如何在内核中获得可读密码
How to get readable pwd in kernel
我想获取当前目录,这是我的尝试
asmlinkage ssize_t fake_read(int __fd, void *__buf, size_t __nbytes){
struct path pwd;
get_fs_pwd(current->fs,&pwd);
char x[1000];
dentry_path_raw(pwd.dentry,x,999);
fm_alert("read:%s\n",x);
return real_read(__fd,__buf,__nbytes);
}
然而,我得到的输出是这样的
[ 2170.293439] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293466] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293483] fsmonko.fake_read: read:\xffffffd8;\xffffff9b\xffffff84
[ 2170.293500] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293524] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293550] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293556] fsmonko.fake_read: read:\xffffffd8;\xffffff9b\xffffff84
它应该打印可读密码,怎么了?
我的内核版本是4.13.0-36-genericUbuntu16.04.
dentry_path_raw 将路径放在缓冲区的末尾。缓冲区的开头(您正在打印)仍然包含垃圾。路径的实际起点是值 dentry_path_raw returns。尝试
char * path = dentry_path_raw(pwd.dentry,x,999);
fm_alert("read:%s\n", path);
我想获取当前目录,这是我的尝试
asmlinkage ssize_t fake_read(int __fd, void *__buf, size_t __nbytes){
struct path pwd;
get_fs_pwd(current->fs,&pwd);
char x[1000];
dentry_path_raw(pwd.dentry,x,999);
fm_alert("read:%s\n",x);
return real_read(__fd,__buf,__nbytes);
}
然而,我得到的输出是这样的
[ 2170.293439] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293466] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293483] fsmonko.fake_read: read:\xffffffd8;\xffffff9b\xffffff84
[ 2170.293500] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293524] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293550] fsmonko.fake_read: read:ػ\xffffffaf\xffffff80
[ 2170.293556] fsmonko.fake_read: read:\xffffffd8;\xffffff9b\xffffff84
它应该打印可读密码,怎么了?
我的内核版本是4.13.0-36-genericUbuntu16.04.
dentry_path_raw 将路径放在缓冲区的末尾。缓冲区的开头(您正在打印)仍然包含垃圾。路径的实际起点是值 dentry_path_raw returns。尝试
char * path = dentry_path_raw(pwd.dentry,x,999);
fm_alert("read:%s\n", path);