Line 52: |
Line 52: |
| After this the <code>parasite.h</code> file should be included into the infecting program and compiled with it. | | After this the <code>parasite.h</code> file should be included into the infecting program and compiled with it. |
| | | |
− | == Communicating == | + | == Running parasite code == |
| | | |
− | There are several ways to pass parameters to the parasite code.
| + | So, in order to infect a task with parasite one must. |
| | | |
− | If you run the parasite binary from CLI, the command line arguments after <code>--</code> are passed into the parasite's <code>main()</code> function.
| + | * Stop the task with <code>compel_stop_task(int pid)</code> call and keep the return value if it's positive (it contains the task state) |
− | | + | * Prepare the infection handler with <code>compel_prepare(int pid)</code> call. The return value is an opaque pointer to <code>struct parasite_ctl()</code> |
− | <pre> | + | * Run the remote code |
− | $ compel run -f foo.compel.o -p 123 -- arg1 arg2 arg3
| + | ** Just execute a system call with <code>compel_syscall(ctl, int syscall_nr, long *ret, int arg ... (6 of them))</code> |
− | </pre> | + | ** Infect victim with parasite blob with <code>compel_infect(ctl, nr_thread, size_of_args_area)</code> |
− | | + | * Cure the victim with <code>compel_cure(ctl)</code> and stop using the ctl pointer as it's freed by the call |
− | In <code>main()</code>, the standard <code>argc</code> and <code>argv</code> can be obtained using the following code:
| + | * Resume the task with <code>compel_resume_task(pid)</code> |
− | | |
− | <source lang="C"> | |
− | argc = std_argc(arg_p);
| |
− | argv = std_argv(arg_p, argc);
| |
− | </source>
| |
− | | |
− | These calls are available in <code>argv</code> [[compel plugins|plugin]]. Now, argc and argv can be handled as usual.
| |
| | | |
| == See also == | | == See also == |