feat: added hooks for connect and socket in so
This commit is contained in:
parent
d3f08ba22a
commit
dadf81831c
2 changed files with 35 additions and 0 deletions
|
@ -17,6 +17,7 @@ path = "src/needle/main.rs"
|
||||||
[dependencies]
|
[dependencies]
|
||||||
clap = { version = "4.1.13", features = ["derive"] }
|
clap = { version = "4.1.13", features = ["derive"] }
|
||||||
ctor = "0.1.26"
|
ctor = "0.1.26"
|
||||||
|
retour = "0.1" # plain detour doesn't work on latest nightly? idk
|
||||||
elf = "0.7.2"
|
elf = "0.7.2"
|
||||||
nix = "0.26.2"
|
nix = "0.26.2"
|
||||||
proc-maps = "0.3.0"
|
proc-maps = "0.3.0"
|
||||||
|
|
34
src/lib.rs
34
src/lib.rs
|
@ -1,4 +1,38 @@
|
||||||
|
use std::{error::Error, ffi::c_int};
|
||||||
|
|
||||||
|
use nix::libc::{socklen_t, sockaddr};
|
||||||
|
use retour::static_detour;
|
||||||
|
|
||||||
|
static_detour! {
|
||||||
|
static SOCKET_HOOK : unsafe extern "C" fn(i32, i32, i32) -> i32;
|
||||||
|
static CONNECT_HOOK : unsafe extern "C" fn(c_int, *const sockaddr, socklen_t) -> c_int;
|
||||||
|
}
|
||||||
|
|
||||||
|
fn add_hooks() -> Result<(), Box<dyn Error>> {
|
||||||
|
unsafe {
|
||||||
|
SOCKET_HOOK.initialize(nix::libc::socket, |dom, tp, proto| {
|
||||||
|
eprintln!("caught socket({}, {}, {}) call", dom, tp, proto);
|
||||||
|
SOCKET_HOOK.call(dom, tp, proto)
|
||||||
|
})?;
|
||||||
|
SOCKET_HOOK.enable()?;
|
||||||
|
|
||||||
|
CONNECT_HOOK.initialize(nix::libc::connect, |fd, info, len| {
|
||||||
|
eprintln!("caught connect({}, ??, {}) call", fd, len);
|
||||||
|
CONNECT_HOOK.call(fd, info, len)
|
||||||
|
})?;
|
||||||
|
CONNECT_HOOK.enable()?;
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#[ctor::ctor]
|
#[ctor::ctor]
|
||||||
fn constructor() {
|
fn constructor() {
|
||||||
println!("Infected!");
|
println!("Infected!");
|
||||||
|
|
||||||
|
if let Err(e) = add_hooks() {
|
||||||
|
eprintln!("[!] Could not add hooks : {}", e);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue