admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-24 10:23:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

FIltering the found filepaths now fully working. We can now detect opened file descriptors of all processes

Browse Source
This commit is contained in:
h3xduck
2021-12-24 10:22:23 -05:00
parent be9cc95daa
commit 510fc89de0
9 changed files with 104 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
src/.output/xdp_filter.o
View File

Binary file not shown.

BIN
src/bin/xdp_filter
View File

Binary file not shown.

81
src/user/include/utils/files/path.c
View File

@@ -9,92 +9,89 @@
#include <string.h>
#include <errno.h>
#include "path.h"
#include "../structures/fdlist.h"
#include "../strings/regex.h"
#define USE_FDS 15
//Global variable for the parameter fd_list, there is no other better way of doing this
FdList* fd_param;
int print_entry(const char *filepath, const struct stat *info, const int typeflag, struct FTW *pathinfo){
/* const char *const filename = filepath + pathinfo->base; */
const double bytes = (double)info->st_size; /* Not exact if large! */
struct tm mtime;
localtime_r(&(info->st_mtime), &mtime);
printf("%04d-%02d-%02d %02d:%02d:%02d",
mtime.tm_year+1900, mtime.tm_mon+1, mtime.tm_mday,
mtime.tm_hour, mtime.tm_min, mtime.tm_sec);
if (bytes >= 1099511627776.0)
printf(" %9.3f TiB", bytes / 1099511627776.0);
else
if (bytes >= 1073741824.0)
printf(" %9.3f GiB", bytes / 1073741824.0);
else
if (bytes >= 1048576.0)
printf(" %9.3f MiB", bytes / 1048576.0);
else
if (bytes >= 1024.0)
printf(" %9.3f KiB", bytes / 1024.0);
else
printf(" %9.0f B ", bytes);
//Symlinks
if (typeflag == FTW_SL) {
char *target;
size_t maxlen = 1023;
ssize_t len;
while (1) {
target = malloc(maxlen + 1);
if (target == NULL)
return ENOMEM;
//Path too long, aborting
len = readlink(filepath, target, maxlen);
if (len == (ssize_t)-1) {
const int saved_errno = errno;
free(target);
return saved_errno;
}
if (len >= (ssize_t)maxlen) {
free(target);
maxlen += 1024;
continue;
}
target[len] = '\0';
break;
}
printf(" %s -> %s\n", filepath, target);
//Checking if target corresponds to the
if(regex_match_fd(filepath)==0){
//Add to fdlist
printf(" %s -> %s\n", filepath, target);
}
free(target);
} else
}/*else
if (typeflag == FTW_SLN)
printf(" %s (dangling symlink)\n", filepath);
printf(" %s (dangling symlink)\n", filepath);*/
else
if (typeflag == FTW_F)
printf(" %s\n", filepath);
else
1+1;
//printf(" %s\n", filepath);
/*else
if (typeflag == FTW_D || typeflag == FTW_DP)
printf(" %s/\n", filepath);
else
if (typeflag == FTW_DNR)
printf(" %s/ (unreadable)\n", filepath);
else
printf(" %s (unknown)\n", filepath);
printf(" %s (unknown)\n", filepath);*/
return 0;
}
/**
* @brief
*
* @param dirpath
* @return NULL if error, FDList with elements matching kmsg fd if OK
*/
FdList* load_fd_kmsg(const char *const dirpath){
int res;
fd_param = FdList_create(100);
int print_directory_tree(const char *const dirpath){
int result;
// Invalid directory path?
if(dirpath == NULL || *dirpath == '\0'){
return NULL;
}
/* Invalid directory path? */
if (dirpath == NULL || *dirpath == '\0')
return errno = EINVAL;
//Physical walk, but we follow symlinks in the subroutine
res = nftw(dirpath, print_entry, USE_FDS, FTW_PHYS);
if (res >= 0){
return NULL;
}
result = nftw(dirpath, print_entry, USE_FDS, FTW_PHYS);
if (result >= 0)
errno = result;
return errno;
return fd_param;
}

4
src/user/include/utils/files/path.h
View File

@@ -1,7 +1,9 @@
#ifndef __PATH_H
#define __PATH_H
int print_directory_tree(const char *const dirpath);
#include "../structures/fdlist.h"
FdList* load_fd_kmsg(const char *const dirpath);
#endif

BIN
src/user/include/utils/files/path.o
View File

Binary file not shown.

43
src/user/include/utils/strings/regex.c Normal file
View File

@@ -0,0 +1,43 @@
#include <regex.h>
#include <stdio.h>
#include <stdlib.h>
#include "regex.h"
/**
* @brief Compares string against regular expression for file descriptor detection
*
* @param str
* @return 0 if matches, 1 if not matching, -1 if error
*/
int regex_match_fd(const char* str){
regex_t regex;
int reti;
// Compile regular expression (/proc/*/fd/*)
reti = regcomp(&regex, "^\\/proc\\/[[:alnum:]]\\+\\/fd\\/[^\n ]\\+$", 0);
if (reti) {
fprintf(stderr, "Could not compile regex\n");
return -1;
}
// Execute regular expression
int result = 0;
reti = regexec(&regex, str, 0, NULL, 0);
if (!reti) {
puts("Match");
result = 0;
}else if (reti == REG_NOMATCH) {
result = 1;
}else {
char msgbuf[100];
regerror(reti, &regex, msgbuf, sizeof(msgbuf));
fprintf(stderr, "Regex match failed: %s\n", msgbuf);
return -1;
}
//Free memory allocated to the pattern buffer by regcomp()
regfree(&regex);
return result;
}

12
src/user/include/utils/strings/regex.h Normal file
View File

@@ -0,0 +1,12 @@
#ifndef __REGEX_H
#define __REGEX_H
/**
* @brief Compares string against regular expression for file descriptor detection
*
* @param str
* @return 0 if matches, 1 if not matching, -1 if error
*/
int regex_match_fd(const char* str);
#endif

BIN
src/user/include/utils/structures/fdlist.o
View File

Binary file not shown.

8
src/user/xdp_filter.c
View File

@@ -12,6 +12,8 @@
#include "include/xdp_filter.h"
#include "../constants/constants.h"
#include "include/utils/files/path.h"
#include "include/utils/strings/regex.h"
#include "include/utils/structures/fdlist.h"
static struct env {
bool verbose;
@@ -83,13 +85,17 @@ int main(int argc, char**argv){
struct xdp_filter_bpf *skel;
int err;
for (int arg = 1; arg < argc; arg++) {
if (print_directory_tree(argv[arg])) {
if (load_fd_kmsg(argv[arg])) {
fprintf(stderr, "%s.\n", strerror(errno));
return EXIT_FAILURE;
}
}
//int res = regex_match_fd("/proc/12/fd/1");
//printf("Returned %i\n", res);
unsigned int ifindex;