2,257
edits
Changes
Jump to navigation
Jump to search
Line 57:
Line 57: − + Line 63:
Line 63: + + + + + + + + + + + + + + + + +
→Running parasite code
* Stop the task with <code>compel_stop_task(int pid)</code> call and keep the return value if it's positive (it contains the task state)
* Stop the task with <code>compel_stop_task(int pid)</code> call and keep the return value if it's positive (it contains the task state)
* Prepare the infection handler with <code>compel_prepare(int pid)</code> call. The return value is an opaque pointer to <code>struct parasite_ctl()</code>
* Prepare the infection handler with <code>compel_prepare(int pid)</code> call. The return value is an opaque pointer to <code>struct parasite_ctl</code>
* Run the remote code
* Run the remote code
** Just execute a system call with <code>compel_syscall(ctl, int syscall_nr, long *ret, int arg ... (6 of them))</code>
** Just execute a system call with <code>compel_syscall(ctl, int syscall_nr, long *ret, int arg ... (6 of them))</code>
* Cure the victim with <code>compel_cure(ctl)</code> and stop using the ctl pointer as it's freed by the call
* Cure the victim with <code>compel_cure(ctl)</code> and stop using the ctl pointer as it's freed by the call
* Resume the task with <code>compel_resume_task(pid)</code>
* Resume the task with <code>compel_resume_task(pid)</code>
=== Infecting ===
Infecting the victim with parasite blob needs some special treatment. First, the ctl should be configured with the blob information. Currently there's only one type of blobs, generated by <code>compel hgen</command>. To put this info into ctl one should
* Call <code>compel_parasite_blob_desc(ctl)</code> to get a pointer on <code>struct parasite_blob_desc</code>
* Fill in the bdesc fields
** <code>.parasite_type</code> should be set to <code>COMPEL_BLOB_CHEADER</code>
** <code>.hdr.mem</code> should be set to the <code>-s</code> argument of hgen
** <code>.hdr.bsize</code> should be set to the sizeof(this symbol)
** <code>.hdr.nr_gotpcrel</code> should be set to the <code>-r</code> argument of hgen
** Three offsets below should be set to respective offsets generated with the <code>-p</code> argument value
*** <code>.hdr.parasite_ip_off</code> to <code>COMPEL_H_PARASITE_HEAD(arg)</code>
*** <code>.hdr.addr_cmd_off</code> to <code>COMPEL_H_PARASITE_CMD(arg)</code>
*** <code>.hdr.addr_arg_off</code> to <code>COMPEL_H_PARASITE_ARGS(arg)</code>
** <code>.hdr.relocs</code> should be set to <code>-v</code> argument (it's an array)
** <code>.hdr.nr_relocs</code> should be set to the number of elements in this array (<code>sizeof(arr)/sizeof(arr[0])</code>)
== See also ==
== See also ==