www.pudn.com > rootkit.zip > UNIX.C
/* * Copyright (c) 1983 Regents of the University of California. * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. */ #ifndef lint static char sccsid[] = "@(#)unix.c 1.1 91/11/13 SMI"; /* from UCB 5.3 5/8/86 */ #endif /* * Display protocol blocks in the unix domain. */ #include#include #include #include #include #include #include #define KERNEL #include int Aflag; int kread(); unixpr(nfileaddr, fileaddr, unixsw) off_t nfileaddr, fileaddr; struct protosw *unixsw; { register struct file *fp; struct file *filep; struct socket sock, *so = &sock; if (nfileaddr == 0 || fileaddr == 0) { printf("nfile or file not in namelist.\n"); return; } if (kread(nfileaddr, &nfile, sizeof (nfile)) != sizeof (nfile)) { printf("nfile: bad read.\n"); return; } if (kread(fileaddr, &filep, sizeof (filep)) != sizeof (filep)) { printf("File table address, bad read.\n"); return; } file = (struct file *)calloc(nfile, sizeof (struct file)); if (file == (struct file *)0) { printf("Out of memory (file table).\n"); return; } if (kread((off_t)filep, file, nfile * sizeof (struct file)) != nfile * sizeof (struct file)) { printf("File table read error.\n"); return; } fileNFILE = file + nfile; for (fp = file; fp < fileNFILE; fp++) { if (fp->f_count == 0 || fp->f_type != DTYPE_SOCKET) continue; if (kread(fp->f_data, so, sizeof (*so)) != sizeof (*so)) continue; /* kludge */ if (so->so_proto >= unixsw && so->so_proto <= unixsw + 2) if (so->so_pcb) unixdomainpr(so, fp->f_data); } free((char *)file); } static char *socktype[] = { "#0", "stream", "dgram", "raw", "rdm", "seqpacket" }; unixdomainpr(so, soaddr) register struct socket *so; caddr_t soaddr; { struct unpcb unpcb, *unp = &unpcb; struct mbuf mbuf, *m; struct sockaddr_un *sa; static int first = 1; if (kread(so->so_pcb, unp, sizeof (*unp)) != sizeof (*unp)) return; if (unp->unp_addr) { m = &mbuf; if (kread(unp->unp_addr, m, sizeof (*m)) != sizeof (*m)) m = (struct mbuf *)0; sa = mtod(m, struct sockaddr_un *); } else m = (struct mbuf *)0; if (first) { printf("Active UNIX domain sockets\n"); printf( "%-8.8s %-6.6s %-6.6s %-6.6s %8.8s %8.8s %8.8s %8.8s Addr\n", "Address", "Type", "Recv-Q", "Send-Q", "Vnode", "Conn", "Refs", "Nextref"); first = 0; } printf("%8x %-6.6s %6d %6d %8x %8x %8x %8x", soaddr, socktype[so->so_type], so->so_rcv.sb_cc, so->so_snd.sb_cc, unp->unp_vnode, unp->unp_conn, unp->unp_refs, unp->unp_nextref); if (m) printf(" %.*s", m->m_len - sizeof(sa->sun_family), sa->sun_path); putchar('\n'); }