Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add signature to panel alerts and fix some white spacing issues #426

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add signature to panel alerts and fix some white spacing issues #426

wants to merge 1 commit into from

Conversation

JamesColeman-LW
Copy link
Contributor

Tests:

$ maldet -a /home/aeb2c860/390592c2cd.nxcli.io/test/
Linux Malware Detect v1.6.5
            (C) 2002-2023, R-fx Networks <proj@rfxn.com>
            (C) 2023, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(10012): {scan} signatures loaded: 17637 (14801 MD5 | 2053 HEX | 783 YARA | 0 USER)
maldet(10012): {scan} building file list for /home/aeb2c860/test/, this might take awhile...
maldet(10012): {scan} setting maximum execution time for 'find' file list: 28800sec
maldet(10012): {scan} setting nice scheduler priorities for all operations: cpunice 18 , ionice 6
maldet(10012): {scan} file list completed in 0s, found 732 files...
maldet(10012): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine...
maldet(10012): {scan} scan of /home/aeb2c860/test/ (732 files) in progress...
maldet(10012): {scan} processing scan results for hits: 1 hits 0 cleaned
maldet(10012): {scan} scan completed on /home/aeb2c860/test/: files 732, malware hits 1, cleaned hits 0, time 1s
maldet(10012): {scan} scan report saved, to view run: maldet --report 231106-2138.10012
maldet(10012): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 231106-2138.10012
maldet(10012): {alert} sent scan report to EMAILADDR
maldet(10012): {panel} Detecting control panel and sending alerts...
maldet(10012): {panel} Detected control panel interworx. Will send alerts to control panel account contacts.

Email received:

FILE HIT LIST:
{YARA}nex_webshell_options : /chroot/home/aeb2c860/test/infected.php

Test with quarantine:

$ maldet -a /home/aeb2c860/390592c2cd.nxcli.io/test/
Linux Malware Detect v1.6.5
            (C) 2002-2023, R-fx Networks <proj@rfxn.com>
            (C) 2023, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(15843): {scan} signatures loaded: 17637 (14801 MD5 | 2053 HEX | 783 YARA | 0 USER)
maldet(15843): {scan} building file list for /home/aeb2c860/test/, this might take awhile...
maldet(15843): {scan} setting maximum execution time for 'find' file list: 28800sec
maldet(15843): {scan} setting nice scheduler priorities for all operations: cpunice 18 , ionice 6
maldet(15843): {scan} file list completed in 0s, found 732 files...
maldet(15843): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine...
maldet(15843): {scan} scan of /home/aeb2c860/test/ (732 files) in progress...
maldet(15843): {scan} processing scan results for hits: 1 hits 0 cleaned
maldet(15843): {scan} scan completed on /home/aeb2c860/test/: files 732, malware hits 1, cleaned hits 0, time 2s
maldet(15843): {scan} scan report saved, to view run: maldet --report 231106-2142.15843
maldet(15843): {alert} sent scan report to EMAIL
maldet(15843): {panel} Detecting control panel and sending alerts...
maldet(15843): {panel} Detected control panel interworx. Will send alerts to control panel account contacts.

Email list:

FILE HIT LIST:
{YARA}nex_webshell_options : /chroot/home/aeb2c860/test/infected.php

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@JamesColeman-LW