Cover V12, I09

sep2003.tar

Listing 3 Module used to hide processes

#define __KERNEL__

#define MODULE
#define MODVERSIONS
#include <linux/module.h>
#include <linux/modversions.h>
#include <linux/kernel.h>
#include <linux/sched.h>

MODULE_LICENSE("GPL");

void proc_walker(void) {
    struct task_struct *p;

    read_lock(&tasklist_lock);
    for_each_task(p) {
        printk("=--=[ pid: %d parent: %d\n", p->pid, p->p_opptr->pid);
    }
    read_unlock(&tasklist_lock);
}

int init_module(void) {
    printk("=------------=[ Hidden Pid HUNTER ]=---------------=]\n");
    proc_walker();
    return 0;
}

void cleanup_module(void) {
    printk("HUNTER (exit)");
}
 
© 2003 CMP Media LLC. All Rights Reserved.
www.sysadminmag.com