diff options
| author |   Martin Holzer <mholzer@gentoo.org> | 2004-07-07 22:29:32 +0000 |
|---|---|---|
| committer | Martin Holzer <mholzer@gentoo.org> | 2004-07-07 22:29:32 +0000 |
| commit | adec8fde5747430af8d54ee7f1ee02350ecfc3fa (patch) | |
| tree | 56b6563d4198b4e521f48491c000bcec5f1380c0 | |
| parent | Stablize for x86; tidy (Manifest recommit) (diff) | |
| download | gentoo-2-adec8fde5747430af8d54ee7f1ee02350ecfc3fa.tar.gz gentoo-2-adec8fde5747430af8d54ee7f1ee02350ecfc3fa.tar.bz2 gentoo-2-adec8fde5747430af8d54ee7f1ee02350ecfc3fa.zip | |
fixing a forgotten string.
| -rw-r--r-- | app-admin/chkrootkit/ChangeLog | 9 | ||||
| -rw-r--r-- | app-admin/chkrootkit/Manifest | 24 | ||||
| -rw-r--r-- | app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild | 4 | ||||
| -rw-r--r-- | app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild | 35 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff | 977 | ||||
| -rw-r--r-- | app-admin/chkrootkit/files/digest-chkrootkit-0.43-r2 | 1 |
6 files changed, 1037 insertions, 13 deletions
diff --git a/app-admin/chkrootkit/ChangeLog b/app-admin/chkrootkit/ChangeLog index 02d7769a4f4a..a18410bdfee6 100644 --- a/app-admin/chkrootkit/ChangeLog +++ b/app-admin/chkrootkit/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for app-admin/chkrootkit # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/ChangeLog,v 1.32 2004/07/03 11:44:04 pyrania Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/ChangeLog,v 1.33 2004/07/07 22:29:32 mholzer Exp $ + +*chkrootkit-0.43-r2 (08 Jul 2004) + + 08 Jul 2004; Martin Holzer <mholzer@gentoo.org> + +files/chkrootkit-0.43-r2-gentoo.diff, chkrootkit-0.43-r1.ebuild, + +chkrootkit-0.43-r2.ebuild: + fixing a forgotten string. *chkrootkit-0.43-r1 (03 Jul 2004) diff --git a/app-admin/chkrootkit/Manifest b/app-admin/chkrootkit/Manifest index 852f9aa3783d..46e79099170a 100644 --- a/app-admin/chkrootkit/Manifest +++ b/app-admin/chkrootkit/Manifest @@ -1,16 +1,20 @@ -MD5 4204838c010e163af0fdae2cb5b3d431 ChangeLog 4103 -MD5 f746627867c6acedf3102019aa4521ff chkrootkit-0.37.ebuild 744 MD5 1e75833b42a953a052c906362c385ec3 chkrootkit-0.43-r1.ebuild 887 -MD5 1652522405f5936eb29776ef8d5ffa5b metadata.xml 310 +MD5 f746627867c6acedf3102019aa4521ff chkrootkit-0.37.ebuild 744 MD5 87ad17000b825940390dd435d3374c30 chkrootkit-0.42b.ebuild 917 MD5 8504a0702cb50555ee5f329a0391aa16 chkrootkit-0.43.ebuild 882 -MD5 cb48ba04bfdc24c6ab155896f6c13344 files/chkrootkit-0.43-gentoo.diff 30128 -MD5 4a7462549213c3ef88c11df667b2eeda files/chkrootkit-0.41-gentoo.diff 30253 -MD5 3259dda202b238de8bc2fb5b23a298c6 files/chkrootkit-0.42b-gentoo.diff 30932 -MD5 be7c7597652c846de193642182e3d69e files/digest-chkrootkit-0.42b 67 +MD5 1e75833b42a953a052c906362c385ec3 chkrootkit-0.43-r2.ebuild 887 +MD5 1652522405f5936eb29776ef8d5ffa5b metadata.xml 310 +MD5 4204838c010e163af0fdae2cb5b3d431 ChangeLog 4103 +MD5 f97957a94793b86fd018b32e44811f89 files/chkrootkit-0.37-gentoo.diff 4531 +MD5 e403f736d82cbf43e0780a5bb62993cb files/digest-chkrootkit-0.43 66 MD5 7fc015bb14817d40e62bb17ca3a2b968 files/chkrootkit-0.43-r1-gentoo.diff 30730 +MD5 8bc5937bf9b751274879df6b15b4a1e5 files/chkrootkit-0.43-r2-gentoo.diff 30774 +MD5 3259dda202b238de8bc2fb5b23a298c6 files/chkrootkit-0.42b-gentoo.diff 30932 +MD5 4a7462549213c3ef88c11df667b2eeda files/chkrootkit-0.41-gentoo.diff 30253 MD5 e9f2cc0eace779d1cad291deb9d9c7e1 files/chkrootkit-0.39a-gentoo.diff 28218 -MD5 e403f736d82cbf43e0780a5bb62993cb files/digest-chkrootkit-0.43 66 -MD5 f97957a94793b86fd018b32e44811f89 files/chkrootkit-0.37-gentoo.diff 4531 -MD5 7cf45be07aafbbaa3252ce9ece31d5b6 files/digest-chkrootkit-0.37 66 MD5 e403f736d82cbf43e0780a5bb62993cb files/digest-chkrootkit-0.43-r1 66 +MD5 be7c7597652c846de193642182e3d69e files/digest-chkrootkit-0.42b 67 +MD5 e403f736d82cbf43e0780a5bb62993cb files/digest-chkrootkit-0.43-r2 66 +MD5 a9b4526721b218dde0668793cd0ec084 files/.chkrootkit-0.42b-gentoo.diff.swp 16384 +MD5 7cf45be07aafbbaa3252ce9ece31d5b6 files/digest-chkrootkit-0.37 66 +MD5 cb48ba04bfdc24c6ab155896f6c13344 files/chkrootkit-0.43-gentoo.diff 30128 diff --git a/app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild