Exemplos de patch_task_for_pid em C++ (Cpp)

Exemplo n.º 1

Arquivo: onyx_the_black_cat.c Projeto: Annovae/onyx-the-black-cat

/*
 * THE FUN ENDS HERE :-(
 */
kern_return_t 
onyx_the_black_cat_stop (kmod_info_t * ki, void * d) 
{
    // remove all sysent hijacks
	cleanup_sysent();
    // remove any patches
    patch_resume_flag(DISABLE);
    patch_task_for_pid(DISABLE);
    patch_kauth(DISABLE);
	// remove the kernel control socket
    remove_kern_control();
    // ALL DONE
	return KERN_SUCCESS;
}

Exemplo n.º 2

Arquivo: kernel_control.c Projeto: vit9696/onyx-the-black-cat

/*
 * send data from userland to kernel
 * this is how userland apps adds and removes apps to be suspended
 */
static int
ctl_set(kern_ctl_ref ctl_ref, u_int32_t unit, void *unitinfo, int opt, void *data, size_t len)
{
    int error = 0;
    if (len == 0 || data == NULL)
    {
        LOG_ERROR("Invalid data to command.");
        return EINVAL;
    }
    // XXX: lame authentication :-]
    if (strcmp((char*)data, MAGIC) != 0)
    {
        LOG_ERROR("Invalid spell!");
        return EINVAL;
    }
        
	switch (opt)
	{
        case PATCH_TASK_FOR_PID:
        {
            LOG_DEBUG("Received request to patch task_for_pid.");
            patch_task_for_pid(ENABLE);
            break;
        }
        case UNPATCH_TASK_FOR_PID:
        {
            LOG_DEBUG("Received request to restore task_for_pid.");
            patch_task_for_pid(DISABLE);
            break;
        }
        case ANTI_PTRACE_ON:
        {
            LOG_DEBUG("Received request to patch ptrace.");
            anti_ptrace(ENABLE);
            break;
        }
        case ANTI_PTRACE_OFF:
        {
            LOG_DEBUG("Received request to restore ptrace.");
            anti_ptrace(DISABLE);
            break;
        }
        case ANTI_SYSCTL_ON:
        {
            LOG_DEBUG("Received request to patch sysctl.");
            anti_sysctl(ENABLE);
            break;
        }
        case ANTI_SYSCTL_OFF:
        {
            LOG_DEBUG("Received request to restore sysctl.");
            anti_sysctl(DISABLE);
            break;
        }
        case ANTI_KAUTH_ON:
        {
            LOG_DEBUG("Received request to patch kauth.");
            patch_kauth(ENABLE);
            break;
        }
        case ANTI_KAUTH_OFF:
        {
            LOG_DEBUG("Received request to restore kauth.");
            patch_kauth(DISABLE);
            break;
        }
        case PATCH_RESUME_FLAG:
        {
            LOG_DEBUG("Received request to patch resume flag.");
            patch_resume_flag(ENABLE);
            break;
        }
        case UNPATCH_RESUME_FLAG:
        {
            LOG_DEBUG("Received request to restore resume flag.");
            patch_resume_flag(DISABLE);
            break;
        }
        case PATCH_SINGLESTEP:
        {
            LOG_DEBUG("Received request to patch single step.");
            patch_singlestep(ENABLE);
            break;
        }
        case UNPATCH_SINGLESTEP:
        {
            LOG_DEBUG("Received request to restore single step.");
            patch_singlestep(DISABLE);
            break;
        }
        default:
        {
            error = ENOTSUP;
            break;
        }
    }
    return error;
}