API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 23rd, 2013
145
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 4.45 KB | None | 0 0
raw download clone embed print report
  1. #include "Debugger.h"
  2. #include <libgen.h>
  3. #include <string.h>
  4. #include <sys/reg.h>
  5. #include <sys/ptrace.h>
  6. #include <sys/types.h>
  7. #include <sys/wait.h>
  8. #include <unistd.h>
  9. #include <stdio.h>
  10. #include <sys/syscall.h>
  11. #include <stdlib.h>
  12. #include <sys/user.h>
  13. #include <iostream>
  14. #include "DebuggerListener.h"
  15.  
  16. #define CLEARBIT(x, b) x &= ~b
  17. #define TESTBIT(x, b) x & b
  18. #define SETBIT(x, b) x |= b
  19.  
  20.  
  21. Debugger::Debugger(char *execName, bool prompt, int flag): inside(false), flag(flag), prompt(prompt)
  22. {
  23.     this->execName = (char*)malloc(sizeof(char)*strlen(execName));
  24.  
  25.     strcpy(this->execName, execName);
  26.  
  27.     pathToExec = this->execName;
  28.  
  29.     execName = basename(this->execName);
  30. }
  31.  
  32. void Debugger::DebugInfo(bool state, int type, pid_t pid)
  33. {
  34.     user_regs_struct regs;
  35.  
  36.  
  37.     ptrace(PTRACE_GETREGS, pid,
  38.                             NULL, &regs);
  39.     //long int eax;
  40.  
  41.     //eax = ptrace(PTRACE_PEEKUSER,
  42.     //             pid, 4 * EAX,
  43.     //             NULL);
  44.  
  45.  
  46.     switch(type)
  47.     {
  48.         case DebuggerListener::EXEC:
  49.         {
  50.             //if(!state)
  51.                 printf("Exec called with parameters: %ld.\n", regs.ebx);
  52.             //else
  53.             //  printf("Exec returned: %ld.\n", eax);
  54.  
  55.             break;
  56.         }
  57.         case DebuggerListener::FORK:
  58.         {
  59.             if(!state)
  60.                 printf("Fork called.\n");
  61.             else
  62.             {
  63.                 printf("Fork returned: %ld\n", regs.eax);
  64.             }
  65.  
  66.             break;
  67.         }
  68.         case DebuggerListener::WAIT4:
  69.         {
  70.             if(!state)
  71.                 printf("Wait4 called with parameters: %ld - %ld - %ld.\n", regs.ebx, regs.ecx, regs.edx);
  72.             else
  73.                 printf("Wait4 returned: %ld.\n", regs.eax);
  74.  
  75.             break;
  76.         }
  77.         case DebuggerListener::KILL:
  78.         {
  79.             if(!state)
  80.                 printf("Kill called with parameters: %ld - %ld.\n", regs.ebx, regs.ecx);
  81.             else
  82.                 printf("Kill returned: %ld.\n", regs.eax);
  83.  
  84.             break;
  85.         }
  86.         case DebuggerListener::OPEN:
  87.         {
  88.             if(!state)
  89.                 printf("Open called with parameters: %ld - %ld - %ld.\n", regs.ebx, regs.ecx, regs.edx);
  90.                 //std::cout << "Open called with parameters:" << regs.ebx << " - " << regs.ecx << " - " << regs.edx << std::endl;
  91.             else
  92.                 printf("Open returned: %ld.\n", regs.eax);
  93.  
  94.             break;
  95.         }
  96.         case DebuggerListener::CLOSE:
  97.         {
  98.             if(!state)
  99.                 printf("Close called with parameters: %ld.\n", regs.ebx);
  100.             else
  101.                 printf("Close returned: %ld.\n", regs.eax);
  102.  
  103.             break;
  104.         }
  105.         case DebuggerListener::WRITE:
  106.         {
  107.             if(!state)
  108.                 printf("Write called with parameters: %ld - %ld - %ld.\n", regs.ebx, regs.ecx, regs.edx);
  109.             else
  110.                 printf("Write returned: %ld.\n", regs.eax);
  111.  
  112.             break;
  113.         }
  114.         case DebuggerListener::READ:
  115.         {
  116.             if(!state)
  117.                 printf("Read called with parameters: %ld - %ld - %ld.\n", regs.ebx, regs.ecx, regs.edx);
  118.             else
  119.                 printf("Read returned: %ld.\n", regs.eax);
  120.  
  121.             break;
  122.         }
  123.     }
  124. }
  125.  
  126. void Debugger::startDebugging()
  127. {
  128.     pid_t child;
  129.     long int orig_eax;
  130.     int status;
  131.  
  132.     child = fork();
  133.  
  134.     if(child == 0)
  135.     {
  136.         ptrace(PTRACE_TRACEME, 0, NULL, NULL);
  137.  
  138.         if(execl(pathToExec, execName, NULL))
  139.             printf("Exec failed.\n");
  140.     }
  141.     else
  142.     {
  143.         while(1)
  144.         {
  145.             wait(&status);
  146.  
  147.             if(WIFEXITED(status) || WIFSIGNALED(status))
  148.                 break;
  149.  
  150.             orig_eax = ptrace(PTRACE_PEEKUSER,
  151.                               child, 4 * ORIG_EAX,
  152.                               NULL);
  153.  
  154.  
  155.             int type = -1;
  156.  
  157.             if(TESTBIT(flag, PROC))
  158.             {
  159.                 if(orig_eax == SYS_execve)
  160.                 {
  161.                     inside = true;
  162.  
  163.                     type = DebuggerListener::EXEC;
  164.                 }
  165.                 else if(orig_eax == SYS_fork)
  166.                 {
  167.                     type = DebuggerListener::FORK;
  168.                 }
  169.                 else if(orig_eax == SYS_wait4)
  170.                 {
  171.                     type = DebuggerListener::WAIT4;
  172.                 }
  173.                 else if(orig_eax == SYS_kill)
  174.                 {
  175.                     type = DebuggerListener::KILL;
  176.                 }
  177.             }
  178.  
  179.             if(TESTBIT(flag, FILE))
  180.             {
  181.                 if(orig_eax == SYS_open)
  182.                 {
  183.                     type = DebuggerListener::OPEN;
  184.                 }
  185.                 else if(orig_eax == SYS_close)
  186.                 {
  187.                     type = DebuggerListener::CLOSE;
  188.                 }
  189.                 else if(orig_eax == SYS_write)
  190.                 {
  191.                     type = DebuggerListener::WRITE;
  192.                 }
  193.                 else if(orig_eax == SYS_read)
  194.                 {
  195.                     type = DebuggerListener::READ;
  196.                 }
  197.             }
  198.  
  199.             if(type != -1)
  200.             {
  201.                 DebugInfo(inside, type, child);
  202.  
  203.                 inside = !inside;
  204.  
  205.                 if(prompt)
  206.                 {
  207.                     char answer;
  208.  
  209.                     printf("Do you want to keep tracking the proccess?[y/n]: ");
  210.                     scanf("%c", &answer);
  211.                     printf("\n");
  212.  
  213.                     if(answer == 'n')
  214.                     {
  215.                         kill(child, SIGTERM);
  216.  
  217.                         break;
  218.                     }
  219.  
  220.                 }
  221.             }
  222.  
  223.  
  224.             ptrace(PTRACE_SYSCALL, child, NULL, NULL);
  225.         }
  226.     }
  227. }
  228.  
  229. Debugger::~Debugger()
  230. {
  231.     free(pathToExec);
  232. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!