Sindbad~EG File Manager
#!/usr/bin/stap
function cast_char_to_unsigned_char (val:long)
{
if (val < 0) {
return val + 256;
} else {
return val;
}
}
function print_buffer (buf:long, len:long)
{
for (i = 0; i < len; i++) {
printf("%02x", cast_char_to_unsigned_char(user_char(buf + i)));
}
}
probe process("/usr/lib*/libssl.so.*").function("tls1_generate_master_secret").return !,
process("/usr/lib/*/libssl.so.*").function("tls1_generate_master_secret").return
{
printf("# %d %s %s (%d)\n", gettimeofday_us(), pp(), execname(), pid());
printf("CLIENT_RANDOM ");
print_buffer(@entry($s->s3->client_random), 32);
printf(" ");
print_buffer(@entry($out), $return);
printf("\n");
}
probe process("/usr/lib*/libgnutls.so.*").function("generate_normal_master").return !,
process("/usr/lib/*/libgnutls.so.*").function("generate_normal_master").return
{
printf("# %d %s %s (%d)\n", gettimeofday_us(), pp(), execname(), pid());
printf("CLIENT_RANDOM ");
print_buffer(@entry($session) + 72, 32);
printf(" ");
print_buffer(@entry($session) + 24, 48);
printf("\n");
}
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists