head	1.5;
access;
symbols
	pkgsrc-2026Q1:1.5.0.20
	pkgsrc-2026Q1-base:1.5
	pkgsrc-2025Q4:1.5.0.18
	pkgsrc-2025Q4-base:1.5
	pkgsrc-2025Q3:1.5.0.16
	pkgsrc-2025Q3-base:1.5
	pkgsrc-2025Q2:1.5.0.14
	pkgsrc-2025Q2-base:1.5
	pkgsrc-2025Q1:1.5.0.12
	pkgsrc-2025Q1-base:1.5
	pkgsrc-2024Q4:1.5.0.10
	pkgsrc-2024Q4-base:1.5
	pkgsrc-2024Q3:1.5.0.8
	pkgsrc-2024Q3-base:1.5
	pkgsrc-2024Q2:1.5.0.6
	pkgsrc-2024Q2-base:1.5
	pkgsrc-2024Q1:1.5.0.4
	pkgsrc-2024Q1-base:1.5
	pkgsrc-2023Q4:1.5.0.2
	pkgsrc-2023Q4-base:1.5
	pkgsrc-2023Q3:1.3.0.68
	pkgsrc-2023Q3-base:1.3
	pkgsrc-2023Q2:1.3.0.66
	pkgsrc-2023Q2-base:1.3
	pkgsrc-2023Q1:1.3.0.64
	pkgsrc-2023Q1-base:1.3
	pkgsrc-2022Q4:1.3.0.62
	pkgsrc-2022Q4-base:1.3
	pkgsrc-2022Q3:1.3.0.60
	pkgsrc-2022Q3-base:1.3
	pkgsrc-2022Q2:1.3.0.58
	pkgsrc-2022Q2-base:1.3
	pkgsrc-2022Q1:1.3.0.56
	pkgsrc-2022Q1-base:1.3
	pkgsrc-2021Q4:1.3.0.54
	pkgsrc-2021Q4-base:1.3
	pkgsrc-2021Q3:1.3.0.52
	pkgsrc-2021Q3-base:1.3
	pkgsrc-2021Q2:1.3.0.50
	pkgsrc-2021Q2-base:1.3
	pkgsrc-2021Q1:1.3.0.48
	pkgsrc-2021Q1-base:1.3
	pkgsrc-2020Q4:1.3.0.46
	pkgsrc-2020Q4-base:1.3
	pkgsrc-2020Q3:1.3.0.44
	pkgsrc-2020Q3-base:1.3
	pkgsrc-2020Q2:1.3.0.40
	pkgsrc-2020Q2-base:1.3
	pkgsrc-2020Q1:1.3.0.20
	pkgsrc-2020Q1-base:1.3
	pkgsrc-2019Q4:1.3.0.42
	pkgsrc-2019Q4-base:1.3
	pkgsrc-2019Q3:1.3.0.38
	pkgsrc-2019Q3-base:1.3
	pkgsrc-2019Q2:1.3.0.36
	pkgsrc-2019Q2-base:1.3
	pkgsrc-2019Q1:1.3.0.34
	pkgsrc-2019Q1-base:1.3
	pkgsrc-2018Q4:1.3.0.32
	pkgsrc-2018Q4-base:1.3
	pkgsrc-2018Q3:1.3.0.30
	pkgsrc-2018Q3-base:1.3
	pkgsrc-2018Q2:1.3.0.28
	pkgsrc-2018Q2-base:1.3
	pkgsrc-2018Q1:1.3.0.26
	pkgsrc-2018Q1-base:1.3
	pkgsrc-2017Q4:1.3.0.24
	pkgsrc-2017Q4-base:1.3
	pkgsrc-2017Q3:1.3.0.22
	pkgsrc-2017Q3-base:1.3
	pkgsrc-2017Q2:1.3.0.18
	pkgsrc-2017Q2-base:1.3
	pkgsrc-2017Q1:1.3.0.16
	pkgsrc-2017Q1-base:1.3
	pkgsrc-2016Q4:1.3.0.14
	pkgsrc-2016Q4-base:1.3
	pkgsrc-2016Q3:1.3.0.12
	pkgsrc-2016Q3-base:1.3
	pkgsrc-2016Q2:1.3.0.10
	pkgsrc-2016Q2-base:1.3
	pkgsrc-2016Q1:1.3.0.8
	pkgsrc-2016Q1-base:1.3
	pkgsrc-2015Q4:1.3.0.6
	pkgsrc-2015Q4-base:1.3
	pkgsrc-2015Q3:1.3.0.4
	pkgsrc-2015Q3-base:1.3
	pkgsrc-2015Q2:1.3.0.2
	pkgsrc-2015Q2-base:1.3
	pkgsrc-2015Q1:1.2.0.16
	pkgsrc-2015Q1-base:1.2
	pkgsrc-2014Q4:1.2.0.14
	pkgsrc-2014Q4-base:1.2
	pkgsrc-2014Q3:1.2.0.12
	pkgsrc-2014Q3-base:1.2
	pkgsrc-2014Q2:1.2.0.10
	pkgsrc-2014Q2-base:1.2
	pkgsrc-2014Q1:1.2.0.8
	pkgsrc-2014Q1-base:1.2
	pkgsrc-2013Q4:1.2.0.6
	pkgsrc-2013Q4-base:1.2
	pkgsrc-2013Q3:1.2.0.4
	pkgsrc-2013Q3-base:1.2
	pkgsrc-2013Q2:1.2.0.2
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2013Q1:1.1.0.26
	pkgsrc-2013Q1-base:1.1
	pkgsrc-2012Q4:1.1.0.24
	pkgsrc-2012Q4-base:1.1
	pkgsrc-2012Q3:1.1.0.22
	pkgsrc-2012Q3-base:1.1
	pkgsrc-2012Q2:1.1.0.20
	pkgsrc-2012Q2-base:1.1
	pkgsrc-2012Q1:1.1.0.18
	pkgsrc-2012Q1-base:1.1
	pkgsrc-2011Q4:1.1.0.16
	pkgsrc-2011Q4-base:1.1
	pkgsrc-2011Q3:1.1.0.14
	pkgsrc-2011Q3-base:1.1
	pkgsrc-2011Q2:1.1.0.12
	pkgsrc-2011Q2-base:1.1
	pkgsrc-2011Q1:1.1.0.10
	pkgsrc-2011Q1-base:1.1
	pkgsrc-2010Q4:1.1.0.8
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.6
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.4
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.2
	pkgsrc-2010Q1-base:1.1;
locks; strict;
comment	@# @;