b/app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild index f0ab29a3f350..e032d6b8f49f 100644 --- a/app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild +++ b/app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild,v 1.1 2004/07/03 11:44:04 pyrania Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43-r1.ebuild,v 1.2 2004/07/07 22:29:32 mholzer Exp $ inherit eutils @@ -19,7 +19,7 @@ DEPEND="virtual/libc src_unpack() { unpack ${A} cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff + epatch ${FILESDIR}/${PF}-gentoo.diff sed -i 's:${head} -:${head} -n :' chkrootkit } diff --git a/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild b/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild new file mode 100644 index 000000000000..46cf584b6a4c --- /dev/null +++ b/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/chkrootkit/chkrootkit-0.43-r2.ebuild,v 1.1 2004/07/07 22:29:32 mholzer Exp $ + +inherit eutils + +DESCRIPTION="a tool to locally check for signs of a rootkit" +HOMEPAGE="http://www.chkrootkit.org/" +SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz" + +LICENSE="AMS" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~alpha ~ia64 ~amd64" +IUSE="" + +DEPEND="virtual/libc + >=sys-apps/sed-4" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/${PF}-gentoo.diff + sed -i 's:${head} -:${head} -n :' chkrootkit +} + +src_compile() { + make sense || die + make strings || die +} + +src_install() { + dosbin check_wtmpx chklastlog chkproc chkrootkit chkwtmp ifpromisc || die + newsbin strings strings-static || die + dodoc README README.chklastlog README.chkwtmp +} diff --git a/app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff b/app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff new file mode 100644 index 000000000000..a9e028136068 --- /dev/null +++ b/app-admin/chkrootkit/files/chkrootkit-0.43-r2-gentoo.diff @@ -0,0 +1,977 @@ +--- chkrootkit.org 2004-07-08 02:22:29.000000000 +0200 ++++ chkrootkit 2004-07-08 02:24:49.000000000 +0200 +@@ -10,6 +10,14 @@ + # (C)1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others. + # All rights reserved + ++# Gentoo specific : Could use `type <command> | cut -f 3 -d " "` ++IFPROMISC="/usr/sbin/ifpromisc" ++CHKLASTLOG="/usr/sbin/chklastlog" ++CHKPROC="/usr/sbin/chkproc" ++CHKWTMP="/usr/sbin/chkwtmp" ++CHECK_WTMPX="/usr/sbin/check_wtmpx" ++STRINGS="/usr/sbin/strings-static" ++ + ### workaround for some Bourne shell implementations + unalias login > /dev/null 2>&1 + unalias ls > /dev/null 2>&1 +@@ -116,7 +124,7 @@ + + if [ "${EXPERT}" = "t" ]; then + expertmode_output "${egrep} ^asp ${ROOTDIR}etc/inetd.conf" +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +@@ -132,7 +140,7 @@ + STATUS=${INFECTED} + fi + +- if ${strings} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${ASP_LABEL}" >/dev/null 2>&1 + then + echo "INFECTED" + STATUS=${INFECTED} +@@ -151,20 +159,20 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "./ifpromisc" -v ++ expertmode_output "${IFPROMISC}" -v + return 5 + fi +- if [ ! -x ./ifpromisc ]; then +- echo "not tested: can't exec ./ifpromisc" ++ if [ ! -x ${IFPROMISC} ]; then ++ echo "not tested: can't exec ${IFPROMISC}" + return ${NOT_TESTED} + else +- [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q ++ [ "${QUIET}" != "t" ] && ${IFPROMISC} -v || ${IFPROMISC} -q + fi + } + + z2 () { +- if [ ! -x ./chklastlog ]; then +- echo "not tested: can't exec ./chklastlog" ++ if [ ! -x ${CHKLASTLOG} ]; then ++ echo "not tested: can't exec ${CHKLASTLOG}" + return ${NOT_TESTED} + fi + +@@ -178,32 +186,32 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}" ++ expertmode_output "${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG}" + return 5 + fi + +- if ./chklastlog -f ${WTMP} -l ${LASTLOG} ++ if ${CHKLASTLOG} -f ${WTMP} -l ${LASTLOG} + then + if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi + fi + } + + wted () { +- if [ ! -x ./chkwtmp ]; then +- echo "not tested: can't exec ./chkwtmp" ++ if [ ! -x ${CHKWTMP} ]; then ++ echo "not tested: can't exec ${CHKWTMP}" + return ${NOT_TESTED} + fi + + if [ "$SYSTEM" = "SunOS" ]; then +- if [ ! -x ./check_wtmpx ]; then +- echo "not tested: can't exec ./check_wtmpx" ++ if [ ! -x ${CHECK_WTMPX} ]; then ++ echo "not tested: can't exec ${CHECK_WTMPX}" + else + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "./check_wtmpx" ++ expertmode_output "${CHECK_WTMPX}" + return 5 + fi + if [ -f ${ROOTDIR}var/adm/wtmp ]; then +- if ./check_wtmpx ++ if ${CHECK_WTMPX} + then + if [ "${QUIET}" != "t" ]; then \ + echo "nothing deleted in /var/adm/wtmpx"; fi +@@ -214,12 +222,12 @@ + WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "./chkwtmp -f ${WTMP}" ++ expertmode_output "${CHKWTMP} -f ${WTMP}" + return 5 + fi + fi + +- if ./chkwtmp -f ${WTMP} ++ if ${CHKWTMP} -f ${WTMP} + then + if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi + fi +@@ -258,7 +266,7 @@ + prog="" + if [ \( "${SYSTEM}" = "Linux" -o \( "${SYSTEM}" = "FreeBSD" -a \ + ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then +- [ ! -x ./chkproc ] && prog="./chkproc" ++ [ ! -x ${CHKPROC} ] && prog="${CHKPROC}" + [ ! -x ./chkdirs ] && prog="$prog ./chkdirs" + if [ "$prog" != "" ]; then + # echo "not tested: can't exec $prog" +@@ -268,7 +276,7 @@ + if [ "${EXPERT}" = "t" ]; then + [ -r /proc/ksyms ] && ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null + [ -d /proc/knark ] && ${ls} -la /proc/knark 2> /dev/null +- expertmode_output "./chkproc -v -v" ++ expertmode_output "${CHKPROC} -v -v" + return 5 + fi + +@@ -289,7 +297,7 @@ + echo "Warning: Knark LKM installed" + fi + +- if ./chkproc ++ if ${CHKPROC} + then + if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi + else +@@ -465,7 +473,7 @@ + ${egrep} "\.hk" ${ROOTDIR}etc/rc.d/init.d/network 2>/dev/null + + ## Suckit rootkit +- expertmode_output "${strings} ${ROOTDIR}sbin/init | ${egrep} HOME" ++ expertmode_output "${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME" + expertmode_output "cat ${ROOTDIR}proc/1/maps | ${egrep} init." + + ## Volc rootkit +@@ -890,7 +898,7 @@ + ### Suckit + if [ -f ${ROOTDIR}sbin/init ]; then + if [ "${QUIET}" != "t" ];then printn "Searching for Suckit rootkit ... "; fi +- if [ ${SYSTEM} != "HP-UX" ] && ( ${strings} ${ROOTDIR}sbin/init | ${egrep} HOME || \ ++ if [ ${SYSTEM} != "HP-UX" ] && ( ${STRINGS} ${ROOTDIR}sbin/init | ${egrep} HOME || \ + cat ${ROOTDIR}/proc/1/maps | ${egrep} "init." ) >/dev/null 2>&1 + then + echo "Warning: ${ROOTDIR}sbin/init INFECTED" +@@ -1068,20 +1076,20 @@ + STATUS=${NOT_INFECTED} + CMD=`loc chfn chfn $pth` + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + + case "${SYSTEM}" in + Linux) +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi;; + FreeBSD) + [ $V -gt 50 ] && n=1 || n=2 +- if [ `${strings} -a ${CMD} | \ ++ if [ `${STRINGS} -a ${CMD} | \ + ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] + then + STATUS=${INFECTED} +@@ -1096,16 +1104,16 @@ + REDHAT_PAM_LABEL="*NOT*" + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + + case "${SYSTEM}" in + Linux) +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ + >/dev/null 2>&1 + then +- if ${strings} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${REDHAT_PAM_LABEL}" \ + >/dev/null 2>&1 + then + : +@@ -1115,7 +1123,7 @@ + fi;; + FreeBSD) + [ $V -gt 50 ] && n=1 || n=2 +- if [ `${strings} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] ++ if [ `${STRINGS} -a ${CMD} | ${egrep} -c "${GENERIC_ROOTKIT_LABEL}"` -ne $n ] + then + STATUS=${INFECTED} + fi;; +@@ -1128,13 +1136,13 @@ + CMD=`loc login login $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + + if [ "$SYSTEM" = "SunOS" ]; then + TROJED_L_L="porcao|/bin/xstat" +- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" >/dev/null 2>&1 ]; then + return ${INFECTED} + else + return ${NOT_TESTED} +@@ -1142,7 +1150,7 @@ + fi + GENERAL="^root$" + TROJED_L_L="vejeta|xlogin|^@\(#\)klogin\.c|lets_log|sukasuka|/usr/lib/.ark?