Sindbad~EG File Manager
# gethostname ________________________________________________
# long sys_gethostname(char __user *name, int len)
@define _SYSCALL_GETHOSTNAME_NAME
%(
name = "gethostname"
%)
@define _SYSCALL_GETHOSTNAME_ARGSTR
%(
argstr = sprintf ("%p, %d", name_uaddr, len)
%)
probe syscall.gethostname = dw_syscall.gethostname !, nd_syscall.gethostname ? {}
probe syscall.gethostname.return = dw_syscall.gethostname.return !, nd_syscall.gethostname.return ? {}
# dw_gethostname _____________________________________________________
probe dw_syscall.gethostname = kernel.function("sys_gethostname").call ?
{
@_SYSCALL_GETHOSTNAME_NAME
name_uaddr = $name
len = __int32($len)
@_SYSCALL_GETHOSTNAME_ARGSTR
}
probe dw_syscall.gethostname.return = kernel.function("sys_gethostname").return ?
{
@_SYSCALL_GETHOSTNAME_NAME
@SYSC_RETVALSTR($return)
}
# nd_gethostname _____________________________________________________
probe nd_syscall.gethostname = kprobe.function("sys_gethostname") ?
{
@_SYSCALL_GETHOSTNAME_NAME
asmlinkage()
name_uaddr = pointer_arg(1)
len = int_arg(2)
@_SYSCALL_GETHOSTNAME_ARGSTR
}
probe nd_syscall.gethostname.return = kprobe.function("sys_gethostname").return ?
{
@_SYSCALL_GETHOSTNAME_NAME
@SYSC_RETVALSTR(returnval())
}
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists