Home > Cpanel/WHM, Scripts > WHM/Cpanel rkhunter plugin creation HOWTO

WHM/Cpanel rkhunter plugin creation HOWTO

In this post the step by step procedure for writing a WHM rkhunter plugin is explained. This can be modified accordingly for other purposes too.

1) Change directory to “/usr/local/cpanel/whostmgr/docroot/cgi/”(where all WHM and cpanel plugins reside) and create a directory and download the rkhunter image file.

cd /usr/local/cpanel/whostmgr/docroot/cgi/
mkdir rkhunter
wget -O rkhunter/rkhunter.jpeg http://t0.gstatic.com/images?q=tbn:ANd9GcS5JR0LyE7ZB01nCcuioUiJFQvbl8WMAWCRNEMbS14yUBxYqOyx0X0KIfQ

2) Create a rkhunter cgi script named “/usr/local/cpanel/whostmgr/docroot/cgi/addon_rkhunter.cgi“, with the following contents. This script calls the perl script “/usr/local/cpanel/whostmgr/docroot/cgi/rkhunter/rkhunter.pl” for executing rkhunter command using a pipe.

#!/usr/bin/perl
#WHMADDON::Rkhunter Plugin
####################################
# start main

use File::Find;
use Fcntl qw(:DEFAULT :flock);
use Sys::Hostname qw(hostname);
use IPC::Open3;

$script = "addon_rkhunter.cgi";

##Directory containing images files
$images = "rkhunter";

use lib '/usr/local/cpanel';
use Cpanel::cPanelFunctions ();
use Cpanel::Form			();
use Cpanel::Config          ();
use Cpanel::Version          ();
use Whostmgr::HTMLInterface ();
use Whostmgr::ACLS			();

Whostmgr::ACLS::init_acls();

print "Content-type: text/html\r\n\r\n";

if (!Whostmgr::ACLS::hasroot()) {
	print "You do not have access to this plugin.\n";
	exit();
}

eval ('use Cpanel::Rlimit			();');
unless ($@) {Cpanel::Rlimit::set_rlimit_to_infinity()}

$Cpanel::App::appname = "whostmgr";
Whostmgr::HTMLInterface::defheader("Rkhunter Plugin",'/cgi/rkhunter/rkhunter.jpeg','/cgi/addon_rkhunter.cgi');

%FORM = Cpanel::Form::parseform();

$dns = Cpanel::Version::gettree();
if ($dns eq "DNSONLY") {$dns = 1} else {$dns = 0}

do "/usr/local/cpanel/whostmgr/docroot/cgi/rkhunter/rkhunter.pl";

1;

3) Create the file “/usr/local/cpanel/whostmgr/docroot/cgi/rkhunter/rkhunter.pl” with the following contents. The variable “RKHUNTER” can be modified to specify the rkhunter binary path.

use strict;
use CGI;
use Switch;
 
# Constant: path to rkhunter
my $RKHUNTER = '/usr/bin/rkhunter -sk -c --nocolors';
local *PIPE;
 
open PIPE, "$RKHUNTER |" or die "Cannot open pipe to rkhunter: $!";

print "<code>";
print "<pre>"; 
while(my $this_line = <PIPE> ){
my($result) = $this_line =~ /\[([^\)]+)\]/;
if ( defined $result){
SWITCH: {
if($result eq " OK "){$this_line =~ s/$result/\<font\ color\=\"green\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " Not found "){$this_line =~ s/$result/\<font\ color\=\"green\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " None found "){$this_line =~ s/$result/\<font\ color\=\"green\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " Not allowed "){$this_line =~ s/$result/\<font\ color\=\"green\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " No update "){$this_line =~ s/$result/\<font\ color\=\"green\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " Found "){$this_line =~ s/$result/\<font\ color\=\"red\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " Warning "){$this_line =~ s/$result/\<font\ color\=\"red\"\>$result\<\/font\>/g ;last SWITCH};
if($result eq " Skipped "){$this_line =~ s/$result/\<font\ color\=\"yellow\"\>$result\<\/font\>/g ;last SWITCH};
$this_line =~ s/$result/\<font\ color\=\"yellow\"\>$result\<\/font\>/g ;
}
print $this_line;
}
else{
 print $this_line;
}
print "<br\>";
}
print "</pre>";
print "</code>";
close PIPE;

=comment

Color codes used by rkhunter

OK --> OK --> GREEN
NOT_FOUND --> Not found --> GREEN
NONE_FOUND --> None found --> GREEN
NOT_ALLOWED --> Not allowed --> GREEN
ALLOWED --> GREEN
UPD --> GREEN
NO_UPD --> No update --> GREEN
WHITELISTED --> GREEN


FOUND --> Found --> RED
WARNING --> Warning --> RED
UPD_FAILED --> RED
VCHK_FAILED --> RED


SKIPPED --> Skipped --> YELLOW
=cut

4) Grant execute permissions to the plugin scripts.

 chmod 755 /usr/local/cpanel/whostmgr/docroot/cgi/rkhunter/rkhunter.pl
 chmod 755 /usr/local/cpanel/whostmgr/docroot/cgi/addon_rkhunter.cgi

5) Now login to WHM and under Main >> Plugins you will be able to view the rkhunter plugin by the name “Rkhunter Plugin”. Click it and you will be able to see live status of scanning from WHM.

NOTE

1) Cpanel version used is 11.30.4.6
2) Perl version in the server is v5.8.8

REFERENCE

http://docs.cpanel.net/twiki/bin/view/SoftwareDevelopmentKit/CreatingWhmPlugins

Advertisements
Categories: Cpanel/WHM, Scripts
  1. Ed Ewing
    October 30, 2011 at 4:29 pm

    Nice work.

    Prefer the perms set to 700 and didn’t see any issues with that.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: