Correct regex for bindshell port detection, update ss parameter to reveal ports

[xkgoodbest]

Issue is located in bindshell part. Specifically, Checking 'bindshell'... INFECTED PORTS: ( 145).

The regex should be ":${P}[^0-9.:]" as the function is only aiming at ports, instead of [.:] in the beginning part. As CMD=loc ss ss $pth failed [1], the script is using ss -a [2] to do the ports revealing. Thus the output contains strange string.

$ ss -a | egrep "^tcp.*LIST|^udp"
udp   UNCONN 0      0         127.0.0.54:domain                      0.0.0.0:*
udp   UNCONN 0      0         127.0.0.53%lo:domain                      0.0.0.0:*
udp   UNCONN 0      0         10.0.69.114%ens5:bootpc                      0.0.0.0:*

ss -an change brings in correct numbered ports for detection. Along with the regex to prevent false positives.

$ ss -an | egrep "^tcp.*LIST|^udp"
udp   UNCONN 0      0                                                  127.0.0.54:53                 0.0.0.0:*
udp   UNCONN 0      0                                               127.0.0.53%lo:53                 0.0.0.0:*
udp   UNCONN 0      0                                            10.0.65.139%ens3:68                 0.0.0.0:*
udp   UNCONN 0      0                                                   127.0.0.1:323                0.0.0.0:*
udp   UNCONN 0      0                                                       [::1]:323                   [::]:*
udp   UNCONN 0      0                              [fe80::4f:81ff:fe48:4287]%ens3:546                   [::]:*

Please let me know your thoughts, thanks.

[1]https://github.com/Magentron/chkrootkit/blob/master/chkrootkit#L2892 [2]https://man7.org/linux/man-pages/man8/ss.8.html