=`loc chfn chfn $pth`
- [ ${?} -ne 0 ] && return ${NOT_FOUND}
+ CMD=$(loc chfn chfn "$pth")
+ [ ${?} -ne 0 ] && return "${NOT_FOUND}"
if [ "${EXPERT}" = "t" ]; then
expertmode_output "${strings} -a ${CMD}"
@@ -1451,20 +1451,23 @@ chk_chfn () {
case "${SYSTEM}" in
Linux)
- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \
+ if "${strings}" -a "${CMD}" | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \
>/dev/null 2>&1
then
STATUS=${INFECTED}
fi;;
FreeBSD)
- [ `echo $V | ${awk} '{ if ( $1 >= 5.0) print 1; else print 0 }'` -eq 1 ] && n=1 || n=2
- if [ `${strings} -a ${CMD} | \
- ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ]
- then
- STATUS=${INFECTED}
- fi;;
+ if [ "$("${echo}" "$V" | "${awk}" '{ if ( $1 >= 5.0) print 1; else print 0 }')" -eq 1 ];
+ then
+ n=1
+ else
+ n=2
+ fi
+ if [ "$("${strings}" -a "${CMD}" | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}")" -ne "$n" ]; then
+ STATUS=${INFECTED}
+ fi;;
esac
- return ${STATUS}
+ return "${STATUS}"
}
chk_chsh () {
|
