def run(self):
print(u'\n\033[1;33m%s\033[0m' % self.name)
print(u' %s%s' % (align("[1]exe check"), printf(self.exe_check())))
print(u' %s%s' %
(align("[2]shell check"), printf(self.shell_check())))
print(u' %s%s' %
(align("[3]cpu mem check"), printf(self.cpu_mem_check())))
for detail in self.suspicious_proc:
print(u' [*]File:%s[*]Detail:%s' %
(align(detail[0]), detail[1]))
def run(self):
print(u'\n\033[1;33m%s\033[0m' % self.name)
print(u' %s%s' % (align("[1]wtmp check"), printf(self.wtmp_check())))
print(u' %s%s' % (align("[2]utmp check"), printf(self.utmp_check())))
print(u' %s%s' %
(align("[3]lastlog check"), printf(self.lastlog_check())))
print(u' %s%s' %
(align("[4]authlog check"), printf(self.authlog_check())))
for detail in self.suspicious_log:
print(u' [*]File:%s[*]Detail:%s' %
(align(detail[0], width=30), detail[1]))
def run(self):
print(u"\n\033[1;33m%s\033[0m" % self.name)
print(u" %s%s" %
(align("[1]root user check"), printf(self.root_check())))
print(u" %s%s" %
(align("[2]empty passwd check"), printf(self.empty_check())))
print(u" %s%s" %
(align("[3]sudoer check"), printf(self.sudo_check())))
print(u" %s%s" %
(align("[4]authorized check"), printf(self.authorized_check())))
print(u" %s%s" %
(align("[5]passwd file check"), printf(self.permission_check())))
for detail in self.suspicious_user:
print(u" [*]File:%sDetail:%s" % (align(detail[0]), detail[1]))
def run(self):
print(u'\n\033[1;33m%s\033[0m' % self.name)
print(u" %s%s" %
(align("[1]History file check"), printf(self.history_files())))
for detail in self.suspicious_history:
print(" [*]File:%sDetail:%s" % (align(detail[0]), detail[1]))
def run(self):
print(u'\n\033[1;33m%s\033[0m' % self.name)
print(u' %s%s' % (align("[1]LD_PRELOAD check"),printf(self.LD_PRELOAD_check())))
print(u' %s%s' % (align("[2]LD_AOUT_PRELOAD check"), printf(self.LD_AOUT_PRELOAD_check())))
print(u' %s%s' % (align("[3]LD_ELF_PRELOAD check"),printf(self.LD_ELF_PRELOAD_check())))
print(u' %s%s' % (align("[4]LD_LIBRARY_PATH check"),printf(self.LD_LIBRARY_PATH_check())))
print(u' %s%s' % (align("[5]PROMPT_COMMAND check"),printf(self.PROMPT_COMMAND_check())))
print(u' %s%s' % (align("[6]Export check"),printf(self.export_check())))
print(u' %s%s' % (align("[7]LD_SO_PRELOAD check"),printf(self.ld_so_preload())))
print(u' %s%s' % (align("[8]Cron check"),printf(self.cron_check())))
print(u' %s%s' % (align("[9]SSH backdoor check"),printf(self.SSH_check())))
print(u' %s%s' % (align("[10]SSH_softlink check"),printf(self.SSH_softlink())))
print(u' %s%s' % (align("[11]SSH wrapper check"),printf(self.SSH_wrapper_check())))
print(u' %s%s' % (align("[12]Inted check"), printf(self.inted_check())))
print(u' %s%s' % (align("[13]Xinted check"),printf(self.xinetd_check())))
print(u' %s%s' % (align("[14]Setuid check"),printf(self.setuid_check())))
print(u' %s%s' % (align("[15]Startup check"),printf(self.startup_check())))
print(u' %s%s' % (align("[16]Alias check"),printf(self.alias_check())))
print(u' %s%s' % (align("[17]Openssh check"),printf(self.openssh_check())))
print(u' %s%s' % (align("[18]Fstab check"),printf(self.fstab_check())))
print(u' %s%s' % (align("[19]Setgid check"),printf(self.setgid_check())))
print(u' %s%s' % (align("[20]PAM check"),printf(self.pam_check())))
for detail in self.suspicious_backdoor:
print(u' [*]File:%s[*]Detail:%s'%(align(detail[0]),detail[1]))