Skip to content

Instantly share code, notes, and snippets.

@voicenoise

voicenoise/maldet.sh

Last active March 2, 2019 06:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save voicenoise/94460a41e98403695f46b56817337dbc to your computer and use it in GitHub Desktop.
Save voicenoise/94460a41e98403695f46b56817337dbc to your computer and use it in GitHub Desktop.
Download ZIP
maldet virus check script
Raw
maldet.sh
#!/bin/sh
################################################################
## Maldet Virus Check Script
## Written By: NOISE
## URL: https://gist.github.com/voicenoise/94460a41e98403695f46b56817337dbc
## Version: MVCS-1.9 - 22 Feb 2019
################################################################
STARTTIME=`date +"%Y.%m.%d - %H:%M"`
################################################################
################# Update the values below ######################
EMAIL='user@domain.example'
HOST='domain.example'
### OUTPUTFILE PATH ###
OUTPUT='/tmp/maldet.txt'
################# Adjust the Scanning path's ###################
CHECK_PATH1='/var/www'
CHECK_PATH2='/usr'
CHECK_PATH3='/etc'
CHECK_PATH4='/var/lib'
################################################################
### MALDET [IGNORE OPTIONS] [-i|--include-regex]
### add this file for excluding path's
###
### nano /usr/local/maldetect/ignore_paths
### /usr/local/maldetect/
### /usr/local/maldetect/quarantine/
### /usr/local/sbin/maldet
### /usr/bin/clamdscan
### /var/lib/mysql/
###
### Joomla or Wordpress JCH Optimize is needed to exclude
### /var/www/clients/client*/web*/web/cache/plg_jch_optimize/
### /var/www/clients/client*/web*/log/
###
### [PURGE OPTIONS]
### -p, --purge
### Clear logs, quarantine queue, session and temporary data.
################################################################
echo "check for viruses" | tee ${OUTPUT}
echo ${STARTTIME} | tee -a ${OUTPUT}
## [-i|--include-regex]
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "Check & Update Virus Sig ${CHECK_PATH1}" | tee -a ${OUTPUT}
/usr/local/maldetect/maldet -u maldet -a ${CHECK_PATH1} -i | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "Check ${CHECK_PATH2}" | tee -a ${OUTPUT}
/usr/local/maldetect/maldet -a ${CHECK_PATH2} -i | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "Check ${CHECK_PATH3}" | tee -a ${OUTPUT}
/usr/local/maldetect/maldet -a ${CHECK_PATH3} -i | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
echo "Check ${CHECK_PATH4}" | tee -a ${OUTPUT}
/usr/local/maldetect/maldet -a ${CHECK_PATH4} -i | tee -a ${OUTPUT}
echo "-----------------------------------------------------------------------" | tee -a ${OUTPUT}
if [ $? -eq 0 ]; then
ENDTIME=`date +"%Y.%m.%d - %H:%M"`
echo "Virus Check Successful at ${HOST} ${ENDTIME}" | tee -a ${OUTPUT}
else
echo "Error found during check at ${HOST}" | tee -a ${OUTPUT}
fi
################################################################
### Send Email from Maldet Scan output.txt (not needed if set to cron)
echo "Send Mail ${HOST}" | mail -s "Malware Check ${HOST} ${STARTTIME}" ${EMAIL} < ${OUTPUT}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment