Copy Link
Add to Bookmark
Report
6x15 yellowpa
/* YELLOWPAGE - simple C library intended to be used with
/* LD_PRELOAD to simplify the finding of symlink bugs
/* Compile with:
/* gcc -fPIC -c yellowpage.c -o yellowpage.o
/* gcc -shared yellowpage.o -o yelowpage.so -ldl
/* Use :
/* root@gibson:~#export LD_PRELOAD="/root/yellowpage.so"
/* root@gibson:~#
/* SUID binaries require you to be root to run them with
/* LD_PRELOAD.
/* anikolic@phearless.org
/* anikolic.phearless.org
/* www.phearless.org */
#define _GNU_SOURCE
#include <stdio.h>
#include <dlfcn.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/stat.h>
static void *(*orig_fopen)();
static void *(*orig_open)();
FILE *fopen(const char *filename, const char *mode)
{
FILE *fd = NULL;
FILE *log;
FILE *procinfo;
char procpath[32];
char progname[32];
if (!orig_fopen) orig_fopen = (void *(*)()) dlsym(RTLD_NEXT, "fopen");
snprintf(procpath,30,"/proc/%d/cmdline",getpid());
procinfo = orig_fopen(procpath,"r");
fgets(progname,30,procinfo);
log = orig_fopen("yp.fopen.log","a+");
/*if(strcmp(mode,"r") && strcmp(mode,"rb"))*/
fprintf(log,"%s fopen(%s,%s)\n",progname,filename,mode);
fd = orig_fopen(filename, mode);
fclose(procinfo);
fclose(log);
return(fd);
}
int open(const char *pathname , int flags)
{
int fd ;
FILE *log;
FILE *procinfo;
char procpath[32];
char progname[32];
if(!orig_open) orig_open = (void *(*)()) dlsym(RTLD_NEXT,"open");
snprintf(procpath,30,"/proc/%d/cmdline",getpid());
procinfo = orig_fopen(procpath,"r");
fgets(progname,30,procinfo);
log = orig_fopen("yp.open.log","a+");
/*if(!(flags == 0))*/ fprintf(log,"%s open(%s,%d)\n",progname,pathname,flags);
fd = (int)orig_open(pathname, flags);
fclose(procinfo);
fclose(log);
return(fd);
}
