diff options
| author |   Bryan Østergaard <kloeri@gentoo.org> | 2004-08-21 22:55:57 +0000 |
|---|---|---|
| committer | Bryan Østergaard <kloeri@gentoo.org> | 2004-08-21 22:55:57 +0000 |
| commit | 18d4ac2888efb343f9d9c2b3f7f2a50fd5480a64 (patch) | |
| tree | e09e74c62d60e1891a02fb1f8030318b4b7d57b4 /app-admin | |
| parent | transset for transparency settings in xorg snapshots (Manifest recommit) (diff) | |
| download | gentoo-2-18d4ac2888efb343f9d9c2b3f7f2a50fd5480a64.tar.gz gentoo-2-18d4ac2888efb343f9d9c2b3f7f2a50fd5480a64.tar.bz2 gentoo-2-18d4ac2888efb343f9d9c2b3f7f2a50fd5480a64.zip | |
Fix bug 57700, new revision by Aaron Walker. Move big patches to gentoo mirrors and clean out stray patches from files/.
Diffstat (limited to 'app-admin')
| -rw-r--r-- | app-admin/chkrootkit/ChangeLog | 11 | ||||
| -rw-r--r-- | app-admin/chkrootkit/Manifest | 11 | ||||
| -rw-r--r-- | app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild | 7 | ||||
| -rw-r--r-- | app-admin/chkrootkit/chkrootkit-0.43-r3.ebuild | 36 | ||||
| -rw-r--r-- | app-admin/chkrootkit/chkrootkit-0.43.ebuild | 7 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.39a-gentoo.diff | 917 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.41-gentoo.diff | 969 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.42b-gentoo.diff | 980 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.43-gentoo.diff | 954 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.43-r1-gentoo.diff | 975 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff | 977 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/digest-chkrootkit-0.43-r3 | 2 |
12 files changed, 61 insertions, 5785 deletions
diff --git a/app-admin/chkrootkit/ChangeLog b/app-admin/chkrootkit/ChangeLog index 174deaea5e90..8ed98edd4d59 100644 --- a/app-admin/chkrootkit/ChangeLog +++ b/app-admin/chkrootkit/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for app-admin/chkrootkit # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/ChangeLog,v 1.36 2004/07/29 04:05:01 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/ChangeLog,v 1.37 2004/08/21 22:55:57 kloeri Exp $ + +*chkrootkit-0.43-r3 (22 Aug 2004) + + 22 Aug 2004; Bryan Østergaard <kloeri@gentoo.org> + -files/chkrootkit-0.39a-gentoo.diff, -files/chkrootkit-0.41-gentoo.diff, + -files/chkrootkit-0.42b-gentoo.diff, chkrootkit-0.43-r2.ebuild, + +chkrootkit-0.43-r3.ebuild, chkrootkit-0.43.ebuild: + Fix bug 57700, new revision by Aaron Walker. Move big patches to gentoo + mirrors and clean out stray patches from files/. 29 Jul 2004; <solar@gentoo.org> chkrootkit-0.43-r2.ebuild: app-admin/chkrootkit: strings-static is not static. bug 57701 diff --git a/app-admin/chkrootkit/Manifest b/app-admin/chkrootkit/Manifest index 2ccffd3ef543..a0289ed3743c 100644 --- a/app-admin/chkrootkit/Manifest +++ b/app-admin/chkrootkit/Manifest @@ -1,15 +1,14 @@ -MD5 1404595fffc5814266122ca169dc973d chkrootkit-0.43-r2.ebuild 890 +MD5 cf589ee8fc77227ba695851654546484 chkrootkit-0.43-r2.ebuild 929 MD5 f746627867c6acedf3102019aa4521ff chkrootkit-0.37.ebuild 744 -MD5 54d7ad77810d3e370a1d6b418dc75e57 chkrootkit-0.43.ebuild 924 -MD5 0cd81f3fafb449b6898aad9d8445d3af ChangeLog 4748 +MD5 8e599e9ebfc5c4e1448dad554c640f7e chkrootkit-0.43.ebuild 962 +MD5 9a7c769a1eef9c800d16f84da433d321 ChangeLog 5156 MD5 1652522405f5936eb29776ef8d5ffa5b metadata.xml 310 +MD5 2155dace24f32a4bc723afd4dc60a86a chkrootkit-0.43-r3.ebuild 818 MD5 cb48ba04bfdc24c6ab155896f6c13344 files/chkrootkit-0.43-gentoo.diff 30128 MD5 7fc015bb14817d40e62bb17ca3a2b968 files/chkrootkit-0.43-r1-gentoo.diff 30730 MD5 e403f736d82cbf43e0780a5bb62993cb files/digest-chkrootkit-0.43-r2 66 +MD5 e4f72853578cf59cb609efc280621591 files/digest-chkrootkit-0.43-r3 142 MD5 f97957a94793b86fd018b32e44811f89 files/chkrootkit-0.37-gentoo.diff 4531 -MD5 e9f2cc0eace779d1cad291deb9d9c7e1 files/chkrootkit-0.39a-gentoo.diff 28218 MD5 8bc5937bf9b751274879df6b15b4a1e5 files/chkrootkit-0.43-r2-gentoo.diff 30774 -MD5 4a7462549213c3ef88c11df667b2eeda files/chkrootkit-0.41-gentoo.diff 30253 -MD5 3259dda202b238de8bc2fb5b23a298c6 files/chkrootkit-0.42b-gentoo.diff 30932 MD5 7cf45be07aafbbaa3252ce9ece31d5b6 files/digest-chkrootkit-0.37 66 MD5 e403f736d82cbf43e0780a5bb62993cb files/digest-chkrootkit-0.43 66 diff --git a/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild b/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild index 28cff846937a..2c52918da2dc 100644 --- a/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild +++ b/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild @@ -1,12 +1,13 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild,v 1.3 2004/07/29 04:05:01 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild,v 1.4 2004/08/21 22:55:57 kloeri Exp $ inherit eutils DESCRIPTION="a tool to locally check for signs of a rootkit" HOMEPAGE="http://www.chkrootkit.org/" -SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz" +SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz + mirror://gentoo/${PF}-gentoo.diff.gz" LICENSE="AMS" SLOT="0" @@ -19,7 +20,7 @@ DEPEND="virtual/libc src_unpack() { unpack ${A} cd ${S} - epatch ${FILESDIR}/${PF}-gentoo.diff + epatch ${WORKDIR}/${PF}-gentoo.diff sed -i 's:${head} -:${head} -n :' chkrootkit sed -i 's:/var/adm:/var/log:g' chklastlog.c } diff --git a/app-admin/chkrootkit/chkrootkit-0.43-r3.ebuild b/app-admin/chkrootkit/chkrootkit-0.43-r3.ebuild new file mode 100644 index 000000000000..bfe087487fbf --- /dev/null +++ b/app-admin/chkrootkit/chkrootkit-0.43-r3.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43-r3.ebuild,v 1.1 2004/08/21 22:55:57 kloeri Exp $ + +inherit eutils + +DESCRIPTION="a tool to locally check for signs of a rootkit" +HOMEPAGE="http://www.chkrootkit.org/" +SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz + mirror://gentoo/${PF}-gentoo.diff.gz" + +LICENSE="AMS" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~alpha ~ia64 ~amd64" +IUSE="" + +DEPEND="virtual/libc + >=sys-apps/sed-4" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${WORKDIR}/${PF}-gentoo.diff + sed -i 's:${head} -:${head} -n :' chkrootkit + sed -i 's:/var/adm:/var/log:g' chklastlog.c +} + +src_compile() { + make sense || die +} + +src_install() { + dosbin chkdirs chklastlog chkproc chkrootkit chkwtmp ifpromisc \ + strings-static || die + dodoc README README.chklastlog README.chkwtmp +} diff --git a/app-admin/chkrootkit/chkrootkit-0.43.ebuild b/app-admin/chkrootkit/chkrootkit-0.43.ebuild index fa03a8a802bd..bf4be9849262 100644 --- a/app-admin/chkrootkit/chkrootkit-0.43.ebuild +++ b/app-admin/chkrootkit/chkrootkit-0.43.ebuild @@ -1,12 +1,13 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43.ebuild,v 1.12 2004/07/24 12:49:00 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43.ebuild,v 1.13 2004/08/21 22:55:57 kloeri Exp $ inherit eutils DESCRIPTION="a tool to locally check for signs of a rootkit" HOMEPAGE="http://www.chkrootkit.org/" -SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz" +SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz + mirror://gentoo/${P}-gentoo.diff.gz" LICENSE="AMS" SLOT="0" @@ -19,7 +20,7 @@ DEPEND="virtual/libc src_unpack() { unpack ${A} cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff + epatch ${WORKDIR}/${P}-gentoo.diff sed -i 's:${head} -:${head} -n :' chkrootkit sed -i 's:/var/adm:/var/log:g' chklastlog.c } diff --git a/app-admin/chkrootkit/files/chkrootkit-0.39a-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.39a-gentoo.diff deleted file mode 100644 index 9689501d4c74..000000000000 --- a/app-admin/chkrootkit/files/chkrootkit-0.39a-gentoo.diff +++ /dev/null @@ -1,917 +0,0 @@ ---- chkrootkit-0.39a/chkrootkit 2003-01-30 23:45:57.000000000 +0100 -+++ chkrootkit 2003-02-15 15:53:20.000000000 +0100 -@@ -10,6 +10,16 @@ - # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. - # All rights reserved - -+# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` -+IFPROMISC="/usr/sbin/ifpromisc" -+CHKLASTLOG="/usr/sbin/chklastlog" -+CHKPROC="/usr/sbin/chkproc" -+CHKWTMP="/usr/sbin/chkwtmp" -+CHECK_WTMPX="/usr/sbin/check_wtmpx" -+# ebuild doesn't install chkrootkit's strings; use gnus. -+STRINGS="/usr/bin/strings" -+ -+ - ### workaround for some Bourne shell implementations - unalias login > /dev/null 2>&1 - unalias ls > /dev/null 2>&1 -@@ -96,7 +106,7 @@ - - if [ "${EXPERT}" = "t" ]; then - expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -@@ -112,7 +122,7 @@ - STATUS=${INFECTED} - fi - -- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 - then - echo "INFECTED" - STATUS=${INFECTED} -@@ -130,22 +140,22 @@ - return ${NOT_TESTED} - fi - -- if [ ! -x ./ifpromisc ]; then -- echo "not tested: can't exec ./ifpromisc" -+ if [ ! -x ${IFPROMISC} ]; then -+ echo "not tested: can't exec ${IFPROMISC}" - return ${NOT_TESTED} - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./ifpromisc" -+ expertmode_output "${IFPROMISC}" - return 5 - fi - echo -- ./ifpromisc -+ ${IFPROMISC} - } - - z2 () { -- if [ ! -x ./chklastlog ]; then -- echo "not tested: can't exec ./chklastlog" -+ if [ ! -x ${CHKLASTLOG} ]; then -+ echo "not tested: can't exec ${CHKLASTLOG}" - return ${NOT_TESTED} - fi - -@@ -153,31 +163,31 @@ - LASTLOG=`loc lastlog lastlog "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" -+ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" - return 5 - fi - -- if ./chklastlog -f ${WTMP} -l ${LASTLOG} -+ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi - } - - wted () { -- if [ ! -x ./chkwtmp ]; then -- echo "not tested: can't exec ./chkwtmp" -+ if [ ! -x ${CHKWTMP} ]; then -+ echo "not tested: can't exec ${CHKWTMP}" - return ${NOT_TESTED} - fi - - if [ "$SYSTEM" = "SunOS" ]; then -- if [ ! -x ./check_wtmpx ]; then -- echo "not tested: can't exec ./check_wtmpx" -+ if [ ! -x ${CHECK_WTMPX} ]; then -+ echo "not tested: can't exec ${CHECK_WTMPX}" - else - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./check_wtmpx" -+ expertmode_output "${CHECK_WTMPX}" - return 5 - fi -- if ./check_wtmpx -+ if ${CHECK_WTMPX} - then - if [ "${QUIET}" != "t" ]; then \ - echo "nothing deleted in /var/adm/wtmpx"; fi -@@ -187,12 +197,12 @@ - WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chkwtmp -f ${WTMP}" -+ expertmode_output "${CHKWTMP} -f ${WTMP}" - return 5 - fi - fi - -- if ./chkwtmp -f ${WTMP} -+ if ${CHKWTMP} -f ${WTMP} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi -@@ -231,7 +241,7 @@ - prog="" - if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ - ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then -- [ ! -x ./chkproc ] && prog="./chkproc" -+ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" - [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" - if [ "$prog" != "" ]; then - # echo "not tested: can't exec $prog" -@@ -241,7 +251,7 @@ - if [ "${EXPERT}" = "t" ]; then - [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null - [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null -- expertmode_output "./chkproc -v -v" -+ expertmode_output "${CHKPROC} -v -v" - return 5 - fi - -@@ -262,7 +272,7 @@ - echo "Warning: Knark LKM installed" - fi - -- if ./chkproc -+ if ${CHKPROC} - then - if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi - else -@@ -920,19 +930,19 @@ - CMD=`loc chfn chfn $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi;; - FreeBSD) -- if [ `${strings} -a ${CMD} | \ -+ if [ `${STRINGS} -a ${CMD} | \ - ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne 2 ] - then - STATUS=${INFECTED} -@@ -947,16 +957,16 @@ - REDHAT_PAM_LABEL="*NOT*" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then -- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ - >/dev/null 2>&1 - then - : -@@ -965,7 +975,7 @@ - fi - fi;; - FreeBSD) -- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne 2 ] -+ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne 2 ] - then - STATUS=${INFECTED} - fi;; -@@ -981,13 +991,13 @@ - CMD=`loc login login $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - GENERAL="^root$" - TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" -- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` -+ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` - if [ ${ret} -gt 0 ]; then - case ${ret} in - 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ -@@ -998,7 +1008,7 @@ - *) STATUS=${INFECTED};; - esac - fi -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null - then - STATUS=${INFECTED} - fi -@@ -1014,14 +1024,14 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - fi - - if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] - then - return ${NOT_TESTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1039,11 +1049,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1062,11 +1072,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1083,11 +1093,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1105,11 +1115,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1127,11 +1137,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1149,11 +1159,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1167,11 +1177,11 @@ - CMD=`loc ls ls $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1184,11 +1194,11 @@ - CMD=`loc du du $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1208,11 +1218,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1226,11 +1236,11 @@ - CMD=`loc netstat netstat $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1245,11 +1255,11 @@ - CMD=`loc ps ps $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1267,11 +1277,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1289,11 +1299,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1311,11 +1321,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1333,11 +1343,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1350,18 +1360,18 @@ - - if [ "${SYSTEM}" = "Linux" ] - then -- if [ ! -x ./strings ]; then -- printn "can't exec ./strings-static, " -+ if [ ! -x ${STRINGS} ]; then -+ printn "can't exec ${STRINGS}-static, " - return ${NOT_TESTED} - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./strings -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - ### strings must be a statically linked binary. -- if ./strings-static -a ${CMD} > /dev/null 2>&1 -+ if ${STRINGS}-static -a ${CMD} > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1376,11 +1386,11 @@ - CMD=`loc basename basename $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1396,11 +1406,11 @@ - CMD=`loc dirname dirname $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1421,11 +1431,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1437,12 +1447,12 @@ - CMD=`loc rpcinfo rpcinfo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1458,12 +1468,12 @@ - CMD=`loc date date $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1479,12 +1489,12 @@ - CMD=`loc echo echo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1500,12 +1510,12 @@ - CMD=`loc env env $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1527,11 +1537,11 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1545,11 +1555,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1563,11 +1573,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1581,11 +1591,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1597,12 +1607,12 @@ - CMD=`loc write write $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1619,11 +1629,11 @@ - W_INFECTED_LABEL="uname -a" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1655,7 +1665,7 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - STATUS=${INFECTED} -@@ -1673,12 +1683,12 @@ - MAIL_INFECTED_LABEL="sh -i" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1698,12 +1708,12 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1720,11 +1730,11 @@ - CMD=`loc egrep egrep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1737,12 +1747,12 @@ - CMD=`loc grep grep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1764,11 +1774,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1786,10 +1796,10 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1804,10 +1814,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1822,10 +1832,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1840,10 +1850,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1862,10 +1872,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1877,18 +1887,18 @@ - CMD="${ROOTDIR}sbin/ifconfig" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - IFCONFIG_NOT_INFECTED_LABEL="PROMISC" - IFCONFIG_INFECTED_LABEL="/dev/tux" -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${NOT_INFECTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1908,12 +1918,12 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - RSHD_INFECTED_LABEL="HISTFILE" -- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ -@@ -1949,11 +1959,11 @@ - CMD=${ROOTDIR}${CMD} - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1970,11 +1980,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1991,11 +2001,11 @@ - CMD=`loc su su $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2015,11 +2025,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2067,11 +2077,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - diff --git a/app-admin/chkrootkit/files/chkrootkit-0.41-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.41-gentoo.diff deleted file mode 100644 index 4d0aaed02a07..000000000000 --- a/app-admin/chkrootkit/files/chkrootkit-0.41-gentoo.diff +++ /dev/null @@ -1,969 +0,0 @@ ---- chkrootkit-0.41/chkrootkit 2003-06-21 04:09:09.000000000 +0200 -+++ chkrootkit 2003-07-16 19:00:58.466540216 +0200 -@@ -10,6 +10,14 @@ - # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. - # All rights reserved - -+# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` -+IFPROMISC="/usr/sbin/ifpromisc" -+CHKLASTLOG="/usr/sbin/chklastlog" -+CHKPROC="/usr/sbin/chkproc" -+CHKWTMP="/usr/sbin/chkwtmp" -+CHECK_WTMPX="/usr/sbin/check_wtmpx" -+STRINGS="/usr/sbin/strings-static" -+ - ### workaround for some Bourne shell implementations - unalias login > /dev/null 2>&1 - unalias ls > /dev/null 2>&1 -@@ -116,7 +124,7 @@ - - if [ "${EXPERT}" = "t" ]; then - expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -@@ -132,7 +140,7 @@ - STATUS=${INFECTED} - fi - -- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 - then - echo "INFECTED" - STATUS=${INFECTED} -@@ -150,22 +158,22 @@ - return ${NOT_TESTED} - fi - -- if [ ! -x ./ifpromisc ]; then -- echo "not tested: can't exec ./ifpromisc" -+ if [ ! -x ${IFPROMISC} ]; then -+ echo "not tested: