Syscall Hijacking: Simple Rootkit (kernel 2.6.x)
Hi. In this post I’ll show you how to change the process credentials through kernel modules. In a such way you can make your own rootkit(s): i.e. when you performs a pre-established action, the module will give you a root access.
First of all we need to know where these credentials are kept: in the kernel versions < 2.6.29 we find all this informations in the “task_struct” structure. This structure is defined in “linux/sched.h”: Read more…
GNU C: Extensions to the C Language Family
Hi. Today I’ll talk about the extensions to the C language family introduced by the GNU C.
The GNU C provides several language features not found in ANSI standard C. These extensions are available both in C and C++. The `-pedantic’ option directs GNU CC to print a warning message if any of these features is used.
The list of these features is very long: often we use them implicitly. I will show to you only those I consider most useful and “strange”: Read more…
Win32 API: Passing Socket with IPC method
Hi. In this post I talk to you how to correctly pass a socket created in a parent process to a child process in Microsoft 9x systems.
If you have ever written a multi-process concurrent server in a Unix environment, you may have noticed that the passage of the socket between parent and son processes takes place directly. That is, the child inherits the variables of his parent, also including the file descriptor associated with the socket.
Hello World! – Brain mode
Hi. How can we write an “hello world!” in brain-mode?
When we want to greet someone, the brain is activated and set as a greeting a phrase known to us: in our case, “hello world!”.
Read more…
inet_ntop() for Win32
Like 4 years ago I made a little project for the operating system 2 class. I had to write an application capable of handling multiple file transfers for both Win32 and Linux. During the coding of the socket-side of the application I encountered an awkward problem: why the hell win32 does not have a compatibility function for the inet_ntop()?
Only recently, for Vista and 7, Microsoft introduced the InetNtop() function: http://tinyurl.com/3xrwaer
If you have to write something that needs to run on XP too (that still seems to be the most used operating system for home users: http://tinyurl.com/2w5ed8n ) just try this code :)
const char* inet_ntop(int af, const void* src, char* dst, int cnt){ struct sockaddr_in srcaddr; memset(&srcaddr, 0, sizeof(struct sockaddr_in)); memcpy(&(srcaddr.sin_addr), src, sizeof(srcaddr.sin_addr)); srcaddr.sin_family = af; if (WSAAddressToString((struct sockaddr*) &srcaddr, sizeof(struct sockaddr_in), 0, dst, (LPDWORD) &cnt) != 0) { DWORD rv = WSAGetLastError(); printf("WSAAddressToString() : %d\n",rv); return NULL; } return dst; }
Timeout on Named Pipes
Hi. In this post, I will show you how make a timeouted namedpipe with the WIN32 API: the msdn’s manual doesn’t explain how to do it.
The named pipes are an IPC’s method by which we can send data to an other process (like a son process).
Read more…