%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/local/maldetect/internals/
Upload File :
Create Path :
Current File : //usr/local/maldetect/internals/scan.etpl

if [ -z "$type" ]; then
	type=scan
fi
cat > $tmpf <<EOF
HOST:      $HOSTNAME
SCAN ID:   $scanid
STARTED:   $scan_start_hr
EOF
if [ ! "$type" == "digest" ]; then
cat >> $tmpf <<EOF
COMPLETED: $scan_end_hr
ELAPSED:   ${scan_et}s [find: ${file_list_et}s]

EOF
else
cat >> $tmpf <<EOF
MODE:      inotify digest
ELAPSED:   $inotify_run_time
EOF
fi
if [ "$spath" ]; then
	echo "PATH:          $hrspath" >> $tmpf
fi
if [ "$days" ] && [ ! "$days" == "all" ]; then
	echo "RANGE:         $days days" >> $tmpf
fi
cat >> $tmpf <<EOF
TOTAL FILES:   $tot_files
TOTAL HITS:    $tot_hits
TOTAL CLEANED: $tot_cl

EOF
if [ "$quarantine_hits" == "0" ] && [ ! "$tot_hits" == "0" ]; then
 echo "WARNING: Automatic quarantine is currently disabled, detected threats are still accessible to users!" >> $tmpf
 echo "To enable, set quarantine_hits=1 and/or to quarantine hits from this scan run:" >> $tmpf
 echo -e "/usr/local/sbin/maldet -q $datestamp.$$\n" >> $tmpf
fi
if [ "$quarantine_clean" == "1" ]; then
  if [ "$type" == "scan" ] && [ -f "$sessdir/clean.$$" ] && [ ! -z "$(cat $sessdir/clean.$$)" ]; then
	cleaned_list="$sessdir/clean.$$"
  elif [ "$type" == "digest" ] && [ -f "$tmpdir/.digest.clean.hits" ] && [ ! "$tot_cl" == "0" ]; then
	cleaned_list="$tmpdir/.digest.clean.hits"
  fi
  if [ -f "$cleaned_list" ]; then
cat >> $tmpf <<EOF
CLEANED & RESTORED FILES:
$(cat $cleaned_list)

EOF
  fi
 if [ "$quarantine_suspend_user" == "1" ]; then
  if [ -f "$sessdir/suspend.users.$$" ] && [ ! -z "$(cat $sessdir/suspend.users.$$)" ]; then
	suspended_list="$sessdir/suspend.users.$$"
  elif [ "$type" == "digest" ] && [ -f "$tmpdir/.digest.susp.hits" ] && [ ! "$tot_susp" == "0" ]; then
	suspended_list="$tmpdir/.digest.susp.hits"
  fi
  if [ -f "$suspended_list" ]; then
cat >> $tmpf <<EOF
SUSPENDED ACCOUNTS:
$(cat "$suspended_list")

EOF
  fi
 fi
fi

if [ ! "$tot_hits" == "0" ]; then
 if [ "$type" == "digest" ]; then
	hitlist_file="$tmpdir/.digest.alert.hits"
 else
	hitlist_file="$scan_session"
 fi
 if [ -f "$hitlist_file" ]; then
 	echo "FILE HIT LIST:" >> $tmpf
        if [ "$coltest" ]; then
                cat $hitlist_file | column -s ':' -t -o ':' >> $tmpf
        else
                cat $hitlist_file >> $tmpf
                if [ "$enable_statistic" == "1" ]; then
                        export IFS=$(echo -en "\n\b")
                        for showhit in `cat $hitlist_file`; do
                                curl --output  /dev/null --silent --show-error -XPOST "${elk_host}:${elk_port}/$(if [ $elk_index != '' ]; then echo "${elk_index}/message"; fi )" -H 'Content-Type: application/json' -d "$(echo $showhit|awk -v date=$(date +%s) -v hostname=$(hostname) '{print "{\"date\" : \""date"\", \"hit\" : \""$1"\", \"file\" : \""$3"\", \"hostname\" : \""hostname"\"}"}')"
                        done
                        export IFS=' '
                fi

        fi
 fi
fi

cat >> $tmpf <<EOF
===============================================
Linux Malware Detect v$ver < proj@rfxn.com >
EOF

Zerion Mini Shell 1.0