can't exec ${IFPROMISC}" - return ${NOT_TESTED} - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./ifpromisc" -+ expertmode_output "${IFPROMISC}" - return 5 - fi - echo -- [ "${QUIET}" != "t" ] && ./ifpromisc || ./ifpromisc -q -+ [ "${QUIET}" != "t" ] && ${IFPROMISC} || ${IFPROMISC} -q - } - - z2 () { -- if [ ! -x ./chklastlog ]; then -- echo "not tested: can't exec ./chklastlog" -+ if [ ! -x ${CHKLASTLOG} ]; then -+ echo "not tested: can't exec ${CHKLASTLOG}" - return ${NOT_TESTED} - fi - -@@ -173,31 +181,31 @@ - LASTLOG=`loc lastlog lastlog "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" -+ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" - return 5 - fi - -- if ./chklastlog -f ${WTMP} -l ${LASTLOG} -+ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi - } - - wted () { -- if [ ! -x ./chkwtmp ]; then -- echo "not tested: can't exec ./chkwtmp" -+ if [ ! -x ${CHKWTMP} ]; then -+ echo "not tested: can't exec ${CHKWTMP}" - return ${NOT_TESTED} - fi - - if [ "$SYSTEM" = "SunOS" ]; then -- if [ ! -x ./check_wtmpx ]; then -- echo "not tested: can't exec ./check_wtmpx" -+ if [ ! -x ${CHECK_WTMPX} ]; then -+ echo "not tested: can't exec ${CHECK_WTMPX}" - else - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./check_wtmpx" -+ expertmode_output "${CHECK_WTMPX}" - return 5 - fi -- if ./check_wtmpx -+ if ${CHECK_WTMPX} - then - if [ "${QUIET}" != "t" ]; then \ - echo "nothing deleted in /var/adm/wtmpx"; fi -@@ -207,12 +215,12 @@ - WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chkwtmp -f ${WTMP}" -+ expertmode_output "${CHKWTMP} -f ${WTMP}" - return 5 - fi - fi - -- if ./chkwtmp -f ${WTMP} -+ if ${CHKWTMP} -f ${WTMP} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi -@@ -251,7 +259,7 @@ - prog="" - if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ - ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then -- [ ! -x ./chkproc ] && prog="./chkproc" -+ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" - [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" - if [ "$prog" != "" ]; then - # echo "not tested: can't exec $prog" -@@ -261,7 +269,7 @@ - if [ "${EXPERT}" = "t" ]; then - [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null - [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null -- expertmode_output "./chkproc -v -v" -+ expertmode_output "${CHKPROC} -v -v" - return 5 - fi - -@@ -282,7 +290,7 @@ - echo "Warning: Knark LKM installed" - fi - -- if ./chkproc -+ if ${CHKPROC} - then - if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi - else -@@ -454,7 +462,7 @@ - ${egrep} "\.hk" ${ROOTDIR}etc/rc.d/init.d/network 2>/dev/null - - ## Suckit rootkit -- expertmode_output "${strings} ${ROOTDIR}sbin/init | ${egrep} HOME" -+ expertmode_output "${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME" - - ## Volc rootkit - expertmode_output "${ls} ${ROOTDIR}usr/bin/volc" -@@ -863,7 +871,7 @@ - ### Suckit - if [ -f /sbin/init ]; then - if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit ... "; fi -- if ${strings} /sbin/init | ${egrep} HOME >/dev/null 2>&1 ; then -+ if ${STRINGS} /sbin/init | ${egrep} HOME >/dev/null 2>&1 ; then - echo "Warning: /sbin/init INFECTED" - else - if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi -@@ -1008,19 +1016,19 @@ - CMD=`loc chfn chfn $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi;; - FreeBSD) -- if [ `${strings} -a ${CMD} | \ -+ if [ `${STRINGS} -a ${CMD} | \ - ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne 2 ] - then - STATUS=${INFECTED} -@@ -1035,16 +1043,16 @@ - REDHAT_PAM_LABEL="*NOT*" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then -- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ - >/dev/null 2>&1 - then - : -@@ -1053,7 +1061,7 @@ - fi - fi;; - FreeBSD) -- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne 2 ] -+ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne 2 ] - then - STATUS=${INFECTED} - fi;; -@@ -1066,13 +1074,13 @@ - CMD=`loc login login $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - if [ "$SYSTEM" = "SunOS" ]; then - TROJED_L_L="porcao|/bin/xstat" -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then - return ${INFECTED} - else - return ${NOT_TESTED} -@@ -1080,7 +1088,7 @@ - fi - GENERAL="^root$" - TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" -- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` -+ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` - if [ ${ret} -gt 0 ]; then - case ${ret} in - 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ -@@ -1091,7 +1099,7 @@ - *) STATUS=${INFECTED};; - esac - fi -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null - then - STATUS=${INFECTED} - fi -@@ -1107,14 +1115,14 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - fi - - if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] - then - return ${NOT_TESTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1132,11 +1140,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1155,11 +1163,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1176,11 +1184,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1198,11 +1206,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1220,11 +1228,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1242,11 +1250,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1260,11 +1268,11 @@ - CMD=`loc ls ls $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1277,11 +1285,11 @@ - CMD=`loc du du $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1301,11 +1309,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1319,11 +1327,11 @@ - CMD=`loc netstat netstat $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1338,11 +1346,11 @@ - CMD=`loc ps ps $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1360,11 +1368,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1382,11 +1390,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1404,11 +1412,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1426,11 +1434,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1443,18 +1451,18 @@ - - if [ "${SYSTEM}" = "Linux" ] - then -- if [ ! -x ./strings ]; then -- printn "can't exec ./strings-static, " -+ if [ ! -x ${STRINGS} ]; then -+ printn "can't exec ${STRINGS}, " - return ${NOT_TESTED} - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./strings -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - ### strings must be a statically linked binary. -- if ./strings-static -a ${CMD} > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1469,11 +1477,11 @@ - CMD=`loc basename basename $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1493,11 +1501,11 @@ - CMD=`loc dirname dirname $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1518,11 +1526,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1534,12 +1542,12 @@ - CMD=`loc rpcinfo rpcinfo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1555,12 +1563,12 @@ - CMD=`loc date date $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1576,12 +1584,12 @@ - CMD=`loc echo echo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1597,12 +1605,12 @@ - CMD=`loc env env $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1624,11 +1632,11 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1642,11 +1650,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1661,11 +1669,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1679,11 +1687,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1697,11 +1705,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1713,12 +1721,12 @@ - CMD=`loc write write $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1735,11 +1743,11 @@ - W_INFECTED_LABEL="uname -a" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1755,11 +1763,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1791,7 +1799,7 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - STATUS=${INFECTED} -@@ -1808,12 +1816,12 @@ - MAIL_INFECTED_LABEL="sh -i" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1833,12 +1841,12 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1855,11 +1863,11 @@ - CMD=`loc egrep egrep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1872,12 +1880,12 @@ - CMD=`loc grep grep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1899,11 +1907,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1921,10 +1929,10 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1939,10 +1947,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1957,10 +1965,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1975,10 +1983,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1997,10 +2005,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2012,18 +2020,18 @@ - CMD="${ROOTDIR}sbin/ifconfig" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - IFCONFIG_NOT_INFECTED_LABEL="PROMISC" - IFCONFIG_INFECTED_LABEL="/dev/tux|/session.null" -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${NOT_INFECTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2043,12 +2051,12 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - RSHD_INFECTED_LABEL="HISTFILE" -- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ -@@ -2084,11 +2092,11 @@ - CMD=${ROOTDIR}${CMD} - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2105,11 +2113,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2126,11 +2134,11 @@ - CMD=`loc su su $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2150,11 +2158,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2202,11 +2210,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} diff --git a/app-admin/chkrootkit/files/chkrootkit-0.42b-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.42b-gentoo.diff deleted file mode 100644 index 5c91cec1b028..000000000000 --- a/app-admin/chkrootkit/files/chkrootkit-0.42b-gentoo.diff +++ /dev/null @@ -1,980 +0,0 @@ ---- chkrootkit-0.42b/chkrootkit 2003-09-20 23:54:11.000000000 +0800 -+++ chkrootkit 2003-10-05 15:30:39.000000000 +0800 -@@ -10,6 +10,14 @@ - # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. - # All rights reserved - -+# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` -+IFPROMISC="/usr/sbin/ifpromisc" -+CHKLASTLOG="/usr/sbin/chklastlog" -+CHKPROC="/usr/sbin/chkproc" -+CHKWTMP="/usr/sbin/chkwtmp" -+CHECK_WTMPX="/usr/sbin/check_wtmpx" -+STRINGS="/usr/sbin/strings-static" -+ - ### workaround for some Bourne shell implementations - unalias login > /dev/null 2>&1 - unalias ls > /dev/null 2>&1 -@@ -116,7 +124,7 @@ - - if [ "${EXPERT}" = "t" ]; then - expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -@@ -132,7 +140,7 @@ - STATUS=${INFECTED} - fi - -- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 - then - echo "INFECTED" - STATUS=${INFECTED} -@@ -151,15 +159,15 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./ifpromisc" -+ expertmode_output "${IFPROMISC}" - return 5 - fi - if [ ! -f ${ROOTDIR}proc/net/packet ]; then -- if [ ! -x ./ifpromisc ]; then -- echo "not tested: can't exec ./ifpromisc" -+ if [ ! -x ${IFPROMISC} ]; then -+ echo "not tested: can't exec ${IFPROMISC}" - return ${NOT_TESTED} - fi -- [ "${QUIET}" != "t" ] && ./ifpromisc || ./ifpromisc -q -+ [ "${QUIET}" != "t" ] && ${IFPROMISC} || ${IFPROMISC} -q - else - if [ `${egrep} -c "3 0003" ${ROOTDIR}proc/net/packet 2>/dev/null` -gt 0 ]; then - set `${egrep} ":" $ROOTDIR/proc/net/dev | ${egrep} -v "lo:" | cut -f 1 -d:` -@@ -174,8 +182,8 @@ - } - - z2 () { -- if [ ! -x ./chklastlog ]; then -- echo "not tested: can't exec ./chklastlog" -+ if [ ! -x ${CHKLASTLOG} ]; then -+ echo "not tested: can't exec ${CHKLASTLOG}" - return ${NOT_TESTED} - fi - -@@ -183,31 +191,31 @@ - LASTLOG=`loc lastlog lastlog "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" -+ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" - return 5 - fi - -- if ./chklastlog -f ${WTMP} -l ${LASTLOG} -+ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi - } - - wted () { -- if [ ! -x ./chkwtmp ]; then -- echo "not tested: can't exec ./chkwtmp" -+ if [ ! -x ${CHKWTMP} ]; then -+ echo "not tested: can't exec ${CHKWTMP}" - return ${NOT_TESTED} - fi - - if [ "$SYSTEM" = "SunOS" ]; then -- if [ ! -x ./check_wtmpx ]; then -- echo "not tested: can't exec ./check_wtmpx" -+ if [ ! -x ${CHECK_WTMPX} ]; then -+ echo "not tested: can't exec ${CHECK_WTMPX}" - else - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./check_wtmpx" -+ expertmode_output "${CHECK_WTMPX}" - return 5 - fi -- if ./check_wtmpx -+ if ${CHECK_WTMPX} - then - if [ "${QUIET}" != "t" ]; then \ - echo "nothing deleted in /var/adm/wtmpx"; fi -@@ -217,12 +225,12 @@ - WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chkwtmp -f ${WTMP}" -+ expertmode_output "${CHKWTMP} -f ${WTMP}" - return 5 - fi - fi - -- if ./chkwtmp -f ${WTMP} -+ if ${CHKWTMP} -f ${WTMP} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi -@@ -261,7 +269,7 @@ - prog="" - if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ - ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then -- [ ! -x ./chkproc ] && prog="./chkproc" -+ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" - [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" - if [ "$prog" != "" ]; then - # echo "not tested: can't exec $prog" -@@ -271,7 +279,7 @@ - if [ "${EXPERT}" = "t" ]; then - [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null - [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null -- expertmode_output "./chkproc -v -v" -+ expertmode_output "${CHKPROC} -v -v" - return 5 - fi - -@@ -292,7 +300,7 @@ - echo "Warning: Knark LKM installed" - fi - -- if ./chkproc -+ if ${CHKPROC} - then - if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi - else -@@ -464,7 +472,7 @@ - ${egrep} "\.hk" ${ROOTDIR}etc/rc.d/init.d/network 2>/dev/null - - ## Suckit rootkit -- expertmode_output "${strings} ${ROOTDIR}sbin/init | ${egrep} HOME" -+ expertmode_output "${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME" - - ## Volc rootkit - expertmode_output "${ls} ${ROOTDIR}usr/bin/volc" -@@ -875,7 +883,7 @@ - ### Suckit - if [ -f ${ROOTDIR}sbin/init ]; then - if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit ... "; fi -- if [ ${SYSTEM} != "HP-UX" ] && ${strings} ${ROOTDIR}sbin/init | ${egrep} HOME >/dev/null 2>&1 -+ if [ ${SYSTEM} != "HP-UX" ] && ${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME >/dev/null 2>&1 - then - echo "Warning: ${ROOTDIR}sbin/init INFECTED" - else -@@ -1026,20 +1034,20 @@ - STATUS=${NOT_INFECTED} - CMD=`loc chfn chfn $pth` - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi;; - FreeBSD) - [ $V -ge 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | \ -+ if [ `${STRINGS} -a ${CMD} | \ - ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} -@@ -1054,16 +1062,16 @@ - REDHAT_PAM_LABEL="*NOT*" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then -- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ - >/dev/null 2>&1 - then - : -@@ -1073,7 +1081,7 @@ - fi;; - FreeBSD) - [ $V -ge 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] -+ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} - fi;; -@@ -1086,13 +1094,13 @@ - CMD=`loc login login $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - if [ "$SYSTEM" = "SunOS" ]; then - TROJED_L_L="porcao|/bin/xstat" -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then - return ${INFECTED} - else - return ${NOT_TESTED} -@@ -1100,7 +1108,7 @@ - fi - GENERAL="^root$" - TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" -- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` -+ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` - if [ ${ret} -gt 0 ]; then - case ${ret} in - 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ -@@ -1111,7 +1119,7 @@ - *) STATUS=${INFECTED};; - esac - fi -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null - then - STATUS=${INFECTED} - fi -@@ -1127,14 +1135,14 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - fi - - if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] - then - return ${NOT_TESTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1152,11 +1160,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1175,11 +1183,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1196,11 +1204,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1218,11 +1226,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1240,11 +1248,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1262,11 +1270,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1280,11 +1288,11 @@ - CMD=`loc ls ls $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1297,11 +1305,11 @@ - CMD=`loc du du $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1321,11 +1329,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1339,11 +1347,11 @@ - CMD=`loc netstat netstat $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1358,11 +1366,11 @@ - CMD=`loc ps ps $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1380,11 +1388,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1402,11 +1410,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1424,11 +1432,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1446,11 +1454,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1463,18 +1471,18 @@ - - if [ "${SYSTEM}" = "Linux" ] - then -- if [ ! -x ./strings ]; then -- printn "can't exec ./strings-static, " -+ if [ ! -x ${STRINGS} ]; then -+ printn "can't exec ${STRINGS}, " - return ${NOT_TESTED} - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./strings -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - ### strings must be a statically linked binary. -- if ./strings -a ${CMD} > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1489,11 +1497,11 @@ - CMD=`loc basename basename $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1513,11 +1521,11 @@ - CMD=`loc dirname dirname $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1538,11 +1546,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1554,12 +1562,12 @@ - CMD=`loc rpcinfo rpcinfo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1576,19 +1584,19 @@ - CMD=`loc date date $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - [ "${SYSTEM}" = "FreeBSD" -a $V -ge 50 ] && - { -- if [ `${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ -+ if [ `${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ - ${egrep} -c "$S_L"` -ne 2 ]; then - STATUS=${INFECTED} - fi - } || - { -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1605,12 +1613,12 @@ - CMD=`loc echo echo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1626,12 +1634,12 @@ - CMD=`loc env env $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1653,11 +1661,11 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1671,11 +1679,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1690,11 +1698,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1708,11 +1716,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1726,11 +1734,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1742,12 +1750,12 @@ - CMD=`loc write write $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1764,11 +1772,11 @@ - W_INFECTED_LABEL="uname -a" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1784,11 +1792,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1820,7 +1828,7 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - STATUS=${INFECTED} -@@ -1837,12 +1845,12 @@ - MAIL_INFECTED_LABEL="sh -i" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1862,12 +1870,12 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1884,11 +1892,11 @@ - CMD=`loc egrep egrep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1901,12 +1909,12 @@ - CMD=`loc grep grep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1928,11 +1936,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1950,10 +1958,10 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1968,10 +1976,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1986,10 +1994,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2004,10 +2012,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2026,10 +2034,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2041,18 +2049,18 @@ - CMD="${ROOTDIR}sbin/ifconfig" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - IFCONFIG_NOT_INFECTED_LABEL="PROMISC" - IFCONFIG_INFECTED_LABEL="/dev/tux|/session.null" -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${NOT_INFECTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2072,12 +2080,12 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - RSHD_INFECTED_LABEL="HISTFILE" -- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ -@@ -2113,11 +2121,11 @@ - [ "tcpd" = "${CMD}" ] && return ${NOT_FOUND}; - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2134,11 +2142,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2155,11 +2163,11 @@ - CMD=`loc su su $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2179,11 +2187,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2231,11 +2239,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} diff --git a/app-admin/chkrootkit/files/chkrootkit-0.43-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.43-gentoo.diff deleted file mode 100644 index 57af38e276c0..000000000000 --- a/app-admin/chkrootkit/files/chkrootkit-0.43-gentoo.diff +++ /dev/null @@ -1,954 +0,0 @@ ---- chkrootkit-0.43/chkrootkit 2003-12-29 00:48:16.000000000 +0800 -+++ chkrootkit 2004-04-29 10:31:35.098794752 +0800 -@@ -10,6 +10,14 @@ - # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. - # All rights reserved - -+# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` -+IFPROMISC="/usr/sbin/ifpromisc" -+CHKLASTLOG="/usr/sbin/chklastlog" -+CHKPROC="/usr/sbin/chkproc" -+CHKWTMP="/usr/sbin/chkwtmp" -+CHECK_WTMPX="/usr/sbin/check_wtmpx" -+STRINGS="/usr/sbin/strings-static" -+ - ### workaround for some Bourne shell implementations - unalias login > /dev/null 2>&1 - unalias ls > /dev/null 2>&1 -@@ -116,7 +124,7 @@ - - if [ "${EXPERT}" = "t" ]; then - expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -@@ -132,7 +140,7 @@ - STATUS=${INFECTED} - fi - -- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 - then - echo "INFECTED" - STATUS=${INFECTED} -@@ -151,20 +159,20 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./ifpromisc" -v -+ expertmode_output "${IFPROMISC}" -v - return 5 - fi -- if [ ! -x ./ifpromisc ]; then -- echo "not tested: can't exec ./ifpromisc" -+ if [ ! -x ${IFPROMISC} ]; then -+ echo "not tested: can't exec ${IFPROMISC}" - return ${NOT_TESTED} - else -- [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q -+ [ "${QUIET}" != "t" ] && ${IFPROMISC} -v || ${IFPROMISC} -q - fi - } - - z2 () { -- if [ ! -x ./chklastlog ]; then -- echo "not tested: can't exec ./chklastlog" -+ if [ ! -x ${CHKLASTLOG} ]; then -+ echo "not tested: can't exec ${CHKLASTLOG}" - return ${NOT_TESTED} - fi - -@@ -178,32 +186,32 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" -+ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" - return 5 - fi - -- if ./chklastlog -f ${WTMP} -l ${LASTLOG} -+ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi - } - - wted () { -- if [ ! -x ./chkwtmp ]; then -- echo "not tested: can't exec ./chkwtmp" -+ if [ ! -x ${CHKWTMP} ]; then -+ echo "not tested: can't exec ${CHKWTMP}" - return ${NOT_TESTED} - fi - - if [ "$SYSTEM" = "SunOS" ]; then -- if [ ! -x ./check_wtmpx ]; then -- echo "not tested: can't exec ./check_wtmpx" -+ if [ ! -x ${CHECK_WTMPX} ]; then -+ echo "not tested: can't exec ${CHECK_WTMPX}" - else - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./check_wtmpx" -+ expertmode_output "${CHECK_WTMPX}" - return 5 - fi - if [ -f ${ROOTDIR}var/adm/wtmp ]; then -- if ./check_wtmpx -+ if ${CHECK_WTMPX} - then - if [ "${QUIET}" != "t" ]; then \ - echo "nothing deleted in /var/adm/wtmpx"; fi -@@ -214,12 +222,12 @@ - WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chkwtmp -f ${WTMP}" -+ expertmode_output "${CHKWTMP} -f ${WTMP}" - return 5 - fi - fi - -- if ./chkwtmp -f ${WTMP} -+ if ${CHKWTMP} -f ${WTMP} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi -@@ -258,7 +266,7 @@ - prog="" - if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ - ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then -- [ ! -x ./chkproc ] && prog="./chkproc" -+ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" - [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" - if [ "$prog" != "" ]; then - # echo "not tested: can't exec $prog" -@@ -268,7 +276,7 @@ - if [ "${EXPERT}" = "t" ]; then - [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null - [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null -- expertmode_output "./chkproc -v -v" -+ expertmode_output "${CHKPROC} -v -v" - return 5 - fi - -@@ -289,7 +297,7 @@ - echo "Warning: Knark LKM installed" - fi - -- if ./chkproc -+ if ${CHKPROC} - then - if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi - else -@@ -465,7 +473,7 @@ - ${egrep} "\.hk" ${ROOTDIR}etc/rc.d/init.d/network 2>/dev/null - - ## Suckit rootkit -- expertmode_output "${strings} ${ROOTDIR}sbin/init | ${egrep} HOME" -+ expertmode_output "${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME" - expertmode_output "cat ${ROOTDIR}proc/1/maps | ${egrep} init." - - ## Volc rootkit -@@ -890,7 +898,7 @@ - ### Suckit - if [ -f ${ROOTDIR}sbin/init ]; then - if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit ... "; fi -- if [ ${SYSTEM} != "HP-UX" ] && ( ${strings} ${ROOTDIR}sbin/init | ${egrep} HOME || \ -+ if [ ${SYSTEM} != "HP-UX" ] && ( ${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME || \ - cat ${ROOTDIR}/proc/1/maps | ${egrep} "init." ) >/dev/null 2>&1 - then - echo "Warning: ${ROOTDIR}sbin/init INFECTED" -@@ -1068,20 +1076,20 @@ - STATUS=${NOT_INFECTED} - CMD=`loc chfn chfn $pth` - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi;; - FreeBSD) - [ $V -gt 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | \ -+ if [ `${STRINGS} -a ${CMD} | \ - ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} -@@ -1096,16 +1104,16 @@ - REDHAT_PAM_LABEL="*NOT*" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then -- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ - >/dev/null 2>&1 - then - : -@@ -1115,7 +1123,7 @@ - fi;; - FreeBSD) - [ $V -gt 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] -+ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} - fi;; -@@ -1128,13 +1136,13 @@ - CMD=`loc login login $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - if [ "$SYSTEM" = "SunOS" ]; then - TROJED_L_L="porcao|/bin/xstat" -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then - return ${INFECTED} - else - return ${NOT_TESTED} -@@ -1142,7 +1150,7 @@ - fi - GENERAL="^root$" - TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" -- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` -+ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` - if [ ${ret} -gt 0 ]; then - case ${ret} in - 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ -@@ -1153,7 +1161,7 @@ - *) STATUS=${INFECTED};; - esac - fi -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null - then - STATUS=${INFECTED} - fi -@@ -1169,14 +1177,14 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - fi - - if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] - then - return ${NOT_TESTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1194,11 +1202,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1217,11 +1225,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1238,11 +1246,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1260,11 +1268,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1282,11 +1290,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1304,11 +1312,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1322,11 +1330,11 @@ - CMD=`loc ls ls $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1339,11 +1347,11 @@ - CMD=`loc du du $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1363,11 +1371,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1381,11 +1389,11 @@ - CMD=`loc netstat netstat $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1400,11 +1408,11 @@ - CMD=`loc ps ps $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1422,11 +1430,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1444,11 +1452,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1466,11 +1474,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1488,11 +1496,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1531,11 +1539,11 @@ - CMD=`loc basename basename $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1555,11 +1563,11 @@ - CMD=`loc dirname dirname $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1580,11 +1588,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1596,12 +1604,12 @@ - CMD=`loc rpcinfo rpcinfo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1618,19 +1626,19 @@ - CMD=`loc date date $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - [ "${SYSTEM}" = "FreeBSD" -a $V -gt 50 ] && - { -- if [ `${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ -+ if [ `${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ - ${egrep} -c "$S_L"` -ne 2 ]; then - STATUS=${INFECTED} - fi - } || - { -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1647,12 +1655,12 @@ - CMD=`loc echo echo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1668,12 +1676,12 @@ - CMD=`loc env env $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1695,11 +1703,11 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1713,11 +1721,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1732,11 +1740,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1750,11 +1758,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1768,11 +1776,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1784,12 +1792,12 @@ - CMD=`loc write write $pth` - WRITE_ROOTKIT_LABEL="bash|elite$|vejeta|\.ark" - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1806,11 +1814,11 @@ - W_INFECTED_LABEL="uname -a" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1826,11 +1834,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1862,7 +1870,7 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - STATUS=${INFECTED} -@@ -1879,12 +1887,12 @@ - MAIL_INFECTED_LABEL="sh -i" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1904,12 +1912,12 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1926,11 +1934,11 @@ - CMD=`loc egrep egrep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1943,12 +1951,12 @@ - CMD=`loc grep grep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1970,11 +1978,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1992,10 +2000,10 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2010,10 +2018,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2028,10 +2036,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2046,10 +2054,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2068,10 +2076,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2083,18 +2091,18 @@ - CMD="${ROOTDIR}sbin/ifconfig" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - IFCONFIG_NOT_INFECTED_LABEL="PROMISC" - IFCONFIG_INFECTED_LABEL="/dev/tux|/session.null" -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${NOT_INFECTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2114,12 +2122,12 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - RSHD_INFECTED_LABEL="HISTFILE" -- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ -@@ -2155,11 +2163,11 @@ - [ "tcpd" = "${CMD}" ] && return ${NOT_FOUND}; - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2176,11 +2184,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2197,11 +2205,11 @@ - CMD=`loc su su $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2221,11 +2229,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2273,11 +2281,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} diff --git a/app-admin/chkrootkit/files/chkrootkit-0.43-r1-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.43-r1-gentoo.diff deleted file mode 100644 index 282f38bba0b4..000000000000 --- a/app-admin/chkrootkit/files/chkrootkit-0.43-r1-gentoo.diff +++ /dev/null @@ -1,975 +0,0 @@ -diff -Naur chkrootkit-0.43_/chkrootkit chkrootkit-0.43/chkrootkit ---- chkrootkit-0.43_/chkrootkit 2004-07-03 13:26:45.026335552 +0200 -+++ chkrootkit-0.43/chkrootkit 2004-07-03 13:28:57.327222760 +0200 -@@ -10,6 +10,14 @@ - # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. - # All rights reserved - -+# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` -+IFPROMISC="/usr/sbin/ifpromisc" -+CHKLASTLOG="/usr/sbin/chklastlog" -+CHKPROC="/usr/sbin/chkproc" -+CHKWTMP="/usr/sbin/chkwtmp" -+CHECK_WTMPX="/usr/sbin/check_wtmpx" -+STRINGS="/usr/sbin/strings-static" -+ - ### workaround for some Bourne shell implementations - unalias login > /dev/null 2>&1 - unalias ls > /dev/null 2>&1 -@@ -116,7 +124,7 @@ - - if [ "${EXPERT}" = "t" ]; then - expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -@@ -132,7 +140,7 @@ - STATUS=${INFECTED} - fi - -- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 - then - echo "INFECTED" - STATUS=${INFECTED} -@@ -151,20 +159,20 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./ifpromisc" -v -+ expertmode_output "${IFPROMISC}" -v - return 5 - fi -- if [ ! -x ./ifpromisc ]; then -- echo "not tested: can't exec ./ifpromisc" -+ if [ ! -x ${IFPROMISC} ]; then -+ echo "not tested: can't exec ${IFPROMISC}" - return ${NOT_TESTED} - else -- [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q -+ [ "${QUIET}" != "t" ] && ${IFPROMISC} -v || ${IFPROMISC} -q - fi - } - - z2 () { -- if [ ! -x ./chklastlog ]; then -- echo "not tested: can't exec ./chklastlog" -+ if [ ! -x ${CHKLASTLOG} ]; then -+ echo "not tested: can't exec ${CHKLASTLOG}" - return ${NOT_TESTED} - fi - -@@ -178,32 +186,32 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" -+ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" - return 5 - fi - -- if ./chklastlog -f ${WTMP} -l ${LASTLOG} -+ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi - } - - wted () { -- if [ ! -x ./chkwtmp ]; then -- echo "not tested: can't exec ./chkwtmp" -+ if [ ! -x ${CHKWTMP} ]; then -+ echo "not tested: can't exec ${CHKWTMP}" - return ${NOT_TESTED} - fi - - if [ "$SYSTEM" = "SunOS" ]; then -- if [ ! -x ./check_wtmpx ]; then -- echo "not tested: can't exec ./check_wtmpx" -+ if [ ! -x ${CHECK_WTMPX} ]; then -+ echo "not tested: can't exec ${CHECK_WTMPX}" - else - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./check_wtmpx" -+ expertmode_output "${CHECK_WTMPX}" - return 5 - fi - if [ -f ${ROOTDIR}var/adm/wtmp ]; then -- if ./check_wtmpx -+ if ${CHECK_WTMPX} - then - if [ "${QUIET}" != "t" ]; then \ - echo "nothing deleted in /var/adm/wtmpx"; fi -@@ -214,12 +222,12 @@ - WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chkwtmp -f ${WTMP}" -+ expertmode_output "${CHKWTMP} -f ${WTMP}" - return 5 - fi - fi - -- if ./chkwtmp -f ${WTMP} -+ if ${CHKWTMP} -f ${WTMP} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi -@@ -258,7 +266,7 @@ - prog="" - if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ - ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then -- [ ! -x ./chkproc ] && prog="./chkproc" -+ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" - [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" - if [ "$prog" != "" ]; then - # echo "not tested: can't exec $prog" -@@ -268,7 +276,7 @@ - if [ "${EXPERT}" = "t" ]; then - [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null - [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null -- expertmode_output "./chkproc -v -v" -+ expertmode_output "${CHKPROC} -v -v" - return 5 - fi - -@@ -289,7 +297,7 @@ - echo "Warning: Knark LKM installed" - fi - -- if ./chkproc -+ if ${CHKPROC} - then - if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi - else -@@ -465,7 +473,7 @@ - ${egrep} "\.hk" ${ROOTDIR}etc/rc.d/init.d/network 2>/dev/null - - ## Suckit rootkit -- expertmode_output "${strings} ${ROOTDIR}sbin/init | ${egrep} HOME" -+ expertmode_output "${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME" - expertmode_output "cat ${ROOTDIR}proc/1/maps | ${egrep} init." - - ## Volc rootkit -@@ -890,7 +898,7 @@ - ### Suckit - if [ -f ${ROOTDIR}sbin/init ]; then - if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit ... "; fi -- if [ ${SYSTEM} != "HP-UX" ] && ( ${strings} ${ROOTDIR}sbin/init | ${egrep} HOME || \ -+ if [ ${SYSTEM} != "HP-UX" ] && ( ${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME || \ - cat ${ROOTDIR}/proc/1/maps | ${egrep} "init." ) >/dev/null 2>&1 - then - echo "Warning: ${ROOTDIR}sbin/init INFECTED" -@@ -1068,20 +1076,20 @@ - STATUS=${NOT_INFECTED} - CMD=`loc chfn chfn $pth` - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi;; - FreeBSD) - [ $V -gt 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | \ -+ if [ `${STRINGS} -a ${CMD} | \ - ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} -@@ -1096,16 +1104,16 @@ - REDHAT_PAM_LABEL="*NOT*" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then -- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ - >/dev/null 2>&1 - then - : -@@ -1115,7 +1123,7 @@ - fi;; - FreeBSD) - [ $V -gt 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] -+ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} - fi;; -@@ -1128,13 +1136,13 @@ - CMD=`loc login login $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - if [ "$SYSTEM" = "SunOS" ]; then - TROJED_L_L="porcao|/bin/xstat" -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then - return ${INFECTED} - else - return ${NOT_TESTED} -@@ -1142,7 +1150,7 @@ - fi - GENERAL="^root$" - TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" -- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` -+ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` - if [ ${ret} -gt 0 ]; then - case ${ret} in - 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ -@@ -1153,7 +1161,7 @@ - *) STATUS=${INFECTED};; - esac - fi -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null - then - STATUS=${INFECTED} - fi -@@ -1169,14 +1177,14 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - fi - - if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] - then - return ${NOT_TESTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1194,11 +1202,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1217,11 +1225,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1238,11 +1246,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1260,11 +1268,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1282,11 +1290,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1304,11 +1312,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1322,11 +1330,11 @@ - CMD=`loc ls ls $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1339,11 +1347,11 @@ - CMD=`loc du du $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1363,11 +1371,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1381,11 +1389,11 @@ - CMD=`loc netstat netstat $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1400,11 +1408,11 @@ - CMD=`loc ps ps $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1422,11 +1430,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1444,11 +1452,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1466,11 +1474,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1488,11 +1496,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1505,8 +1513,8 @@ - - if [ "${SYSTEM}" = "Linux" ] - then -- if [ ! -x ./strings-static ]; then -- printn "can't exec ./strings-static, " -+ if [ ! -x i${STRINGS} ]; then -+ printn "can't exec ${STRINGS}, " - return ${NOT_TESTED} - fi - -@@ -1516,7 +1524,7 @@ - fi - - ### strings must be a statically linked binary. -- if ./strings-static -a ${CMD} > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1531,11 +1539,11 @@ - CMD=`loc basename basename $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1555,11 +1563,11 @@ - CMD=`loc dirname dirname $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1580,11 +1588,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1596,12 +1604,12 @@ - CMD=`loc rpcinfo rpcinfo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1618,19 +1626,19 @@ - CMD=`loc date date $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - [ "${SYSTEM}" = "FreeBSD" -a $V -gt 50 ] && - { -- if [ `${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ -+ if [ `${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ - ${egrep} -c "$S_L"` -ne 2 ]; then - STATUS=${INFECTED} - fi - } || - { -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1647,12 +1655,12 @@ - CMD=`loc echo echo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1668,12 +1676,12 @@ - CMD=`loc env env $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1695,11 +1703,11 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1713,11 +1721,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1732,11 +1740,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1750,11 +1758,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1768,11 +1776,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1784,12 +1792,12 @@ - CMD=`loc write write $pth` - WRITE_ROOTKIT_LABEL="bash|elite$|vejeta|\.ark" - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1806,11 +1814,11 @@ - W_INFECTED_LABEL="uname -a" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1826,11 +1834,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1862,7 +1870,7 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - STATUS=${INFECTED} -@@ -1879,12 +1887,12 @@ - MAIL_INFECTED_LABEL="sh -i" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1904,12 +1912,12 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1926,11 +1934,11 @@ - CMD=`loc egrep egrep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1943,12 +1951,12 @@ - CMD=`loc grep grep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1970,11 +1978,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1992,10 +2000,10 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2010,10 +2018,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2028,10 +2036,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2046,10 +2054,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2068,10 +2076,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2083,18 +2091,18 @@ - CMD="${ROOTDIR}sbin/ifconfig" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - IFCONFIG_NOT_INFECTED_LABEL="PROMISC" - IFCONFIG_INFECTED_LABEL="/dev/tux|/session.null" -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${NOT_INFECTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2114,12 +2122,12 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - RSHD_INFECTED_LABEL="HISTFILE" -- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ -@@ -2155,11 +2163,11 @@ - [ "tcpd" = "${CMD}" ] && return ${NOT_FOUND}; - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2176,11 +2184,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2197,11 +2205,11 @@ - CMD=`loc su su $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2221,11 +2229,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2273,11 +2281,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} diff --git a/app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff deleted file mode 100644 index a9e028136068..000000000000 --- a/app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff +++ /dev/null @@ -1,977 +0,0 @@ ---- chkrootkit.org 2004-07-08 02:22:29.000000000 +0200 -+++ chkrootkit 2004-07-08 02:24:49.000000000 +0200 -@@ -10,6 +10,14 @@ - # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. - # All rights reserved - -+# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` -+IFPROMISC="/usr/sbin/ifpromisc" -+CHKLASTLOG="/usr/sbin/chklastlog" -+CHKPROC="/usr/sbin/chkproc" -+CHKWTMP="/usr/sbin/chkwtmp" -+CHECK_WTMPX="/usr/sbin/check_wtmpx" -+STRINGS="/usr/sbin/strings-static" -+ - ### workaround for some Bourne shell implementations - unalias login > /dev/null 2>&1 - unalias ls > /dev/null 2>&1 -@@ -116,7 +124,7 @@ - - if [ "${EXPERT}" = "t" ]; then - expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -@@ -132,7 +140,7 @@ - STATUS=${INFECTED} - fi - -- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 - then - echo "INFECTED" - STATUS=${INFECTED} -@@ -151,20 +159,20 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./ifpromisc" -v -+ expertmode_output "${IFPROMISC}" -v - return 5 - fi -- if [ ! -x ./ifpromisc ]; then -- echo "not tested: can't exec ./ifpromisc" -+ if [ ! -x ${IFPROMISC} ]; then -+ echo "not tested: can't exec ${IFPROMISC}" - return ${NOT_TESTED} - else -- [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q -+ [ "${QUIET}" != "t" ] && ${IFPROMISC} -v || ${IFPROMISC} -q - fi - } - - z2 () { -- if [ ! -x ./chklastlog ]; then -- echo "not tested: can't exec ./chklastlog" -+ if [ ! -x ${CHKLASTLOG} ]; then -+ echo "not tested: can't exec ${CHKLASTLOG}" - return ${NOT_TESTED} - fi - -@@ -178,32 +186,32 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" -+ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" - return 5 - fi - -- if ./chklastlog -f ${WTMP} -l ${LASTLOG} -+ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi - } - - wted () { -- if [ ! -x ./chkwtmp ]; then -- echo "not tested: can't exec ./chkwtmp" -+ if [ ! -x ${CHKWTMP} ]; then -+ echo "not tested: can't exec ${CHKWTMP}" - return ${NOT_TESTED} - fi - - if [ "$SYSTEM" = "SunOS" ]; then -- if [ ! -x ./check_wtmpx ]; then -- echo "not tested: can't exec ./check_wtmpx" -+ if [ ! -x ${CHECK_WTMPX} ]; then -+ echo "not tested: can't exec ${CHECK_WTMPX}" - else - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./check_wtmpx" -+ expertmode_output "${CHECK_WTMPX}" - return 5 - fi - if [ -f ${ROOTDIR}var/adm/wtmp ]; then -- if ./check_wtmpx -+ if ${CHECK_WTMPX} - then - if [ "${QUIET}" != "t" ]; then \ - echo "nothing deleted in /var/adm/wtmpx"; fi -@@ -214,12 +222,12 @@ - WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./chkwtmp -f ${WTMP}" -+ expertmode_output "${CHKWTMP} -f ${WTMP}" - return 5 - fi - fi - -- if ./chkwtmp -f ${WTMP} -+ if ${CHKWTMP} -f ${WTMP} - then - if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi - fi -@@ -258,7 +266,7 @@ - prog="" - if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ - ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then -- [ ! -x ./chkproc ] && prog="./chkproc" -+ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" - [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" - if [ "$prog" != "" ]; then - # echo "not tested: can't exec $prog" -@@ -268,7 +276,7 @@ - if [ "${EXPERT}" = "t" ]; then - [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null - [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null -- expertmode_output "./chkproc -v -v" -+ expertmode_output "${CHKPROC} -v -v" - return 5 - fi - -@@ -289,7 +297,7 @@ - echo "Warning: Knark LKM installed" - fi - -- if ./chkproc -+ if ${CHKPROC} - then - if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi - else -@@ -465,7 +473,7 @@ - ${egrep} "\.hk" ${ROOTDIR}etc/rc.d/init.d/network 2>/dev/null - - ## Suckit rootkit -- expertmode_output "${strings} ${ROOTDIR}sbin/init | ${egrep} HOME" -+ expertmode_output "${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME" - expertmode_output "cat ${ROOTDIR}proc/1/maps | ${egrep} init." - - ## Volc rootkit -@@ -890,7 +898,7 @@ - ### Suckit - if [ -f ${ROOTDIR}sbin/init ]; then - if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit ... "; fi -- if [ ${SYSTEM} != "HP-UX" ] && ( ${strings} ${ROOTDIR}sbin/init | ${egrep} HOME || \ -+ if [ ${SYSTEM} != "HP-UX" ] && ( ${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME || \ - cat ${ROOTDIR}/proc/1/maps | ${egrep} "init." ) >/dev/null 2>&1 - then - echo "Warning: ${ROOTDIR}sbin/init INFECTED" -@@ -1068,20 +1076,20 @@ - STATUS=${NOT_INFECTED} - CMD=`loc chfn chfn $pth` - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi;; - FreeBSD) - [ $V -gt 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | \ -+ if [ `${STRINGS} -a ${CMD} | \ - ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} -@@ -1096,16 +1104,16 @@ - REDHAT_PAM_LABEL="*NOT*" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - case "${SYSTEM}" in - Linux) -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then -- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ - >/dev/null 2>&1 - then - : -@@ -1115,7 +1123,7 @@ - fi;; - FreeBSD) - [ $V -gt 50 ] && n=1 || n=2 -- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] -+ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] - then - STATUS=${INFECTED} - fi;; -@@ -1128,13 +1136,13 @@ - CMD=`loc login login $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - if [ "$SYSTEM" = "SunOS" ]; then - TROJED_L_L="porcao|/bin/xstat" -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then - return ${INFECTED} - else - return ${NOT_TESTED} -@@ -1142,7 +1150,7 @@ - fi - GENERAL="^root$" - TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" -- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` -+ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` - if [ ${ret} -gt 0 ]; then - case ${ret} in - 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ -@@ -1153,7 +1161,7 @@ - *) STATUS=${INFECTED};; - esac - fi -- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null - then - STATUS=${INFECTED} - fi -@@ -1169,14 +1177,14 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - fi - - if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] - then - return ${NOT_TESTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1194,11 +1202,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1217,11 +1225,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1238,11 +1246,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1260,11 +1268,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1282,11 +1290,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1304,11 +1312,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1322,11 +1330,11 @@ - CMD=`loc ls ls $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1339,11 +1347,11 @@ - CMD=`loc du du $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1363,11 +1371,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1381,11 +1389,11 @@ - CMD=`loc netstat netstat $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -1400,11 +1408,11 @@ - CMD=`loc ps ps $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1422,11 +1430,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1444,11 +1452,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1466,11 +1474,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1488,11 +1496,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1505,18 +1513,18 @@ - - if [ "${SYSTEM}" = "Linux" ] - then -- if [ ! -x ./strings-static ]; then -- printn "can't exec ./strings-static, " -+ if [ ! -x ${STRINGS} ]; then -+ printn "can't exec ${STRINGS}, " - return ${NOT_TESTED} - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "./strings -a ${CMD}" -+ expertmode_output "{STRINGS} -a ${CMD}" - return 5 - fi - - ### strings must be a statically linked binary. -- if ./strings-static -a ${CMD} > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1531,11 +1539,11 @@ - CMD=`loc basename basename $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1555,11 +1563,11 @@ - CMD=`loc dirname dirname $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1580,11 +1588,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1596,12 +1604,12 @@ - CMD=`loc rpcinfo rpcinfo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1618,19 +1626,19 @@ - CMD=`loc date date $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - [ "${SYSTEM}" = "FreeBSD" -a $V -gt 50 ] && - { -- if [ `${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ -+ if [ `${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ - ${egrep} -c "$S_L"` -ne 2 ]; then - STATUS=${INFECTED} - fi - } || - { -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1647,12 +1655,12 @@ - CMD=`loc echo echo $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1668,12 +1676,12 @@ - CMD=`loc env env $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1695,11 +1703,11 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1713,11 +1721,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1732,11 +1740,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1750,11 +1758,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1768,11 +1776,11 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1784,12 +1792,12 @@ - CMD=`loc write write $pth` - WRITE_ROOTKIT_LABEL="bash|elite$|vejeta|\.ark" - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1806,11 +1814,11 @@ - W_INFECTED_LABEL="uname -a" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1826,11 +1834,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1862,7 +1870,7 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - STATUS=${INFECTED} -@@ -1879,12 +1887,12 @@ - MAIL_INFECTED_LABEL="sh -i" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1904,12 +1912,12 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1926,11 +1934,11 @@ - CMD=`loc egrep egrep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1943,12 +1951,12 @@ - CMD=`loc grep grep $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - expertmode_output "${ls} -l ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1970,11 +1978,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -1992,10 +2000,10 @@ - fi - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2010,10 +2018,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2028,10 +2036,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2046,10 +2054,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2068,10 +2076,10 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi -- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2083,18 +2091,18 @@ - CMD="${ROOTDIR}sbin/ifconfig" - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - IFCONFIG_NOT_INFECTED_LABEL="PROMISC" - IFCONFIG_INFECTED_LABEL="/dev/tux|/session.null" -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${NOT_INFECTED} - fi -- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2114,12 +2122,12 @@ - return ${NOT_FOUND} - fi - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - - RSHD_INFECTED_LABEL="HISTFILE" -- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ -@@ -2155,11 +2163,11 @@ - [ "tcpd" = "${CMD}" ] && return ${NOT_FOUND}; - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2176,11 +2184,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2197,11 +2205,11 @@ - CMD=`loc su su $pth` - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 -+ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 - then - STATUS=${INFECTED} - fi -@@ -2221,11 +2229,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ - > /dev/null 2>&1 - then - STATUS=${INFECTED} -@@ -2273,11 +2281,11 @@ - fi - - if [ "${EXPERT}" = "t" ]; then -- expertmode_output "${strings} -a ${CMD}" -+ expertmode_output "${STRINGS} -a ${CMD}" - return 5 - fi - -- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ -+ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ - >/dev/null 2>&1 - then - STATUS=${INFECTED} diff --git a/app-admin/chkrootkit/files/digest-chkrootkit-0.43-r3 b/app-admin/chkrootkit/files/digest-chkrootkit-0.43-r3 new file mode 100644 index 000000000000..3d6c11302694 --- /dev/null +++ b/app-admin/chkrootkit/files/digest-chkrootkit-0.43-r3 @@ -0,0 +1,2 @@ +MD5 08646b9bf3a9dc45c25a40946962a839 chkrootkit-0.43.tar.gz 33355 +MD5 51abc2b0a8cafd07df9ad3f62e0667aa chkrootkit-0.43-r3-gentoo.diff.gz 3759 |