def checkFingerprints(self, fd) :
syscalls_hijack = []
end = 0
self.getSyscalls()
self.getOpcodes()
i = fd.readline()
liste = i.split()
while(liste != [] and end == 0):
if(liste[0] != '#') :
self.syscalls_fingerprints.map_syscalls[int(liste[0])] = [string.atol(liste[1], 16), liste[3] + " " + liste[4]]
else :
if(len(liste) > 1) :
if(liste[1] == "END"):
end = -1
i = fd.readline()
liste = i.split()
print "++ Checking Syscalls Fingerprints !!!"
for i in self.lists_syscalls:
if((self.syscalls_fingerprints.map_syscalls[i[0]][0] != self.syscalls_mem.map_syscalls[i[0]][0]) or (self.syscalls_fingerprints.map_syscalls[i[0]][1] != self.syscalls_mem.map_syscalls[i[0]][1])):
syscalls_hijack.append([i[0], i[1]])
if(syscalls_hijack != []):
print "\t** LISTS OF SYSCALLS HIJACK !!"
for i in syscalls_hijack:
print "\t\t** %d\t %-15s" %(i[0], i[1])
print "\n\t** PLEASE REINSTALL YOUR SYSTEM NOW !!!"
else:
print "\t** NO SYSCALLS HIJACK"
评论列表
文章目录