1.5
date	2023.10.17.19.24.04;	author triaxx;	state Exp;
branches;
next	1.4;
commitid	j3pni7TKYdDVT0JE;

1.4
date	2023.10.16.20.55.52;	author triaxx;	state Exp;
branches;
next	1.3;
commitid	BDY9TDQf7XTVrTIE;

1.3
date	2015.04.29.15.55.47;	author christos;	state Exp;
branches;
next	1.2;
commitid	rHcQwrcP9UCjbvjy;

1.2
date	2013.06.16.10.11.58;	author shattered;	state Exp;
branches;
next	1.1;
commitid	wryjjqSXBLXrcPTw;

1.1
date	2010.02.25.07.15.42;	author agc;	state Exp;
branches;
next	;


desc
@@


1.5
log
@chkrootkit: Update to 0.58b

pkgsrc changes:
---------------
  * Update to latest release.
  * Update MASTER_SITES.

upstream changes:
-----------------
10/13/2016 - Version 0.51 Mumblehard backdoor/botnet detection
  Linux.Xor.DDoS Malware
  Malicious TinyDNS detection
  Backdoors.Linux.Mokes.a detection
  Minor bug fixes

13/03/2017 - Version 0.52 Linux.Proxy.10 detection
  strings.c & chkutmp.c bug fixes

01/25/2019 - Version 0.53 Rocke Monero Miner detection
  Added ss support
  ifconfig.c bug fixes
  Minor bug fixes

12/24/2020 - Version 0.54 PWNLNX4 and 6 Rootkits detection
  BTRFS bug fix
  Fedora bug fix
  Bug fix release

06/10/2021 - Version 0.55 Umbreon Linux Rootkit detection
  Kinsing.A Backdoor
  RotaJakito Backdoor
  Minor bug fixes

12/22/2022 - Version 0.56 Kovid rootkit
  Syslogk rootkit
  Minor bug fixes

01/13/2023 - Version 0.57 bug fix release

06/29/2023 - Version 0.58
  New option to avoid scanning network filesystems (-T)
  Linux BPFDoor Malware
  Minor buf fixes
@
text
@$NetBSD: patch-ad,v 1.4 2023/10/16 20:55:52 triaxx Exp $

- Add NetBSD to the list of OS's
- Handle a false positive for NetBSD's netstat

--- chkrootkit.orig	2009-07-30 14:10:54.000000000 +0000
+++ chkrootkit
@@@@ -528,7 +528,7 @@@@ ${ROOTDIR}/usr/include/syslogs.h ${ROOTD
 
