Nicer debugging output for now - linux-rootkit - Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)

commit f46b361d1c6e9c3a0be30fd746b8693251a1987b
parent 5a808ce192d64708be6438b3101286b03ccff7ce
Author: Tizian Leonhardt <tizianleonhardt@web.de>
Date:   Sat, 23 Jan 2021 20:22:26 +0100

Nicer debugging output for now

Diffstat:
M mem_forensics/memcheck-gdb.py  | 9 ++++-----

1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/mem_forensics/memcheck-gdb.py b/mem_forensics/memcheck-gdb.py
@@ -635,10 +635,7 @@ class RkCheckFunctions(gdb.Command):
                 continue
 
             self.compare_function(name, size, value)
-
-        print(f"Mismatches: {self.i}")
-
-    i = 0
+            
     def compare_function(self, name, size, value):
         addr = self.get_v_addr(name)
 
@@ -693,7 +690,9 @@ class RkCheckFunctions(gdb.Command):
             return None
 
         if live_bytes != elf_bytes:
-            self.i = self.i + 1
+            print("x", end='', flush=True)
+        else:
+            print("o", end='', flush=True)
 
     def get_v_addr(self, symbol):
         try:

	linux-rootkit Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
	git clone git://git.deurzen.net/linux-rootkit
	Log \| Files \| Refs