blob: 3d48dc3334898301dd6f1a3a3a46bddd0e7dc46a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
#/bin/bash
diff_folder='/var/log/phpmalwarefinder/'
stdout=false
SCAN_CMD='./yara -r ./malwares.yara -f'
show_help() {
cat << EOF
Usage ${0##*/} [-dhw]
-d Path to the diff folder (defaults to ${diff_folder})
-h Show this help message
-w Provide a whitelist file, containing one path per line
-s Show diff on stdout
EOF
}
OPTIND=1
while getopts "hw:d:" opt; do
case "$opt" in
h)
show_help
exit 0
;;
d)
diff_folder="$OPTARG"
;;
s)
stdout=true
;;
'?')
show_help
exit 1
;;
esac
done
shift "$((OPTIND-1))"
if [ ! -d "$diff_folder" ]; then
echo "[-] Invalid previous_scan directory: " "$diff_folder"
exit 1
fi
previous_scan="$(ls -t "$diff_folder" | head -1)"
if [ -z "$previous_scan" ]; then
echo "[*] No previous scan found: This will be the first one."
$SCAN_CMD "$@" | sort | tee > "$diff_folder/$(date +%s)"
exit 0
fi
if [ ${stdout} = true ]; then
diff <($SCAN_CMD "$@" | sort | tee "$diff_folder/$(date +%s)") <(cat "$diff_folder"/"$previous_scan")
else
$SCAN_CMD "$@" | sort > "$diff_folder/$(date +%s)"
fi
exit 0
|
