Compare commits
4 Commits
61fe915c4c
...
2c4efbc805
| Author | SHA1 | Date | |
|---|---|---|---|
 Developer
|
2c4efbc805 | ||
|
Developer
|
629176d301 | ||
|
Developer
|
7382c9c2ac | ||
|
Developer
|
b1062f4d40 |
@@ -408,13 +408,29 @@ install_all_scanners() {
|
||||
|
||||
# Check if installation succeeded
|
||||
if is_maldet_installed; then
|
||||
# Verify we have version 2.0 or newer
|
||||
local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1)
|
||||
local maldet_version=""
|
||||
if [ -n "$maldet_bin" ]; then
|
||||
maldet_version=$("$maldet_bin" -v 2>/dev/null | grep -oE '[0-9]+\.[0-9]+' | head -1)
|
||||
fi
|
||||
|
||||
# Check version is 2.0 or newer
|
||||
if [ -n "$maldet_version" ]; then
|
||||
local major_version=$(echo "$maldet_version" | cut -d. -f1)
|
||||
if [ "$major_version" -lt 2 ]; then
|
||||
echo -e "${YELLOW}⚠ Warning: Maldet version $maldet_version installed (2.0+ recommended for performance)${NC}"
|
||||
else
|
||||
echo -e "${GREEN}✓${NC} Maldet $maldet_version installed (2.0+ performance optimizations)"
|
||||
fi
|
||||
else
|
||||
echo -e "${GREEN}✓ Maldet installed${NC}"
|
||||
fi
|
||||
|
||||
rm -f "$install_log"
|
||||
|
||||
# Update malware signatures immediately with timeout
|
||||
echo " → Updating malware signatures..."
|
||||
# Try to find maldet binary (might not be in PATH yet)
|
||||
local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1)
|
||||
if [ -n "$maldet_bin" ]; then
|
||||
if timeout 120 "$maldet_bin" -u 2>&1 | grep -qE "update completed|signatures"; then
|
||||
echo -e " ${GREEN}✓${NC} Signatures updated"
|
||||
@@ -802,8 +818,8 @@ get_domain_docroot() {
|
||||
local domain_docroot=""
|
||||
|
||||
if [ "$CONTROL_PANEL" = "cpanel" ]; then
|
||||
# Use grep -F for literal matching (safe from regex injection)
|
||||
domain_docroot=$(grep -F "^${domain}:" /etc/userdatadomains | cut -d= -f5 | sed 's/==/=/g')
|
||||
# Use grep with word boundary for safe matching (avoid regex injection)
|
||||
domain_docroot=$(grep "^$(printf '%s\n' "$domain" | sed 's/[[\.*^$/]/\\&/g'):" /etc/userdatadomains | cut -d= -f5 | sed 's/==/=/g')
|
||||
elif [ "$CONTROL_PANEL" = "plesk" ]; then
|
||||
domain_docroot=$(plesk bin site -i "$domain" 2>/dev/null | grep "WWW-Root" | awk '{print $2}')
|
||||
elif [ "$CONTROL_PANEL" = "interworx" ]; then
|
||||
@@ -1144,6 +1160,22 @@ else
|
||||
fi
|
||||
fi
|
||||
|
||||
# Filter scanners if MALDET_ONLY is set (for Maldet-specific menu)
|
||||
if [ "${MALDET_ONLY:-0}" = "1" ]; then
|
||||
log_message "Maldet-only mode enabled"
|
||||
echo "🔍 Running Maldet-only scan (fastest, Linux-focused)"
|
||||
echo ""
|
||||
# Check if Maldet is available
|
||||
if [[ " ${AVAILABLE_SCANNERS[@]} " =~ " maldet " ]]; then
|
||||
AVAILABLE_SCANNERS=("maldet")
|
||||
log_message "Filtered to Maldet only"
|
||||
else
|
||||
log_message "ERROR: Maldet not installed but MALDET_ONLY was set"
|
||||
echo -e "${RED}ERROR: Maldet is not installed${NC}"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# If no scanners found, show installation guide and exit gracefully
|
||||
