Dev {Tricks}

Step 1: Install Zenity

sudo apt update
sudo apt upgrade
sudo apt -y install zenity

Step 2: Create the Maldet Popup script

mkdir /home//scripts
cd /home//scripts
mkdir log

…and in this /home//scripts directory, create a new file called maldet_popup.sh containing the following.

#!/bin/bash
# AUTHOR: Max Meinhardt. 05/30/23.
# DESCRIPTION: This script parses “maldet –report list” for any scan report lines that have HITS > 0, and displays a popup dialog showing those lines.

DAYS_THRESHOLD=7 # Max number of days to look back for a maldet scan

# Get the current date and the date two days ago
CURRENT_DATE=$(date +%Y-%m-%d)
THRESHOLD_DATE=$(date -d “$DAYS_THRESHOLD days ago” +%Y-%m-%d)

# Run the maldet command and process the output
maldet_output=$(maldet –report list)

# Variables to store triggering lines and the flag to track if there are any triggering lines
triggered=false
triggering_lines=””

# Set the IFS to newline
IFS=$’\n’

# Iterate over the maldet output and check for triggering lines
while IFS= read -r line; do
if [[ $line == *SCANID:* ]]; then
HITS=$(echo “$line” | awk -F’|’ ‘{print $5}’ | awk -F’HITS:’ ‘{print $2}’ | awk ‘{print $1}’)
DATE=$(echo “$line” | awk ‘{print $1″ “$2” “$3}’)
LINE_DATE=$(date -d “$DATE” +%Y-%m-%d)
if [[ “$LINE_DATE” > “$THRESHOLD_DATE” ]]; then
if [ “$HITS” -gt 0 ]; then
triggered=true
triggering_lines+=”\n$line”
fi
fi
fi
done <<< “$maldet_output”

# Display the popup dialog if there are any triggering lines
if [ “$triggered” = true ]; then
# Display the popup dialog with buttons to open maldet reports
zenity –info –width=0 –display=:0.0 –title=”Malware Detected” –text=$USER”: Malware has been detected in the last $DAYS_THRESHOLD days:\n$triggering_lines \
\n\nTo view a malware scan report, type \”maldet –report SCANID\” in a terminal window.” \
–ok-label=”Close”
fi

Then, add permissions to execute it.

chmod +x maldet_popup.sh