Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <linux/input.h>
- #include <linux/uinput.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <fcntl.h>
- #include <unistd.h>
- #include <stdlib.h>
- #include <string.h>
- char translate(int code)
- {
- if (code >= 16 && code <= 25) {
- return "qwertyuiop"[code - 16];
- }
- if (code >= 30 && code <= 38) {
- return "asdfghjkl"[code - 30];
- }
- if (code >= 44 && code <= 50) {
- return "zxcvbnm"[code - 44];
- }
- return '\0';
- }
- int main(int argc, char *argv[])
- {
- int i, fd;
- struct input_event ev;
- srand(0);
- printf("Google Chrome process found, PID: 12907\n");
- printf("Injecting exploit into target process "); fflush(stdout);
- for (i = 0 ; i < 4 ; i++) {
- printf("."); fflush(stdout);
- usleep(1000000);
- }
- printf(" success!\n");
- printf("Base target address: %p\n", &ev);
- fd = open("/dev/input/event14", O_RDONLY);
- if (fd < 0) {
- fprintf(stderr, "cannot open input\n");
- return 1;
- }
- while (1) {
- int ret = read(fd, &ev, sizeof(ev));
- if (ret != sizeof(ev)) {
- fprintf(stderr, "unexpected read count\n");
- continue;
- }
- if (ev.type == EV_KEY && ev.value == 1) {
- printf("Malicious read at %lx (success) -> char:%c\n", 0xffffffff00000000 + rand(), translate(ev.code));
- }
- }
- return 0;
- }
Add Comment
Please, Sign In to add comment
