|
|
|
@ -0,0 +1,21 @@ |
|
|
|
diff -Naur chkrootkit-0.44.orig/chkrootkit chkrootkit-0.44/chkrootkit
|
|
|
|
--- chkrootkit-0.44.orig/chkrootkit 2004-09-01 14:27:28.000000000 +0100
|
|
|
|
+++ chkrootkit-0.44/chkrootkit 2004-11-10 16:06:21.000000000 +0000
|
|
|
|
@@ -1054,7 +1054,7 @@
|
|
|
|
getCMD() { |
|
|
|
|
|
|
|
RUNNING=`${ps} ${ps_cmd} | ${egrep} "${L_REGEXP}${1}${R_REGEXP}" | \ |
|
|
|
- ${egrep} -v egrep | ${egrep} -v chkrootkit | ${head} -1 | \
|
|
|
|
+ ${egrep} -v egrep | ${egrep} -v chkrootkit | ${head} -n 1 | \
|
|
|
|
${awk} '{ print $5 }'` |
|
|
|
|
|
|
|
for i in ${ROOTDIR}${RUNNING} ${ROOTDIR}usr/sbin/${1} `loc ${1} ${1} $pth` |
|
|
|
@@ -2178,7 +2178,7 @@
|
|
|
|
TCPD_INFECTED_LABEL="p1r0c4|hack|/dev/xmx|/dev/hdn0|/dev/xdta|/dev/tux" |
|
|
|
|
|
|
|
[ -r ${ROOTDIR}etc/inetd.conf ] && |
|
|
|
- CMD=`${egrep} '^[^#].*tcpd' ${ROOTDIR}etc/inetd.conf | ${head} -1 | \
|
|
|
|
+ CMD=`${egrep} '^[^#].*tcpd' ${ROOTDIR}etc/inetd.conf | ${head} -n 1 | \
|
|
|
|
${awk} '{ print $6 }'` |
|
|
|
if ${ps} auwx | ${egrep} xinetd | ${egrep} -v grep >/dev/null 2>&1; then |
|
|
|
CMD=`loc tcpd tcpd $pth` |
Alan J. Wylie
20 years ago