diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh index 63ac537..6ebd605 100755 --- a/modules/security/malware-scanner.sh +++ b/modules/security/malware-scanner.sh @@ -2580,6 +2580,162 @@ delete_standalone_sessions() { } # Main scan menu +# Maldet-specific scan menu (dedicated section for fastest scanner) +maldet_scan_submenu() { + while true; do + echo "" + print_header "Maldet Scanner - Linux Malware Detection" + echo "Fast, efficient, Linux-specific malware detection" + echo "" + + echo "Select scan type:" + echo -e " ${CYAN}1.${NC} Scan entire server (fastest comprehensive scan)" + echo -e " ${CYAN}2.${NC} Scan all user accounts" + echo -e " ${CYAN}3.${NC} Scan specific user account" + echo -e " ${CYAN}4.${NC} Scan specific domain" + echo -e " ${CYAN}5.${NC} Scan custom path" + echo "" + echo -e " ${CYAN}6.${NC} Update Maldet signatures" + echo -e " ${CYAN}7.${NC} View Maldet results" + echo "" + echo -e " ${RED}0.${NC} Back to main menu" + echo "" + + while true; do + read -p "Select option (0-7): " choice + + if ! [[ "$choice" =~ ^[0-7]$ ]]; then + echo -e "${RED}Invalid option${NC}" + sleep 1 + continue + fi + + case $choice in + 1) maldet_launch_scan "server"; break ;; + 2) maldet_launch_scan "all_users"; break ;; + 3) maldet_launch_scan "user"; break ;; + 4) maldet_launch_scan "domain"; break ;; + 5) maldet_launch_scan "custom"; break ;; + 6) maldet_update_signatures; break ;; + 7) maldet_view_results; break ;; + 0) return 0 ;; + esac + done + done +} + +# Launch Maldet-specific scan with different scope options +maldet_launch_scan() { + local scope="$1" + + echo "" + print_header "Launching Maldet Scan - $scope" + + # Check if Maldet is installed + if ! is_maldet_installed; then + echo -e "${RED}✗ Maldet is not installed${NC}" + echo "" + read -p "Install Maldet now? (yes/no): " install_choice + if [ "$install_choice" = "yes" ]; then + install_all_scanners + maldet_scan_submenu + fi + return 1 + fi + + # Find Maldet binary + local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1) + if [ -z "$maldet_bin" ]; then + echo -e "${RED}✗ Maldet binary not found${NC}" + read -p "Press Enter to continue..." + return 1 + fi + + echo "" + echo "Creating Maldet-only scan session..." + echo "Scope: $scope" + echo "" + + # For now, launch via the existing scanner menu but only with Maldet + # Store preference for Maldet-only scanning + export MALDET_ONLY=1 + launch_standalone_scanner_menu "$scope" + unset MALDET_ONLY +} + +# Update Maldet signatures +maldet_update_signatures() { + echo "" + print_header "Updating Maldet Signatures" + + # Check if Maldet is installed + if ! is_maldet_installed; then + echo -e "${RED}✗ Maldet is not installed${NC}" + echo "" + read -p "Install Maldet now? (yes/no): " install_choice + if [ "$install_choice" = "yes" ]; then + install_all_scanners + fi + return 1 + fi + + local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1) + + if [ -z "$maldet_bin" ]; then + echo -e "${RED}✗ Maldet binary not found${NC}" + read -p "Press Enter to continue..." + return 1 + fi + + echo "Updating Maldet malware signatures..." + echo "(This may take a few moments)" + echo "" + + if timeout 120 "$maldet_bin" -u 2>&1 | tee /tmp/maldet-update.log | grep -E "updated|completed|signatures"; then + echo "" + echo -e "${GREEN}✓ Signatures updated successfully${NC}" + else + echo "" + echo -e "${YELLOW}⚠ Signature update may have completed (check output above)${NC}" + fi + + echo "" + read -p "Press Enter to continue..." +} + +# View Maldet-specific results +maldet_view_results() { + echo "" + print_header "Maldet Scan Results" + + if ! is_maldet_installed; then + echo -e "${RED}✗ Maldet is not installed${NC}" + echo "" + read -p "Press Enter to continue..." + return 1 + fi + + local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1) + + if [ -z "$maldet_bin" ]; then + echo -e "${RED}✗ Maldet binary not found${NC}" + read -p "Press Enter to continue..." + return 1 + fi + + echo "Recent Maldet scans:" + echo "" + + if "$maldet_bin" -l 2>/dev/null | head -20; then + echo "" + else + echo "No Maldet scans found" + echo "" + fi + + read -p "Press Enter to continue..." +} + show_scan_menu() { # Ensure print_banner is available before calling it if ! declare -f "print_banner" &>/dev/null; then @@ -2610,46 +2766,51 @@ show_scan_menu() { fi echo "" - echo -e "${CYAN}Create New Scan:${NC}" - echo -e " ${CYAN}1.${NC} Scan entire server (ClamAV, Maldet, RKHunter)" - echo -e " ${CYAN}2.${NC} Scan all user accounts (All scanners - recommended)" - echo -e " ${CYAN}3.${NC} Scan specific user account (All scanners)" - echo -e " ${CYAN}4.${NC} Scan specific domain (All scanners)" - echo -e " ${CYAN}5.${NC} Scan custom path (All scanners)" + echo -e "${CYAN}Maldet Scanner (Fast, Linux-focused):${NC}" + echo -e " ${CYAN}1.${NC} Maldet menu (dedicated scanner)" + echo "" + + echo -e "${CYAN}Create New Scan (All Scanners):${NC}" + echo -e " ${CYAN}2.${NC} Scan entire server (ClamAV, Maldet, RKHunter)" + echo -e " ${CYAN}3.${NC} Scan all user accounts (All scanners - recommended)" + echo -e " ${CYAN}4.${NC} Scan specific user account (All scanners)" + echo -e " ${CYAN}5.${NC} Scan specific domain (All scanners)" + echo -e " ${CYAN}6.${NC} Scan custom path (All scanners)" echo "" echo -e "${CYAN}Monitor & Manage:${NC}" - echo -e " ${CYAN}6.${NC} Check scan status" - echo -e " ${CYAN}7.${NC} View scan results" - echo -e " ${CYAN}8.${NC} Delete scan sessions" + echo -e " ${CYAN}7.${NC} Check scan status" + echo -e " ${CYAN}8.${NC} View scan results" + echo -e " ${CYAN}9.${NC} Delete scan sessions" echo "" echo -e "${CYAN}Configuration:${NC}" - echo -e " ${CYAN}9.${NC} Install all scanners" - echo -e " ${CYAN}10.${NC} Scanner settings" + echo -e " ${CYAN}10.${NC} Install all scanners" + echo -e " ${CYAN}11.${NC} Scanner settings" echo "" echo -e " ${RED}0.${NC} Back" echo "" # Validate choice input with retry loop while true; do - read -p "Select option (0-10): " choice + read -p "Select option (0-11): " choice - if ! [[ "$choice" =~ ^([0-9]|10)$ ]]; then + if ! [[ "$choice" =~ ^([0-9]|10|11)$ ]]; then echo -e "${RED}Invalid option${NC}" sleep 1 continue fi case $choice in - 1) launch_standalone_scanner_menu "server"; break ;; - 2) launch_standalone_scanner_menu "all_users"; break ;; - 3) launch_standalone_scanner_menu "user"; break ;; - 4) launch_standalone_scanner_menu "domain"; break ;; - 5) launch_standalone_scanner_menu "custom"; break ;; - 6) check_standalone_status; break ;; - 7) view_scan_results; break ;; - 8) delete_standalone_sessions; break ;; - 9) install_all_scanners; break ;; - 10) scanner_settings; break ;; + 1) maldet_scan_submenu; break ;; + 2) launch_standalone_scanner_menu "server"; break ;; + 3) launch_standalone_scanner_menu "all_users"; break ;; + 4) launch_standalone_scanner_menu "user"; break ;; + 5) launch_standalone_scanner_menu "domain"; break ;; + 6) launch_standalone_scanner_menu "custom"; break ;; + 7) check_standalone_status; break ;; + 8) view_scan_results; break ;; + 9) delete_standalone_sessions; break ;; + 10) install_all_scanners; break ;; + 11) scanner_settings; break ;; 0) return 0 ;; esac done