Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #proctest.pl www.securitybydefault.com
- use strict ;
- open STDERR, '>', "/dev/null";
- my @pidsno;
- while () {
- my @resultado = `ps ax -o pid --no-headers` ;
- #print @resultado ;
- foreach (@resultado) {
- $_ =~ /(\d*)$/ ;
- my $processid = $1 ;
- my $status = `ls -l /proc/$processid/exe` ;
- $status =~ /-> (.*)$/;
- my $binary = $1 ;
- my $rpmverify = `rpm -Vf $binary` ;
- if ($rpmverify) {
- my $warning = 1;
- foreach(@pidsno) {
- if ($_ =~ /$processid/){ $warning = 0}
- }
- if ($warning == 1) {
- print "El proceso [ $processid $binary ] ha sufrido modificaciones en su paquete base:\n" ;
- print "$rpmverify\n" ;
- `zenity --info --text "El proceso [ $processid $binary ] ha sufrido modificaciones en su paquete base:\n$rpmverify"` ;
- push(@pidsno, $processid) ;
- }
- }
- }
- sleep 60;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
