I installed distro
Stable-6.12.65
Release Date-2014
FreePBX 12, Linux 6.5
Asterisk 11 or 13
Installed Asterisk 13
When running the security checker, this is the output:
Starting integrity check…
Clean defined, Will attempt to clean anything thing bad up
Redownload defined, will attempt to redownload where needed
Checking Framework for a valid signature…
Framework appears to be good
Cleaning up exploit 'mgknight’
Purging PHP Session storage
Done
Moving potentially compromised file /etc/asterisk/manager_custom.conf to /tmp/freepbx_quarantine/manager_custom.conf
Moving potentially compromised file /etc/asterisk/sip_custom.conf to /tmp/freepbx_quarantine/sip_custom.conf
Moving potentially compromised file /etc/asterisk/extensions_custom.conf to /tmp/freepbx_quarantine/extensions_custom.conf
Cleaned potential ‘mgknight’ exploit. Please check your system for any suspicious activity. This script might not have removed it all!
Checking FreePBX ARI Framework
FreePBX ARI Framework is completely removed
Finished with FreePBX ARI Framework
Now Verifying all FreePBX Framework Files
Checked all FreePBX Framework Files
Now checking all modules
WARNING: Module dashboard has issues. Run script again with that module name as the param
WARNING: Module bulkextensions has issues. Run script again with that module name as the param
WARNING: Module irc has issues. Run script again with that module name as the param
WARNING: Module bulkdids has issues. Run script again with that module name as the param
WARNING: Module ucp has issues. Run script again with that module name as the param
Complete. Summary:
Good modules: 81
Bad modules: 5
Signature Missing: 0
Re-run this script with -m for further information
Example: -m ucp
Is this system really compromised ?
I thought 13 has not affected by this due to the non inclusion of ARI
Regards
Dale