|SucKIT" +- ret=`${strings} -a ${CMD} | ${egrep} -c "${GENERAL}"` ++ ret=`${STRINGS} -a ${CMD} | ${egrep} -c "${GENERAL}"` + if [ ${ret} -gt 0 ]; then + case ${ret} in + 1) [ "${SYSTEM}" = "OpenBSD" -a ${V} -le 27 -o ${V} -ge 30 ] && \ +@@ -1153,7 +1161,7 @@ + *) STATUS=${INFECTED};; + esac + fi +- if ${strings} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TROJED_L_L}" 2>&1 >/dev/null + then + STATUS=${INFECTED} + fi +@@ -1169,14 +1177,14 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + fi + + if [ "${SYSTEM}" = "OpenBSD" -o "${SYSTEM}" = "SunOS" ] + then + return ${NOT_TESTED} + fi +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}|/lib/security" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1194,11 +1202,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1217,11 +1225,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${SYSLOG_I_L}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1238,11 +1246,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${HDPARM_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1260,11 +1268,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GPM_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1282,11 +1290,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${MINGETTY_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1304,11 +1312,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${SENDMAIL_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1322,11 +1330,11 @@ + CMD=`loc ls ls $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${LS_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1339,11 +1347,11 @@ + CMD=`loc du du $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${DU_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1363,11 +1371,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${NAMED_I_L}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1381,11 +1389,11 @@ + CMD=`loc netstat netstat $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${NETSTAT_I_L}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -1400,11 +1408,11 @@ + CMD=`loc ps ps $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${PS_I_L}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1422,11 +1430,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${PSTREE_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1444,11 +1452,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1466,11 +1474,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1488,11 +1496,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1505,18 +1513,18 @@ + + if [ "${SYSTEM}" = "Linux" ] + then +- if [ ! -x ./strings-static ]; then +- printn "can't exec ./strings-static, " ++ if [ ! -x ${STRINGS} ]; then ++ printn "can't exec ${STRINGS}, " + return ${NOT_TESTED} + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "./strings -a ${CMD}" ++ expertmode_output "{STRINGS} -a ${CMD}" + return 5 + fi + + ### strings must be a statically linked binary. +- if ./strings-static -a ${CMD} > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1531,11 +1539,11 @@ + CMD=`loc basename basename $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1555,11 +1563,11 @@ + CMD=`loc dirname dirname $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1580,11 +1588,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1596,12 +1604,12 @@ + CMD=`loc rpcinfo rpcinfo $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1618,19 +1626,19 @@ + CMD=`loc date date $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + [ "${SYSTEM}" = "FreeBSD" -a $V -gt 50 ] && + { +- if [ `${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ ++ if [ `${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" | \ + ${egrep} -c "$S_L"` -ne 2 ]; then + STATUS=${INFECTED} + fi + } || + { +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1647,12 +1655,12 @@ + CMD=`loc echo echo $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1668,12 +1676,12 @@ + CMD=`loc env env $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1695,11 +1703,11 @@ + fi + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1713,11 +1721,11 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1732,11 +1740,11 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${INIT_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1750,11 +1758,11 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1768,11 +1776,11 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1784,12 +1792,12 @@ + CMD=`loc write write $pth` + WRITE_ROOTKIT_LABEL="bash|elite$|vejeta|\.ark" + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${WRITE_ROOTKIT_LABEL}" | grep -v locale > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1806,11 +1814,11 @@ + W_INFECTED_LABEL="uname -a" + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${W_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1826,11 +1834,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${VDIR_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1862,7 +1870,7 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + STATUS=${INFECTED} +@@ -1879,12 +1887,12 @@ + MAIL_INFECTED_LABEL="sh -i" + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${MAIL_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1904,12 +1912,12 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GENERIC_ROOTKIT_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1926,11 +1934,11 @@ + CMD=`loc egrep egrep $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${EGREP_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1943,12 +1951,12 @@ + CMD=`loc grep grep $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + expertmode_output "${ls} -l ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${GREP_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1970,11 +1978,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TOP_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -1992,10 +2000,10 @@ + fi + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${RLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2010,10 +2018,10 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${LSOF_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2028,10 +2036,10 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${AMD_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2046,10 +2054,10 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${SLOGIN_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2068,10 +2076,10 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi +- if ${strings} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${CRON_INFECTED_LABEL}" >/dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2083,18 +2091,18 @@ + CMD="${ROOTDIR}sbin/ifconfig" + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + + IFCONFIG_NOT_INFECTED_LABEL="PROMISC" + IFCONFIG_INFECTED_LABEL="/dev/tux|/session.null" +- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_NOT_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${NOT_INFECTED} + fi +- if ${strings} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${IFCONFIG_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -2114,12 +2122,12 @@ + return ${NOT_FOUND} + fi + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + + RSHD_INFECTED_LABEL="HISTFILE" +- if ${strings} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${RSHD_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + if ${egrep} "^#.*rshd" ${ROOTDIR}etc/inetd.conf >/dev/null 2>&1 -o \ +@@ -2155,11 +2163,11 @@ + [ "tcpd" = "${CMD}" ] && return ${NOT_FOUND}; + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TCPD_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2176,11 +2184,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${SSHD2_INFECTED_LABEL}" \ + > /dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -2197,11 +2205,11 @@ + CMD=`loc su su $pth` + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 ++ if ${STRINGS} -a ${CMD} | ${egrep} "${SU_INFECTED_LABEL}" > /dev/null 2>&1 + then + STATUS=${INFECTED} + fi +@@ -2221,11 +2229,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${FINGER_INFECTED_LABEL}" \ + > /dev/null 2>&1 + then + STATUS=${INFECTED} +@@ -2273,11 +2281,11 @@ + fi + + if [ "${EXPERT}" = "t" ]; then +- expertmode_output "${strings} -a ${CMD}" ++ expertmode_output "${STRINGS} -a ${CMD}" + return 5 + fi + +- if ${strings} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ ++ if ${STRINGS} -a ${CMD} | ${egrep} "${TELNETD_INFECTED_LABEL}" \ + >/dev/null 2>&1 + then + STATUS=${INFECTED} diff --git a/app-admin/chkrootkit/files/digest-chkrootkit-0.43-r2 b/app-admin/chkrootkit/files/digest-chkrootkit-0.43-r2 new file mode 100644 index 000000000000..95c0defa2730 --- /dev/null +++ b/app-admin/chkrootkit/files/digest-chkrootkit-0.43-r2 @@ -0,0 +1 @@ +MD5 08646b9bf3a9dc45c25a40946962a839 chkrootkit-0.43.tar.gz 33355 |