bug

grayddq · Nov 29, 2019 · aaf426c · aaf426c
1 parent 98c3b05
commit aaf426c
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -127,11 +127,11 @@ def get_process_start_time(pid):
             if pid == info.split(' ')[0].strip():
                 user = info.split(' ', 2)[1].strip()
                 sstime = info.split(' ', 2)[2].strip()
-                stime = os.popen("date -d " + sstime + " '+%Y-%m-%d %H:%M:%S' 2>/dev/null").read().splitlines()
+                stime = os.popen("date -d '" + sstime + "' '+%Y-%m-%d %H:%M:%S' 2>/dev/null").read().splitlines()
                 return user, stime[0]
-        return user, stime
+        return stime, user
     except:
-        return user, stime
+        return stime, user
 
 
 # 检测风险结果，进行全局变量结果录入

diff --git a/lib/plugins/Backdoor_Analysis.py b/lib/plugins/Backdoor_Analysis.py
@@ -187,7 +187,7 @@ def check_SSH(self):
                 pid = info.split("/")[0]
                 if os.path.exists('/proc/%s/exe' % pid):
                     if 'sshd' in os.readlink('/proc/%s/exe' % pid):
-                        malice_result(u'常规后门检测', u'SSH 后门', u'/porc/%s/exe' % pid, pid, u"非22端口的sshd服务",
+                        malice_result(u'常规后门检测', u'SSH 后门', os.readlink('/proc/%s/exe' % pid), pid, u"非22端口的sshd服务",
                                       u'[1]ls -l /porc/%s [2]ps -ef|grep %s|grep -v grep' % (pid, pid), u'风险',
                                       programme=u'kill %s #关闭异常sshd进程' % pid)
                         malice = True