Linux server2.hpierson.com 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64
Apache
: 162.0.216.123 | : 216.73.216.152
28 Domain
?7.4.33
yvffpqmy
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
share /
systemtap /
tapset /
linux /
i386 /
[ HOME SHELL ]
Name
Size
Permission
Action
aux_syscalls.stp
2.94
KB
-rw-r--r--
sysc_execve.stp
1.94
KB
-rw-r--r--
sysc_get_thread_area.stp
2.31
KB
-rw-r--r--
sysc_iopl.stp
2.4
KB
-rw-r--r--
sysc_ipc.stp
1.49
KB
-rw-r--r--
sysc_mmap2.stp
2.42
KB
-rw-r--r--
sysc_set_thread_area.stp
2.24
KB
-rw-r--r--
sysc_set_zone_reclaim.stp
1.53
KB
-rw-r--r--
sysc_sigaltstack.stp
2.63
KB
-rw-r--r--
sysc_vm86.stp
1.05
KB
-rw-r--r--
sysc_vm86old.stp
1.13
KB
-rw-r--r--
syscall_num.stp
28.63
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : sysc_iopl.stp
# iopl _______________________________________________________ # long sys_iopl(unsigned long unused) # NOTE. This function is only in i386 and x86_64 and its args vary # between those two archs. # el5: asmlinkage long sys_iopl(unsigned long unused) # el6: long sys_iopl(struct pt_regs *regs) # [ ... ] unsigned int level = regs->bx; # f20: SYSCALL_DEFINE1(iopl, unsigned int, level) # @define _SYSCALL_IOPL_NAME %( name = "iopl" %) @define _SYSCALL_IOPL_ARGSTR %( argstr = sprint(level) %) @define _SYSCALL_IOPL_REGARGS %( level = uint_arg(1) %) probe syscall.iopl = dw_syscall.iopl !, nd_syscall.iopl {} probe syscall.iopl.return = dw_syscall.iopl.return !, nd_syscall.iopl.return {} # dw_iopl _____________________________________________________ probe dw_syscall.iopl = kernel.function("sys_iopl") { @_SYSCALL_IOPL_NAME level = __uint32(@choose_defined($level, @choose_defined($unused, $regs->bx))) @_SYSCALL_IOPL_ARGSTR } probe dw_syscall.iopl.return = kernel.function("sys_iopl").return { @_SYSCALL_IOPL_NAME @SYSC_RETVALSTR($return) } # nd_iopl _____________________________________________________ probe nd_syscall.iopl = nd1_syscall.iopl!, nd2_syscall.iopl!, tp_syscall.iopl { } probe nd1_syscall.iopl = kprobe.function("sys_iopl") { @_SYSCALL_IOPL_NAME asmlinkage() @_SYSCALL_IOPL_REGARGS @_SYSCALL_IOPL_ARGSTR } /* kernel 4.17+ */ probe nd2_syscall.iopl = kprobe.function(@arch_syscall_prefix "sys_iopl") ? { __set_syscall_pt_regs(pointer_arg(1)) @_SYSCALL_IOPL_NAME @_SYSCALL_IOPL_REGARGS @_SYSCALL_IOPL_ARGSTR } /* kernel 3.5+, but undesirable because it affects all syscalls */ probe tp_syscall.iopl = kernel.trace("sys_enter") { __set_syscall_pt_regs($regs) @__syscall_gate(@const("__NR_iopl")) @_SYSCALL_IOPL_NAME @_SYSCALL_IOPL_REGARGS @_SYSCALL_IOPL_ARGSTR } probe nd_syscall.iopl.return = nd1_syscall.iopl.return!, nd2_syscall.iopl.return!, tp_syscall.iopl.return { } probe nd1_syscall.iopl.return = kprobe.function("sys_iopl").return { @_SYSCALL_IOPL_NAME @SYSC_RETVALSTR(returnval()) } /* kernel 4.17+ */ probe nd2_syscall.iopl.return = kprobe.function(@arch_syscall_prefix "sys_iopl").return ? { @_SYSCALL_IOPL_NAME @SYSC_RETVALSTR(returnval()) } /* kernel 3.5+, but undesirable because it affects all syscalls */ probe tp_syscall.iopl.return = kernel.trace("sys_exit") { __set_syscall_pt_regs($regs) @__syscall_gate(@const("__NR_iopl")) @_SYSCALL_IOPL_NAME @SYSC_RETVALSTR($ret) }
Close
