Hooking a Communication Protocol

Listing 2-3 is an example communication protocol hook designed to output a debug message whenever an Internet Control Message Protocol (ICMP) redirect for Type of Service and Host message containing the phrase Shiny is received.

Note

An ICMP redirect for Type of Service and Host message contains a type field of 5 and a code field of 3.

 #include <sys/param.h> #include <sys/proc.h> #include <sys/module.h> #include <sys/kernel.h> #include <sys/systm.h> #include <sys/mbuf.h> #include <sys/protosw.h> #include <netinet/in.h> #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/ip_icmp.h> #include <netinet/ip_var.h> #define TRIGGER "Shiny." extern struct protosw inetsw[]; pr_input_t icmp_input_hook; /* ...

Get Designing BSD Rootkits now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Designing BSD Rootkits by

Hooking a Communication Protocol

Note

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly