File chkrootkit-0.49.patch of Package chkrootkit
diff -rup chkrootkit-0.49.orig/chkrootkit chkrootkit-0.49/chkrootkit
--- chkrootkit-0.49.orig/chkrootkit 2009-07-30 16:10:54.000000000 +0200
+++ chkrootkit-0.49/chkrootkit 2010-09-29 23:03:56.765108341 +0200
@@ -181,23 +181,23 @@ sniffer () {
fi
if [ "${EXPERT}" = "t" ]; then
- expertmode_output "./ifpromisc" -v
+ expertmode_output "/sbin/ifpromisc" -v
return 5
fi
- if [ ! -x ./ifpromisc ]; then
- echo "not tested: can't exec ./ifpromisc"
+ if [ ! -x /sbin/ifpromisc ]; then
+ echo "not tested: can't exec /sbin/ifpromisc"
return ${NOT_TESTED}
else
- [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q
+ [ "${QUIET}" != "t" ] && /sbin/ifpromisc -v || /sbin/ifpromisc -q
fi
}
chkutmp() {
- if [ ! -x ./chkutmp ]; then
- echo "not tested: can't exec ./chkutmp"
+ if [ ! -x /sbin/chkutmp ]; then
+ echo "not tested: can't exec /sbin/chkutmp"
return ${NOT_TESTED}
fi
- if ./chkutmp
+ if /sbin/chkutmp
then
if [ "${QUIET}" != "t" ]; then echo "chkutmp: nothing deleted"; fi
fi
@@ -205,8 +205,8 @@ chkutmp() {
}
z2 () {
- if [ ! -x ./chklastlog ]; then
- echo "not tested: can't exec ./chklastlog"
+ if [ ! -x /sbin/chklastlog ]; then
+ echo "not tested: can't exec /sbin/chklastlog"
return ${NOT_TESTED}
fi
@@ -219,32 +219,32 @@ z2 () {
fi
if [ "${EXPERT}" = "t" ]; then
- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}"
+ expertmode_output "/sbin/chklastlog -f ${WTMP} -l ${LASTLOG}"
return 5
fi
- if ./chklastlog -f ${WTMP} -l ${LASTLOG}
+ if /sbin/chklastlog -f ${WTMP} -l ${LASTLOG}
then
if [ "${QUIET}" != "t" ]; then echo "chklastlog: nothing deleted"; fi
fi
}
wted () {
- if [ ! -x ./chkwtmp ]; then
- echo "not tested: can't exec ./chkwtmp"
+ if [ ! -x /sbin/chkwtmp ]; then
+ echo "not tested: can't exec /sbin/chkwtmp"
return ${NOT_TESTED}
fi
if [ "$SYSTEM" = "SunOS" ]; then
- if [ ! -x ./check_wtmpx ]; then
- echo "not tested: can't exec ./check_wtmpx"
+ if [ ! -x /sbin/check_wtmpx ]; then
+ echo "not tested: can't exec /sbin/check_wtmpx"
else
if [ "${EXPERT}" = "t" ]; then
- expertmode_output "./check_wtmpx"
+ expertmode_output "/sbin/check_wtmpx"
return 5
fi
if [ -f ${ROOTDIR}var/adm/wtmp ]; then
- if ./check_wtmpx
+ if /sbin/check_wtmpx
then
if [ "${QUIET}" != "t" ]; then \
echo "check_wtmpx: nothing deleted in /var/adm/wtmpx"; fi
@@ -255,12 +255,12 @@ wted () {
WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"`
if [ "${EXPERT}" = "t" ]; then
- expertmode_output "./chkwtmp -f ${WTMP}"
+ expertmode_output "/sbin/chkwtmp -f ${WTMP}"
return 5
fi
fi
- if ./chkwtmp -f ${WTMP}
+ if /sbin/chkwtmp -f ${WTMP}
then
if [ "${QUIET}" != "t" ]; then echo "chkwtmp: nothing deleted"; fi
fi
@@ -298,8 +298,8 @@ lkm ()
prog=""
if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \
`echo ${V} | ${awk} '{ if ($1 > 4.3 || $1 < 6.0) print 1; else print 0 }'` -eq 1 \) \) -a "${ROOTDIR}" = "/" ]; then
- [ -x ./chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="./chkproc"
- [ -x ./chkdirs ] && prog="$prog ./chkdirs"
+ [ -x /sbin/chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="/sbin/chkproc"
+ [ -x /sbin/chkdirs ] && prog="$prog /sbin/chkdirs"
if [ "$prog" = "" ]; then
echo "not tested: can't exec $prog"
return ${NOT_TESTED}
@@ -311,7 +311,7 @@ lkm ()
PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |${awk} -F . '{ print $1 "." $2 $3 }' | ${awk} '{ if ($0 > 3.19) print 3; else if ($0 < 2.015) print 1; else print 2 }'`
[ "$PV" = "" ] && PV=2
[ "${SYSTEM}" = "SunOS" ] && PV=0
- expertmode_output "./chkproc -v -v -p $PV"
+ expertmode_output "/sbin/chkproc -v -v -p $PV"
return 5
fi
@@ -338,7 +338,7 @@ lkm ()
if [ "${DEBUG}" = "t" ]; then
${echo} "*** PV=$PV ***"
fi
- if ./chkproc -p ${PV}; then
+ if /sbin/chkproc -p ${PV}; then
if [ "${QUIET}" != "t" ]; then echo "chkproc: nothing detected"; fi
else
echo "chkproc: Warning: Possible LKM Trojan installed"
@@ -347,7 +347,7 @@ lkm ()
for i in /usr/share /usr/bin /usr/sbin /lib; do
[ -d $i ] && dirs="$dirs $i"
done
- if ./chkdirs $dirs; then
+ if /sbin/chkdirs $dirs; then
if [ "${QUIET}" != "t" ]; then echo "chkdirs: nothing detected"; fi
else
echo "chkdirs: Warning: Possible LKM Trojan installed"
@@ -1718,18 +1718,18 @@ chk_ldsopreload() {
if [ "${SYSTEM}" = "Linux" ]
then
- if [ ! -x ./strings-static ]; then
- printn "can't exec ./strings-static, "
+ if [ ! -x /sbin/strings-static ]; then
+ printn "can't exec /sbin/strings-static, "
return ${NOT_TESTED}
fi
if [ "${EXPERT}" = "t" ]; then
- expertmode_output "./strings-static -a ${CMD}"
+ expertmode_output "/sbin/strings-static -a ${CMD}"
return 5
fi
### strings must be a statically linked binary.
- if ./strings-static -a ${CMD} > /dev/null 2>&1
+ if /sbin/strings-static -a ${CMD} > /dev/null 2>&1
then
STATUS=${INFECTED}
fi
@@ -2605,7 +2605,7 @@ for file in $cmdlist; do
xxx=`loc $file $file $chkrkpth`
eval $file=$xxx
case "$xxx" in
- /* | ./* | ../*)
+ /* | /sbin/* | ../*)
if [ ! -x "${xxx}" ]
then
diff -rup chkrootkit-0.49.orig/Makefile chkrootkit-0.49/Makefile
--- chkrootkit-0.49.orig/Makefile 2007-12-24 13:18:02.000000000 +0100
+++ chkrootkit-0.49/Makefile 2010-09-29 22:51:54.766101051 +0200
@@ -4,7 +4,8 @@
#
CC = gcc
-CFLAGS = -DHAVE_LASTLOG_H
+OPTFLAGS =
+CFLAGS = -DHAVE_LASTLOG_H -Wall $(OPTFLAGS)
STATIC = -static
###
@@ -41,36 +42,28 @@ sense: chklastlog chkwtmp ifpromisc chkp
chklastlog: chklastlog.c
${CC} ${CFLAGS} -o $@ chklastlog.c
- @strip $@
chkwtmp: chkwtmp.c
${CC} ${CFLAGS} -o $@ chkwtmp.c
- @strip $@
ifpromisc: ifpromisc.c
${CC} ${CFLAGS} ${LDFLAGS} -D_FILE_OFFSET_BITS=64 -o $@ ifpromisc.c
- @strip $@
chkproc: chkproc.c
- ${CC} ${LDFLAGS} -o $@ chkproc.c
- @strip $@
+ ${CC} ${CFLAGS} ${LDFLAGS} -o $@ chkproc.c
chkdirs: chkdirs.c
- ${CC} ${LDFLAGS} -o $@ chkdirs.c
- @strip $@
+ ${CC} ${CFLAGS} ${LDFLAGS} -o $@ chkdirs.c
check_wtmpx: check_wtmpx.c
- ${CC} ${LDFLAGS} -o $@ check_wtmpx.c
- @strip $@
+ ${CC} ${CFLAGS} ${LDFLAGS} -o $@ check_wtmpx.c
chkutmp: chkutmp.c
- ${CC} ${LDFLAGS} -o $@ chkutmp.c
- @strip $@
+ ${CC} ${CFLAGS} ${LDFLAGS} -o $@ chkutmp.c
strings-static: strings.c
- ${CC} ${STATIC} ${LDFLAGS} -o $@ strings.c
- @strip $@
+ ${CC} ${STATIC} ${CFLAGS} ${LDFLAGS} -o $@ strings.c
clean:
rm -f ${OBJS} core chklastlog chkwtmp ifpromisc chkproc chkdirs check_wtmpx strings-static chkutmp
diff -rup chkrootkit-0.49.orig/strings.c chkrootkit-0.49/strings.c
--- chkrootkit-0.49.orig/strings.c 2007-12-24 13:18:02.000000000 +0100
+++ chkrootkit-0.49/strings.c 2010-09-29 23:04:19.841105766 +0200
@@ -11,6 +11,7 @@
#include <stdio.h>
#include <strings.h>
+#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <ctype.h>