 
        ### OpenBSD rootkit v1
-       if [ \( "$SYSTEM" != "SunOS" -a ${SYSTEM} != "Linux" \) -a ! -f /usr/lib/security/libgcj.security ]
+       if [ "$SYSTEM" != "SunOS" -a "$SYSTEM" != "Linux" -a "$SYSTEM" != "NetBSD" -a ! -f /usr/lib/security/libgcj.security ]
           then
           expertmode_output "${find} ${ROOTDIR}usr/lib/security"
        fi
@@@@ -1010,7 +1010,7 @@@@ ${find} ${ROOTDIR}usr/sbin -name in.slog
    fi
 
    ### OpenBSD rootkit v1
-   if [ \( "${SYSTEM}" != "SunOS" -a ${SYSTEM} != "Linux" \) -a ! -f ${ROOTDIR}usr/lib/security/libgcj.security ]; then
+   if [ "$SYSTEM" != "SunOS" -a "$SYSTEM" != "Linux" -a "$SYSTEM" != "NetBSD" -a ! -f /usr/lib/security/libgcj.security ]; then
       files=""
       if [ "${QUIET}" != "t" ];then printn "Searching for OBSD rk v1... "; fi
       files=`${find} ${ROOTDIR}usr/lib/security 2>/dev/null`
@@@@ -1876,7 +1876,13 @@@@
 
 chk_netstat () {
     STATUS=${NOT_INFECTED}
-NETSTAT_I_L="/dev/hdl0/dev/xdta|/dev/ttyoa|/dev/pty[pqrsx]|/dev/cui|/dev/hdn0|/dev/cui221|/dev/dszy|/dev/ddth3|/dev/caca|^/prof|/dev/tux|grep|addr\.h|__bzero"
+NETSTAT_I_L="/dev/hdl0/dev/xdta|/dev/ttyoa|/dev/pty[pqrsx]|/dev/cui|/dev/hdn0|/dev/cui221|/dev/dszy|/dev/ddth3|/dev/caca|^/prof|/dev/tux|addr\.h|__bzero"
+
+    case "${SYSTEM}"  in
+    NetBSD)	;;	# NetBSD contains "mobile_regreply"
+    *)	NETSTAT_I_L="${NETSTAT_I_L}|grep";;
+    esac
+
     CMD=`loc netstat netstat $pth`
 
     if [ "${EXPERT}" = "t" ]; then
@


1.4
log
@chkrootkit: Fix build on Darwin
@
text
@d1 1
a1 1
$NetBSD: patch-ad,v 1.3 2015/04/29 15:55:47 christos Exp $
d8 1
a8 1
@@@@ -512,7 +512,7 @@@@ ${ROOTDIR}/usr/include/syslogs.h ${ROOTD
d17 1
a17 1
@@@@ -937,7 +937,7 @@@@ ${find} ${ROOTDIR}usr/sbin -name in.slog
d26 1
a26 1
@@@@ -1599,7 +1599,13 @@@@
@


1.3
log
@- fix false positive for netstat
- fix compilation mistake
@
text
@d1 1
a1 1
$NetBSD: patch-ad,v 1.2 2013/06/16 10:11:58 shattered Exp $
d8 1
a8 1
@@@@ -509,7 +509,7 @@@@ ${ROOTDIR}/usr/include/syslogs.h ${ROOTD
d17 1
a17 1
@@@@ -931,7 +931,7 @@@@ ${find} ${ROOTDIR}usr/sbin -name in.slog
@


1.2
log
@Update to 0.49 (released in 2011).  No change log.
@
text
@d1 4
a4 1
$NetBSD$
d26 15
@


1.1
log
@add licensing info

modern NetBSD has PAM - add a patch so that this is recognised

there is no reason not to run this on modern NetBSD systems - remove the
old NOT_FOR_PLATFORM, since this runs just fine on NetBSD 5.99.20
@
text
@d3 3
a5 5
modern NetBSD has PAM too

--- chkrootkit	2010/02/24 22:13:30	1.1
+++ chkrootkit	2010/02/24 22:12:34
@@@@ -476,7 +476,7 @@@@
d9 2
a10 2
-       if [ "$SYSTEM" != "SunOS" -a ! -f /usr/lib/security/libgcj.security ]
+       if [ "$SYSTEM" != "SunOS" -a "$SYSTEM" != "NetBSD" -a ! -f /usr/lib/security/libgcj.security ]
d14 1
a14 1
@@@@ -893,7 +893,7 @@@@
d18 2
a19 2
-   if [ "${SYSTEM}" != "SunOS" -a ! -f ${ROOTDIR}usr/lib/security/libgcj.security ]; then
+   if [ "${SYSTEM}" != "SunOS" -a "$SYSTEM" != "NetBSD" -a ! -f ${ROOTDIR}usr/lib/security/libgcj.security ]; then
@