From 32e32b0a3ad415ac0df00e02c58e9859229ab4c8 Mon Sep 17 00:00:00 2001
From: Mowdep <gabriel.fareau@gmail.com>
Date: Wed, 23 Apr 2025 15:32:45 +0200
Subject: [PATCH] Update .bashrc_remote

patch ss output filter in checksec
---
 .bashrc_remote | 43 ++++++++++++++++++++++++++++++++++---------
 1 file changed, 34 insertions(+), 9 deletions(-)

diff --git a/.bashrc_remote b/.bashrc_remote
index 122018a..d4d2f31 100644
--- a/.bashrc_remote
+++ b/.bashrc_remote
@@ -1475,16 +1475,41 @@ checksec() {
     
     # Check for running services
     echo -e "\n${bold}Exposed Services:${reset}"
-    echo "Port     Protocol  State   Service"
+    echo "Port     Protocol  State   Service   Processus"
     echo "----------------------------------------"
     if command -v ss >/dev/null 2>&1; then
-        ss -tuln | grep LISTEN | awk '{
-            split($5, a, ":")
-            port = a[length(a)]
-            proto = $1
-            printf "%-8s %-9s %-7s ", port, proto, "LISTEN"
-            system("grep -w " port " /etc/services 2>/dev/null | head -1 | awk \"{print \\$1}\"")
-        }' | sort -n | column -t
+        ss -tulpn | awk '
+        {
+            if ($1 ~ /^(tcp|udp)$/ && $5 ~ /:[0-9]+$/) {
+                proto = tolower($1);
+                split($5, a, ":");
+                port = a[length(a)];
+                # Extract process name
+                proc = ($0 ~ /users:\(\(/) ? gensub(/^.*users:\(\(([^,]+),.*$/, "\\1", "g") : "-";
+                # Map by port
+                protocols[port][proto] = 1;
+                # Keep first process name we see
+                if (!(port in procs) && proc != "-") {
+                    procs[port] = proc;
+                }
+                ports[port] = 1;
+            }
+        }
+        END {
+            for (p in ports) {
+                used_proto = "";
+                if (protocols[p]["tcp"]) used_proto = "TCP";
+                if (protocols[p]["udp"]) used_proto = (used_proto ? used_proto "/UDP" : "UDP");
+                # Lookup service name
+                key_tcp = p "/tcp";
+                key_udp = p "/udp";
+                cmd = "awk \047$2 == \"" key_tcp "\" || $2 == \"" key_udp "\" { print $1; exit }\047 /etc/services";
+                cmd | getline service;
+                close(cmd);
+                if (service == "") service = "-";
+                printf "%-6s %-10s %-15s %s\n", p, used_proto, service, procs[p];
+            }
+        }' | sort -n
     else
         netstat -tuln | grep LISTEN | awk '{
             split($4, a, ":")
@@ -1851,4 +1876,4 @@ logs() {
             cat "$log_file" | ccze -A | less -R
         fi
     fi
-}
\ No newline at end of file
+}