if [ ${#AVAILABLE_SCANNERS[@]} -eq 0 ]; then
|
||||
log_message "WARNING: No scanners found on this system"
|
||||
@@ -1686,8 +1718,8 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
|
||||
RKH_WARNINGS=0
|
||||
fi
|
||||
|
||||
# Extract any rootkits found (FIXED: use -F flag for literal matching consistency)
|
||||
grep -F "Rootkit" "$LOG_DIR/rkhunter.log" 2>/dev/null | grep -iF "found" >> "$INFECTED_LIST" 2>/dev/null || true
|
||||
# Extract any rootkits found (search for rootkit entries with found status)
|
||||
grep "Rootkit" "$LOG_DIR/rkhunter.log" 2>/dev/null | grep -i "found" >> "$INFECTED_LIST" 2>/dev/null || true
|
||||
|
||||
SCAN_END=$(date +%s)
|
||||
DURATION=$((SCAN_END - SCAN_START))
|
||||
@@ -2580,6 +2612,162 @@ delete_standalone_sessions() {
|
||||
}
|
||||
|
||||
# Main scan menu
|
||||
# Maldet-specific scan menu (dedicated section for fastest scanner)
|
||||
maldet_scan_submenu() {
|
||||
while true; do
|
||||
echo ""
|
||||
print_header "Maldet Scanner - Linux Malware Detection"
|
||||
echo "Fast, efficient, Linux-specific malware detection"
|
||||
echo ""
|
||||
|
||||
echo "Select scan type:"
|
||||
echo -e " ${CYAN}1.${NC} Scan entire server (fastest comprehensive scan)"
|
||||
echo -e " ${CYAN}2.${NC} Scan all user accounts"
|
||||
echo -e " ${CYAN}3.${NC} Scan specific user account"
|
||||
echo -e " ${CYAN}4.${NC} Scan specific domain"
|
||||
echo -e " ${CYAN}5.${NC} Scan custom path"
|
||||
echo ""
|
||||
echo -e " ${CYAN}6.${NC} Update Maldet signatures"
|
||||
echo -e " ${CYAN}7.${NC} View Maldet results"
|
||||
echo ""
|
||||
echo -e " ${RED}0.${NC} Back to main menu"
|
||||
echo ""
|
||||
|
||||
while true; do
|
||||
read -p "Select option (0-7): " choice
|
||||
|
||||
if ! [[ "$choice" =~ ^[0-7]$ ]]; then
|
||||
echo -e "${RED}Invalid option${NC}"
|
||||
sleep 1
|
||||
continue
|
||||
fi
|
||||
|
||||
case $choice in
|
||||
1) maldet_launch_scan "server"; break ;;
|
||||
2) maldet_launch_scan "all_users"; break ;;
|
||||
3) maldet_launch_scan "user"; break ;;
|
||||
4) maldet_launch_scan "domain"; break ;;
|
||||
5) maldet_launch_scan "custom"; break ;;
|
||||
6) maldet_update_signatures; break ;;
|
||||
7) maldet_view_results; break ;;
|
||||
0) return 0 ;;
|
||||
esac
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
# Launch Maldet-specific scan with different scope options
|
||||
maldet_launch_scan() {
|
||||
local scope="$1"
|
||||
|
||||
echo ""
|
||||
print_header "Launching Maldet Scan - $scope"
|
||||
|
||||
# Check if Maldet is installed
|
||||
if ! is_maldet_installed; then
|
||||
echo -e "${RED}✗ Maldet is not installed${NC}"
|
||||
echo ""
|
||||
read -p "Install Maldet now? (yes/no): " install_choice
|
||||
if [ "$install_choice" = "yes" ]; then
|
||||
install_all_scanners
|
||||
maldet_scan_submenu
|
||||
fi
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Find Maldet binary
|
||||
local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1)
|
||||
if [ -z "$maldet_bin" ]; then
|
||||
echo -e "${RED}✗ Maldet binary not found${NC}"
|
||||
read -p "Press Enter to continue..."
