linuxthor · September 9, 2020 21:16
diff --git a/kprobafunc.c b/kprobafunc.c
 #include <linux/module.h>
 #include <linux/init.h>
 #include <linux/kernel.h>
 #include <linux/kprobes.h>

 char *mota = "__NO__";

 static int kp_pre_handler(struct kprobe *p, struct pt_regs *regs)
 {
    // kprobe pre 'hook' 
    // (entering function - 
  
    // registers can be messed with here :)
    regs->di = (unsigned long)mota; 
  
    // return something other than zero if rip is changed
    return 0; 
 }

 static struct kprobe kp = {
    .symbol_name  = "kallsyms_lookup_name",
    .pre_handler  = kp_pre_handler
 };

 int init_module(void)
 {
    int ret; 

    ret = register_kprobe(&kp);
    if (ret < 0) {
        pr_err("register_kprobe returned %d\n", ret);
        return ret;
    }
 
    return 0;
 }

 void cleanup_module(void)
 {
    unregister_kprobe(&kp);      
 }

 MODULE_AUTHOR("linuxthor");
 MODULE_LICENSE("GPL");
	#include <linux/module.h>
	#include <linux/init.h>
	#include <linux/kernel.h>
	#include <linux/kprobes.h>

	char *mota = "__NO__";

	static int kp_pre_handler(struct kprobe p, struct pt_regs regs)
	{
	// kprobe pre 'hook'
	// (entering function -

	// registers can be messed with here :)
	regs->di = (unsigned long)mota;

	// return something other than zero if rip is changed
	return 0;
	}

	static struct kprobe kp = {
	.symbol_name = "kallsyms_lookup_name",
	.pre_handler = kp_pre_handler
	};

	int init_module(void)
	{
	int ret;

	ret = register_kprobe(&kp);
	if (ret < 0) {
	pr_err("register_kprobe returned %d\n", ret);
	return ret;
	}

	return 0;
	}

	void cleanup_module(void)
	{
	unregister_kprobe(&kp);
	}

	MODULE_AUTHOR("linuxthor");
	MODULE_LICENSE("GPL");