Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update view_report() #336

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 33 additions & 22 deletions files/internals/functions
Original file line number Diff line number Diff line change
Expand Up @@ -441,6 +441,7 @@ usage $0 [ OPTION ]
e.g: maldet --report list
e.g: maldet --report 050910-1534.21135
e.g: maldet --report SCANID [email protected]
e.g: maldet --report newest [email protected]

-s, --restore FILE|SCANID
Restore file from quarantine queue to orginal path or restore all items from
Expand Down Expand Up @@ -643,7 +644,9 @@ clean_hitlist() {
}

view_report() {
# $1 is first arg passed from command line ex. $ maldet --report $1 $2
rid="$1"
# $ maldet --report list
if [ "$rid" == "list" ]; then
tmpf="$tmpdir/.areps$$"
for file in `ls $sessdir/session.[0-9]* 2> /dev/null`; do
Expand Down Expand Up @@ -674,36 +677,44 @@ view_report() {
rm -f $tmpf 2> /dev/null
exit 0
else
echo "error no report data found"
eout "{list} unable to find report data for list, check \$sessdir"
exit 1
fi
fi
if [ -f "$sessdir/session.$rid" ] && [ ! -z "$(echo $2 | grep '\@')" ]; then
if [ -f "$mail" ]; then
cat $sessdir/session.$rid | $mail -s "$email_subj" "$2"
elif [ -f "$sendmail" ]; then
if ! grep -q "SUBJECT: " "$sessdir/session.$rid"; then
echo -e "SUBJECT: $email_subj\n$(cat $sessdir/session.$rid)" > $sessdir/session.$rid
fi
cat $sessdir/session.$rid | $sendmail -t "$2"
# If no SCANID is provided or "recent" then set $rid to most recent.
# $ maldet --report "" or $maldet --report newest
if { [ "$rid" == "" ] || [ "$rid" == "newest" ]; } && [ -f "$sessdir/session.last" ]; then
rid=`cat $sessdir/session.last`
fi
# make sure report exists
if [ -f "$sessdir/session.$rid" ]; then
# if email is provided then send the report and exit
if [ ! -z "$(echo $2 | grep '\@')" ]; then
if [ -f "$mail" ]; then
cat $sessdir/session.$rid | $mail -s "$email_subj" "$2"
elif [ -f "$sendmail" ]; then
if ! grep -q "SUBJECT: " "$sessdir/session.$rid"; then
echo -e "SUBJECT: $email_subj\n$(cat $sessdir/session.$rid)" > $sessdir/session.$rid
fi
cat $sessdir/session.$rid | $sendmail -t "$2"
else
# eout is an internal function to log to maldet_log and echo
eout "{scan} no \$mail or \$sendmail binaries found, e-mail alerts disabled."
exit
fi
eout "{report} report ID $rid sent to $2" 1
exit
# no email is provided so show report and exit
else
eout "{scan} no \$mail or \$sendmail binaries found, e-mail alerts disabled."
exit
printf '%b\n' "$(cat $sessdir/session.$rid)"
exit
fi

eout "{report} report ID $rid sent to $2" 1
exit
fi
if [ "$rid" == "" ] && [ -f "$sessdir/session.last" ]; then
rid=`cat $sessdir/session.last`
$EDITOR $sessdir/session.$rid
elif [ -f "$sessdir/session.$rid" ]; then
$EDITOR $sessdir/session.$rid
# can't find requested report so log & echo error
else
echo "{report} no report found, aborting."
eout "{report} unable to find report session.\$rid, aborting."
exit
fi
}
}

view() {
echo "Viewing last 50 lines from $maldet_log:"
Expand Down