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "Creating Maldet-only scan session..."
|
||||
echo "Scope: $scope"
|
||||
echo ""
|
||||
|
||||
# For now, launch via the existing scanner menu but only with Maldet
|
||||
# Store preference for Maldet-only scanning
|
||||
export MALDET_ONLY=1
|
||||
launch_standalone_scanner_menu "$scope"
|
||||
unset MALDET_ONLY
|
||||
}
|
||||
|
||||
# Update Maldet signatures
|
||||
maldet_update_signatures() {
|
||||
echo ""
|
||||
print_header "Updating Maldet Signatures"
|
||||
|
||||
# Check if Maldet is installed
|
||||
if ! is_maldet_installed; then
|
||||
echo -e "${RED}✗ Maldet is not installed${NC}"
|
||||
echo ""
|
||||
read -p "Install Maldet now? (yes/no): " install_choice
|
||||
if [ "$install_choice" = "yes" ]; then
|
||||
install_all_scanners
|
||||
fi
|
||||
return 1
|
||||
fi
|
||||
|
||||
local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1)
|
||||
|
||||
if [ -z "$maldet_bin" ]; then
|
||||
echo -e "${RED}✗ Maldet binary not found${NC}"
|
||||
read -p "Press Enter to continue..."
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo "Updating Maldet malware signatures..."
|
||||
echo "(This may take a few moments)"
|
||||
echo ""
|
||||
|
||||
if timeout 120 "$maldet_bin" -u 2>&1 | tee /tmp/maldet-update.log | grep -E "updated|completed|signatures"; then
|
||||
echo ""
|
||||
echo -e "${GREEN}✓ Signatures updated successfully${NC}"
|
||||
else
|
||||
echo ""
|
||||
echo -e "${YELLOW}⚠ Signature update may have completed (check output above)${NC}"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
read -p "Press Enter to continue..."
|
||||
}
|
||||
|
||||
# View Maldet-specific results
|
||||
maldet_view_results() {
|
||||
echo ""
|
||||
print_header "Maldet Scan Results"
|
||||
|
||||
if ! is_maldet_installed; then
|
||||
echo -e "${RED}✗ Maldet is not installed${NC}"
|
||||
echo ""
|
||||
read -p "Press Enter to continue..."
|
||||
return 1
|
||||
fi
|
||||
|
||||
local maldet_bin=$(command -v maldet || find /usr/local -name maldet -type f 2>/dev/null | head -1)
|
||||
|
||||
if [ -z "$maldet_bin" ]; then
|
||||
echo -e "${RED}✗ Maldet binary not found${NC}"
|
||||
read -p "Press Enter to continue..."
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo "Recent Maldet scans:"
|
||||
echo ""
|
||||
|
||||
if "$maldet_bin" -l 2>/dev/null | head -20; then
|
||||
echo ""
|
||||
else
|
||||
echo "No Maldet scans found"
|
||||
echo ""
|
||||
fi
|
||||
|
||||
read -p "Press Enter to continue..."
