Linux host2.homegym.sg 4.18.0-553.8.1.el8_10.x86_64 #1 SMP Tue Jul 2 07:26:33 EDT 2024 x86_64
Apache
Server IP : 159.223.38.192 & Your IP : 159.223.38.192
Domains : 20 Domain
User : eachadea
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Lock Shell
Lock File++
Readme
/
usr /
src /
file_protector-1.1-1583 /
Delete
Unzip
Name
Size
Permission
Date
Action
common
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
ftrace_hooks
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
lsm_hooks
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
syscall_hooks
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
transport
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
Kbuild
10.29
KB
-rw-r--r--
2025-10-28 18:03
Makefile
2.23
KB
-rw-r--r--
2025-10-28 18:03
compat.c
8.42
KB
-rw-r--r--
2025-10-28 18:03
compat.h
11.98
KB
-rw-r--r--
2025-10-28 18:03
debug.h
3.56
KB
-rw-r--r--
2025-10-28 18:03
dkms.conf
146
B
-rw-r--r--
2025-10-28 18:03
file_contexts.c
60.43
KB
-rw-r--r--
2025-10-28 18:03
file_contexts.h
6.21
KB
-rw-r--r--
2025-10-28 18:03
file_contexts_priv.h
5.48
KB
-rw-r--r--
2025-10-28 18:03
file_handle_tools.h
2.53
KB
-rw-r--r--
2025-10-28 18:03
file_key_tools.h
950
B
-rw-r--r--
2025-10-28 18:03
file_path_tools.h
2.09
KB
-rw-r--r--
2025-10-28 18:03
hashtable_compat.h
2.73
KB
-rw-r--r--
2025-10-28 18:03
hook_trampoline_common.h
4.29
KB
-rw-r--r--
2025-10-28 18:03
interval_tree.h
779
B
-rw-r--r--
2025-10-28 18:03
memory.c
3.31
KB
-rw-r--r--
2025-10-28 18:03
memory.h
2.99
KB
-rw-r--r--
2025-10-28 18:03
module.c
2.67
KB
-rw-r--r--
2025-10-28 18:03
module_ref.h
421
B
-rw-r--r--
2025-10-28 18:03
module_rundown_protection.c
3.64
KB
-rw-r--r--
2025-10-28 18:03
module_rundown_protection.h
743
B
-rw-r--r--
2025-10-28 18:03
path_tools.h
6.06
KB
-rw-r--r--
2025-10-28 18:03
rundown_protection.c
4.2
KB
-rw-r--r--
2025-10-28 18:03
rundown_protection.h
2.83
KB
-rw-r--r--
2025-10-28 18:03
safe_kobject.h
1.28
KB
-rw-r--r--
2025-10-28 18:03
si_common.h
4.3
KB
-rw-r--r--
2025-10-28 18:03
si_fp_properties.h
858
B
-rw-r--r--
2025-10-28 18:03
si_fp_properties_x.h
18.53
KB
-rw-r--r--
2025-10-28 18:03
si_fp_value_types.h
515
B
-rw-r--r--
2025-10-28 18:03
si_fp_value_types_x.h
1.25
KB
-rw-r--r--
2025-10-28 18:03
si_size.h
4.26
KB
-rw-r--r--
2025-10-28 18:03
si_templates.h
2.99
KB
-rw-r--r--
2025-10-28 18:03
si_writer.h
7.52
KB
-rw-r--r--
2025-10-28 18:03
si_writer_common.h
14.63
KB
-rw-r--r--
2025-10-28 18:03
stringify.h
261
B
-rw-r--r--
2025-10-28 18:03
task_info_map.c
17.1
KB
-rw-r--r--
2025-10-28 18:03
task_info_map.h
6.33
KB
-rw-r--r--
2025-10-28 18:03
task_tools.h
1.34
KB
-rw-r--r--
2025-10-28 18:03
tracepoints.c
3.58
KB
-rw-r--r--
2025-10-28 18:03
tracepoints.h
299
B
-rw-r--r--
2025-10-28 18:03
write_protection.h
2.2
KB
-rw-r--r--
2025-10-28 18:03
Save
Rename
/** @file si_common.h @brief Copy of System Interceptors common structures for driver usage @details Copyright (c) 2024 Acronis International GmbH @author Denis Kopyrin (denis.kopyrin@acronis.com) @since $Id: $ */ #pragma once #ifndef BPF_PROGRAM #include "transport_protocol.h" #else #include "bpf_protocol_transport.h" #endif // !!! Properties here must match exactly av-sdk !!! #if !defined PACKED #define PACKED __attribute__((packed)) #endif typedef msg_type_t SiOperationType; typedef enum { SI_PI_UNKNOWN = 