linux-rootkit

Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
git clone git://git.deurzen.net/linux-rootkit
Log | Files | Refs

check_pingpong.py (972B)

      1 #!/usr/bin/env python3
      2 
      3 import fcntl
      4 import os
      5 import unittest
      6 import argparse
      7 import sys
      8 
      9 IOCTL_PING = 0xc0084000
     10 IOCTL_INVALID = IOCTL_PING + 1
     11 
     12 proc_fd = None
     13 
     14 class TestIOCTLPing(unittest.TestCase):
     15     def test_ping(self):
     16         arg = b"PING"
     17         res = fcntl.ioctl(proc_fd, IOCTL_PING, arg)
     18         self.assertEqual(res, b"PONG")
     19 
     20     def test_duck(self):
     21         arg = b"DUCK"
     22         res = fcntl.ioctl(proc_fd, IOCTL_PING, arg)
     23         self.assertEqual(res, b"DUCK")
     24 
     25     def test_invalid(self):
     26         with self.assertRaises(IOError):
     27             fcntl.ioctl(proc_fd, IOCTL_PING, 0)
     28 
     29     def test_invalid2(self):
     30         with self.assertRaises(IOError):
     31             fcntl.ioctl(proc_fd, IOCTL_INVALID, 0)
     32 
     33 if __name__ == "__main__":
     34     parser = argparse.ArgumentParser()
     35     parser.add_argument("proc_file")
     36     args, remaining = parser.parse_known_args()
     37     proc_fd = os.open(args.proc_file, os.O_RDWR)
     38 
     39     unittest.main(argv=[sys.argv[0]] + remaining)