|
||||
}
|
||||
|
||||
show_scan_menu() {
|
||||
# Ensure print_banner is available before calling it
|
||||
if ! declare -f "print_banner" &>/dev/null; then
|
||||
@@ -2610,46 +2798,51 @@ show_scan_menu() {
|
||||
fi
|
||||
echo ""
|
||||
|
||||
echo -e "${CYAN}Create New Scan:${NC}"
|
||||
echo -e " ${CYAN}1.${NC} Scan entire server (ClamAV, Maldet, RKHunter)"
|
||||
echo -e " ${CYAN}2.${NC} Scan all user accounts (All scanners - recommended)"
|
||||
echo -e " ${CYAN}3.${NC} Scan specific user account (All scanners)"
|
||||
echo -e " ${CYAN}4.${NC} Scan specific domain (All scanners)"
|
||||
echo -e " ${CYAN}5.${NC} Scan custom path (All scanners)"
|
||||
echo -e "${CYAN}Maldet Scanner (Fast, Linux-focused):${NC}"
|
||||
echo -e " ${CYAN}1.${NC} Maldet menu (dedicated scanner)"
|
||||
echo ""
|
||||
|
||||
echo -e "${CYAN}Create New Scan (All Scanners):${NC}"
|
||||
echo -e " ${CYAN}2.${NC} Scan entire server (ClamAV, Maldet, RKHunter)"
|
||||
echo -e " ${CYAN}3.${NC} Scan all user accounts (All scanners - recommended)"
|
||||
echo -e " ${CYAN}4.${NC} Scan specific user account (All scanners)"
|
||||
echo -e " ${CYAN}5.${NC} Scan specific domain (All scanners)"
|
||||
echo -e " ${CYAN}6.${NC} Scan custom path (All scanners)"
|
||||
echo ""
|
||||
echo -e "${CYAN}Monitor & Manage:${NC}"
|
||||
echo -e " ${CYAN}6.${NC} Check scan status"
|
||||
echo -e " ${CYAN}7.${NC} View scan results"
|
||||
echo -e " ${CYAN}8.${NC} Delete scan sessions"
|
||||
echo -e " ${CYAN}7.${NC} Check scan status"
|
||||
echo -e " ${CYAN}8.${NC} View scan results"
|
||||
echo -e " ${CYAN}9.${NC} Delete scan sessions"
|
||||
echo ""
|
||||
echo -e "${CYAN}Configuration:${NC}"
|
||||
echo -e " ${CYAN}9.${NC} Install all scanners"
|
||||
echo -e " ${CYAN}10.${NC} Scanner settings"
|
||||
echo -e " ${CYAN}10.${NC} Install all scanners"
|
||||
echo -e " ${CYAN}11.${NC} Scanner settings"
|
||||
echo ""
|
||||
echo -e " ${RED}0.${NC} Back"
|
||||
echo ""
|
||||
|
||||
# Validate choice input with retry loop
|
||||
while true; do
|
||||
read -p "Select option (0-10): " choice
|
||||
read -p "Select option (0-11): " choice
|
||||
|
||||
if ! [[ "$choice" =~ ^([0-9]|10)$ ]]; then
|
||||
if ! [[ "$choice" =~ ^([0-9]|10|11)$ ]]; then
|
||||
echo -e "${RED}Invalid option${NC}"
|
||||
sleep 1
|
||||
continue
|
||||
fi
|
||||
|
||||
case $choice in
|
||||
1) launch_standalone_scanner_menu "server"; break ;;
|
||||
2) launch_standalone_scanner_menu "all_users"; break ;;
|
||||
3) launch_standalone_scanner_menu "user"; break ;;
|
||||
4) launch_standalone_scanner_menu "domain"; break ;;
|
||||
5) launch_standalone_scanner_menu "custom"; break ;;
|
||||
6) check_standalone_status; break ;;
|
||||
7) view_scan_results; break ;;
|
||||
8) delete_standalone_sessions; break ;;
|
||||
9) install_all_scanners; break ;;
|
||||
10) scanner_settings; break ;;
|
||||
1) maldet_scan_submenu; break ;;
|
||||
2) launch_standalone_scanner_menu "server"; break ;;
|
||||
3) launch_standalone_scanner_menu "all_users"; break ;;
|
||||
4) launch_standalone_scanner_menu "user"; break ;;
|
||||
5) launch_standalone_scanner_menu "domain"; break ;;
|
||||
6) launch_standalone_scanner_menu "custom"; break ;;
|
||||
7) check_standalone_status; break ;;
|
||||
8) view_scan_results; break ;;
|
||||
9) delete_standalone_sessions; break ;;
|
||||
10) install_all_scanners; break ;;
|
||||
11) scanner_settings; break ;;
|
||||
0) return 0 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
Reference in New Issue
Block a user