Step 1: Install Zenity
sudo apt update
sudo apt upgrade
sudo apt -y install zenity
Step 2: Create the Maldet Popup script
mkdir /home//scripts
cd /home//scripts
mkdir log
…and in this /home//scripts directory, create a new file called maldet_popup.sh containing the following.
#!/bin/bash
# AUTHOR: Max Meinhardt. 05/30/23.
# DESCRIPTION: This script parses “maldet –report list” for any scan report lines that have HITS > 0, and displays a popup dialog showing those lines.
DAYS_THRESHOLD=7 # Max number of days to look back for a maldet scan
# Get the current date and the date two days ago
CURRENT_DATE=$(date +%Y-%m-%d)
THRESHOLD_DATE=$(date -d “$DAYS_THRESHOLD days ago” +%Y-%m-%d)
# Run the maldet command and process the output
maldet_output=$(maldet –report list)
# Variables to store triggering lines and the flag to track if there are any triggering lines
triggered=false
triggering_lines=””
# Set the IFS to newline
IFS=$’\n’
# Iterate over the maldet output and check for triggering lines
while IFS= read -r line; do
if [[ $line == *SCANID:* ]]; then
HITS=$(echo “$line” | awk -F’|’ ‘{print $5}’ | awk -F’HITS:’ ‘{print $2}’ | awk ‘{print $1}’)
DATE=$(echo “$line” | awk ‘{print $1″ “$2” “$3}’)
LINE_DATE=$(date -d “$DATE” +%Y-%m-%d)
if [[ “$LINE_DATE” > “$THRESHOLD_DATE” ]]; then
if [ “$HITS” -gt 0 ]; then
triggered=true
triggering_lines+=”\n$line”
fi
fi
fi
done <<< “$maldet_output”
# Display the popup dialog if there are any triggering lines
if [ “$triggered” = true ]; then
# Display the popup dialog with buttons to open maldet reports
zenity –info –width=0 –display=:0.0 –title=”Malware Detected” –text=$USER”: Malware has been detected in the last $DAYS_THRESHOLD days:\n$triggering_lines \
\n\nTo view a malware scan report, type \”maldet –report SCANID\” in a terminal window.” \
–ok-label=”Close”
fi
Then, add permissions to execute it.
chmod +x maldet_popup.sh