Results 1 to 11 of 11

Thread: grabpkg

  1. #1
    Join Date
    Nov 2002
    Posts
    1,077

    grabpkg

    So I made a grabpkg that runs on the native 2.4.20 tivo kernel (it dynamically finds the sys_call_table). Is everyone else running custom kernels to capture slices? I could post the changes if there's interest.

  2. #2
    Join Date
    Nov 2004
    Location
    Gurnee, IL
    Posts
    2,385
    Please do. Not running a custom kernel, just a kernel module from AO.
    --
    Christopher D. Heer
    Quote Originally Posted by Oscar Wilde
    Perhaps, after all, America never has been discovered. I myself would say that it had merely been detected.

  3. #3
    Join Date
    Nov 2002
    Posts
    1,077
    Quote Originally Posted by cheer
    Please do. Not running a custom kernel, just a kernel module from AO.
    Oh, so it's been done already? Ie if the AO kernel module works on stock tivo kernels then a new grabpkg is unnecessary.
    Last edited by bcc; 07-10-2006 at 03:36 PM.

  4. #4
    Join Date
    Nov 2004
    Location
    Gurnee, IL
    Posts
    2,385
    From AO, courtesy of embeem:
    Code:
    #include <linux/module.h>
    #include <linux/kernel.h>
    #include <linux/sched.h>
    #include <syscall.h>
    #include <linux/fs.h>
    #include <strings.h>
    #include <asm/uaccess.h>
    #include <sys/mman.h>
    
    extern void *sys_call_table[];
    extern struct task_struct *current_set[NR_CPUS];
    
    static asmlinkage int (*orig_open)(const char * filename,int flags,int mode);
    static asmlinkage int (*link)(const char * oldname, const char * newname);
    static asmlinkage int (*symlink)(const char * oldname, const char * newname);
    
    extern unsigned long do_mmap(struct file * file, unsigned long addr, unsigned long len,
            unsigned long prot, unsigned long flags, unsigned long off);
    extern int do_munmap(unsigned long, size_t);
    
    static char *from    = "/var/packages/";
    static int  from_len = 14;
    MODULE_PARM(from,"s");
    
    static char *to      = "/tmp/";
    static int to_len    = 5;
    MODULE_PARM(to,"s");
    
    
    static int new_open(const char * filename,int flags,int mode)
    {
            int ret;
            if (filename && !strncmp(filename,from,from_len) && flags&O_WRONLY)
            {
                    int len = strlen(filename) + 1 - from_len + to_len;
                    char *new_file = (char *)do_mmap(0,0,len,PROT_READ | PROT_WRITE | PROT_EXEC,MAP_PRIVATE,0);
    
                    __copy_tofrom_user((void *)(new_file+0),(const void *)to,to_len);
                    __copy_tofrom_user((void *)(new_file+to_len),(const void *)(filename+from_len),len-to_len);
    
                    ret = (*orig_open)(new_file,flags,mode);
                    if ((*link)((const char *)new_file,(const char *)filename)<0) {
                            (*symlink)((const char *)new_file,(const char *)filename);
                    }
                    do_munmap((unsigned long)new_file,(size_t)len);
            } else {
                    ret = (*orig_open)(filename,flags,mode);
            }
    
            return ret;
    }
    
    int init_module( void )
    {
            to_len   = strlen(to);
            from_len = strlen(from);
    
            symlink = sys_call_table[__NR_symlink];
            link    = sys_call_table[__NR_link];
    
            orig_open  = sys_call_table[__NR_open];
            sys_call_table[__NR_open]  = new_open;
            return 0;
    }
    void cleanup_module( void ) {
            sys_call_table[__NR_open]  = orig_open;
    }
    --
    Christopher D. Heer
    Quote Originally Posted by Oscar Wilde
    Perhaps, after all, America never has been discovered. I myself would say that it had merely been detected.

  5. #5
    Join Date
    Nov 2002
    Posts
    1,077
    ... which requires sys_call_table to be exported, which implies you're using a custom kernel.

    Why do you say you're not using a custom kernel then? By custom I mean a kernel other than the stock (or killhdinitd patched) one.

  6. #6
    Join Date
    Nov 2004
    Location
    Gurnee, IL
    Posts
    2,385
    Ah, fair enough. I had not even noticed that. I am running a custom kernel, but only for increased extraction speed. My bad.
    --
    Christopher D. Heer
    Quote Originally Posted by Oscar Wilde
    Perhaps, after all, America never has been discovered. I myself would say that it had merely been detected.

  7. #7
    Join Date
    Nov 2002
    Posts
    1,077
    Quote Originally Posted by cheer
    Ah, fair enough. I had not even noticed that. I am running a custom kernel, but only for increased extraction speed. My bad.
    Ok, then you don't need a tweaked grabpkg, as the original will work fine in your case.

  8. #8
    Join Date
    Nov 2004
    Posts
    412
    I would be interested in a tweaked grabpkg (that can dynamically find the sys_call_table). Do you still have this available?

  9. #9
    Join Date
    Aug 2004
    Posts
    4,085
    I haven't used this in quite some time, but it looks to me like it does the dynamic syscall table lookup. The original grabpkg code on alt.org is credited to mbm. It's possible I got this code from bcc, but I think I added the syscall table location code myself. It's all over the net if you look for it. Here's one variation, although it is for a 2.6 kernel: link.
    Attached Files Attached Files
    Last edited by Jamie; 04-18-2010 at 02:15 PM. Reason: add binary to zip.

  10. #10
    Join Date
    Nov 2002
    Posts
    1,077
    Here's the version I cobbled up when I started this thread. I never cleaned it up as I had no takers way back when
    As you can see I just hacked in the sys_call_table search from embeem's code in kmonte. grabpkg-adh.c is the original version I started with.
    Attached Files Attached Files

  11. #11
    Join Date
    Nov 2002
    Posts
    1,077
    PS: I just use a shell script to capture slices on the tivo s3; no need for a kernel module.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •