forked from hc0d3r/sshd-poison
-
Notifications
You must be signed in to change notification settings - Fork 1
/
breakpoint.c
65 lines (53 loc) · 1.37 KB
/
breakpoint.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#include <sys/ptrace.h>
#include <sys/reg.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <stdio.h>
#include "breakpoint.h"
int insert_breakpoint(bp_t **out, pid_t pid, uint64_t addr){
long orig;
int ret = 1;
orig = ptrace(PTRACE_PEEKTEXT, pid, addr, NULL);
if(errno){
goto end;
}
if(ptrace(PTRACE_POKETEXT, pid, addr, (orig << 8)|0xcc) == -1){
goto end;
}
while(*out){
out = &((*out)->next);
}
*out = malloc(sizeof(bp_t));
if(*out != NULL){
(*out)->pid = pid;
(*out)->addr = addr;
(*out)->orig = orig;
(*out)->next = NULL;
ret = 0;
}
end:
return ret;
}
int remove_breakpoint(bp_t **out, pid_t pid, uint64_t addr){
bp_t *aux, *prev;
int ret = 0;
for(prev=NULL, aux=*out; aux; prev=aux, aux=aux->next){
if(aux->pid == pid && aux->addr == addr){
/* set instruction point to default address */
ptrace(PTRACE_POKEUSER, pid, RIP*sizeof(long), addr);
if(ptrace(PTRACE_POKETEXT, pid, addr, aux->orig) == -1){
perror("ptrace_poketext");
}
if(!prev){
*out = aux->next;
} else {
prev->next = aux->next;
}
free(aux);
ret = 1;
break;
}
}
return ret;
}