2,257
edits
Changes
Jump to navigation
Jump to search
→Running parasite code
Line 57:
Line 57:
* Stop the task with <code>compel_stop_task(int pid)</code> call and keep the return value if it's positive (it contains the task state)
* Stop the task with <code>compel_stop_task(int pid)</code> call and keep the return value if it's positive (it contains the task state)
−* Prepare the infection handler with <code>compel_prepare(int pid)</code> call. The return value is an opaque pointer to <code>struct parasite_ctl()</code>
+* Prepare the infection handler with <code>compel_prepare(int pid)</code> call. The return value is an opaque pointer to <code>struct parasite_ctl</code>
* Run the remote code
* Run the remote code
** Just execute a system call with <code>compel_syscall(ctl, int syscall_nr, long *ret, int arg ... (6 of them))</code>
** Just execute a system call with <code>compel_syscall(ctl, int syscall_nr, long *ret, int arg ... (6 of them))</code>
Line 63:
Line 63:
* Cure the victim with <code>compel_cure(ctl)</code> and stop using the ctl pointer as it's freed by the call
* Cure the victim with <code>compel_cure(ctl)</code> and stop using the ctl pointer as it's freed by the call
* Resume the task with <code>compel_resume_task(pid)</code>
* Resume the task with <code>compel_resume_task(pid)</code>
+
+=== Infecting ===
+
+Infecting the victim with parasite blob needs some special treatment. First, the ctl should be configured with the blob information. Currently there's only one type of blobs, generated by <code>compel hgen</command>. To put this info into ctl one should
+
+* Call <code>compel_parasite_blob_desc(ctl)</code> to get a pointer on <code>struct parasite_blob_desc</code>
+* Fill in the bdesc fields
+** <code>.parasite_type</code> should be set to <code>COMPEL_BLOB_CHEADER</code>
+** <code>.hdr.mem</code> should be set to the <code>-s</code> argument of hgen
+** <code>.hdr.bsize</code> should be set to the sizeof(this symbol)
+** <code>.hdr.nr_gotpcrel</code> should be set to the <code>-r</code> argument of hgen
+** Three offsets below should be set to respective offsets generated with the <code>-p</code> argument value
+*** <code>.hdr.parasite_ip_off</code> to <code>COMPEL_H_PARASITE_HEAD(arg)</code>
+*** <code>.hdr.addr_cmd_off</code> to <code>COMPEL_H_PARASITE_CMD(arg)</code>
+*** <code>.hdr.addr_arg_off</code> to <code>COMPEL_H_PARASITE_ARGS(arg)</code>
+** <code>.hdr.relocs</code> should be set to <code>-v</code> argument (it's an array)
+** <code>.hdr.nr_relocs</code> should be set to the number of elements in this array (<code>sizeof(arr)/sizeof(arr[0])</code>)
== See also ==
== See also ==