0, SI_PI_EVENT_UID, SI_PI_THREAD_ID, SI_PI_THREAD_UID, SI_PI_PROCESS_ID, SI_PI_PROCESS_UID, SI_PI_PARENT_PROCESS_ID, SI_PI_PARENT_PROCESS_UID, SI_PI_OBJECT_NAME, SI_PI_TARGET_NAME, SI_PI_OBJECT_ID, SI_PI_TARGET_ID, SI_PI_OBJECT_REGION, SI_PI_FLAGS, SI_PI_IMAGE_FILE_NAME, SI_PI_COMMAND_LINE, SI_PI_PROCESS_FILE_NAME_IS_NOT_PATH, SI_PI_TERMINATED_PROCESS, // ... SI_PI_FILE_MODIFIED = 39, // ... SI_PI_ACCESS_MODE = 41, SI_PI_FILE_POS, SI_PI_PROTECTION, SI_PI_CONTROL_COMMAND, SI_PI_CONTROL_ARG, SI_PI_USER_ID, SI_PI_GROUP_ID, // ... SI_PI_EVENT_TIMESTAMP = 53, SI_PI_PROCESS_START_TIMESTAMP, // ... SI_PI_VOLUME_ID_LOW = 80, SI_PI_VOLUME_ID_HIGH, // ... SI_PI_CURRENT_WORKING_DIRECTORY = 89, // ... SI_PI_SYSTEM_TIME_OLD_TIMESTAMP = 93, SI_PI_SYSTEM_TIME_NEW_TIMESTAMP, SI_PI_ARTIFICIAL_PROCESS_START_TIMESTAMP, SI_PI_PARENT_ARTIFICIAL_PROCESS_START_TIMESTAMP, // ... SI_PI_EFFECTIVE_USER_ID = 99, SI_PI_EFFECTIVE_GROUP_ID, SI_PI_FILE_TYPE, SI_PI_SAVED_USER_ID, SI_PI_SAVED_GROUP_ID, SI_PI_AUDIT_USER_ID, SI_PI_AUDIT_SESSION_ID, SI_PI_PROCESS_ID_VERSION, SI_PI_RESPONSIBLE_PROCESS_ID, SI_PI_RESPONSIBLE_PROCESS_ARTIFICIAL_START_TIMESTAMP, SI_PI_FILE_ATTRIBUTES, SI_PI_FILE_CHANGE_TIME, SI_PI_FILE_BIRTH_TIME, SI_PI_FILE_ACCESS_TIME, SI_PI_FILE_MODIFICATION_TIME, SI_PI_UNIX_EXEC_TYPE, // ... SI_PI_OBJECT_FILE_HANDLE = 116, // ... SI_PI_PARENT_PROCESS_START_TIMESTAMP = 119, // ... SI_PI_SOCKET_PORT = 124, SI_PI_SOCKET_FAMILY, SI_PI_SOCKET_PROTOCOL, SI_PI_SOCKET_ADDRESS, SI_PI_NETWORK_HOST, SI_PI_NETWORK_URL, SI_PI_HTTP_METHOD, SI_PI_CGROUP_NAME, } SiPropertyId; typedef enum { SI_VT_SIGNED8_TYPE = 0, SI_VT_SIGNED16_TYPE, SI_VT_SIGNED32_TYPE, SI_VT_SIGNED64_TYPE, SI_VT_UNSIGNED8_TYPE, SI_VT_UNSIGNED16_TYPE, SI_VT_UNSIGNED32_TYPE, SI_VT_UNSIGNED64_TYPE, SI_VT_BYTE_ARRAY_TYPE, ///< SiVector SI_VT_UTF8_STRING_TYPE, ///< SiVector SI_VT_UTF16_STRING_TYPE, ///< SiVector SI_VT_OBJECT_ID_TYPE, ///< SiObjectId SI_VT_REGION_TYPE, ///< SiRegion SI_VT_BOOLEAN_TYPE, ///< uint8_t : 0 = false, not 0 = true SI_VT_BLOB_TYPE, ///< SiBLOB SI_VT_MAX_PROPERTY_VALUE_TYPE } SiPropertyValueType; typedef struct PACKED { uint32_t SizeInBytes; uint8_t VectorBuffer[]; } SiVector; typedef struct PACKED { uint32_t Size; uint16_t PropertyId; ///< SiPropertyId enum type uint8_t ValueType; ///< SiPropertyValueType enum type uint8_t ValueBuffer[]; } SiProperty; typedef struct PACKED { uint64_t Start; uint64_t Length; } SiRegion; typedef enum { SI_CT_PRE_CALLBACK, SI_CT_POST_CALLBACK, } SiOpCallbackType; typedef enum { // Process performed 'exec' syscall SI_UNIX_EXEC_TYPE_EXEC, // Process created as a result of 'posix_spawn' syscall SI_UNIX_EXEC_TYPE_POSIX_SPAWN, // Process was detected to have audit token EXEC for which was not sent previously. // Such event triggers 'fake' EXEC for BE to handle SI_UNIX_EXEC_TYPE_GENERATED, } SiUnixExecType; typedef struct PACKED { uint32_t Size; uint16_t Operation; ///< SiOperationType enum type uint16_t CallbackType; ///< SiOpCallbackType enum type uint64_t ProcessUID; uint32_t PropertiesNumber; SiProperty FirstProperty[]; } SiEvent; typedef struct PACKED { uint32_t Size; uint32_t PropertiesNumber; SiProperty FirstProperty[]; } SiInfo; typedef struct PACKED { uint64_t DeviceId; uint64_t Id; } SiObjectId; typedef struct PACKED { uint64_t microseconds; } SiTimeMicroseconds; // Mapped to SiRegion typedef struct PACKED { uint64_t seconds; uint64_t nanoseconds; } SiTimeSpec; typedef struct { const char* value; uint32_t length; } SiSizedString; typedef struct { const void* value; uint32_t length; } SiSizedBuffer;