Makefile
obj-m :=pinfo-binpath.o
KERNELDIR ?= /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
all:
$(MAKE) -C $(KERNELDIR) M=$(PWD)
clean:
rm -rf *.o *~ core .depend .*.cmd *.ko *.mod.c .tmp_versions
insmod pinfo-binpath.ko process_id="4195"
tail /var/log/kern.log
源码:
https://github.com/haidragon/linux-rootkits-red-blue-teams/tree/master/008-processinfo-binarylocation
转载于:https://blog.51cto.com/haidragon/2389905