linuxthor · September 11, 2020 09:43
diff --git a/kfindmodhide.c b/kfindmodhide.c
 #include <linux/module.h>
 #include <linux/init.h>
 #include <linux/kernel.h>
 #include <linux/kprobes.h>

 int init_module(void)
 {
    struct module *mahjool; 
    struct kobject kobj; 
    unsigned long addy; 

    for (addy = MODULES_VADDR; addy < MODULES_END; (addy = (addy + 4096)))
    {
        if(__module_address(addy) != 0)
        { 
            mahjool = __module_address(addy);
            if(mahjool->list.next == mahjool->list.prev)
            {
                printk("Memory region %px - module %s suspect list ptrs\n",(void *)addy
                                                                            ,mahjool->name);
            }
            kobj = mahjool->mkobj.kobj; 
            if(kobj.state_in_sysfs == 0)
            {
                printk("Memory region %px - module %s suspect sysfs state\n", (void *)addy
                                                                             ,mahjool->name);
            }
        }
    }
    return 0;
 }

 void cleanup_module(void)
 {

 }

 MODULE_AUTHOR("linuxthor");
 MODULE_LICENSE("GPL");
	#include <linux/module.h>
	#include <linux/init.h>
	#include <linux/kernel.h>
	#include <linux/kprobes.h>

	int init_module(void)
	{
	struct module *mahjool;
	struct kobject kobj;
	unsigned long addy;

	for (addy = MODULES_VADDR; addy < MODULES_END; (addy = (addy + 4096)))
	{
	if(__module_address(addy) != 0)
	{
	mahjool = __module_address(addy);
	if(mahjool->list.next == mahjool->list.prev)
	{
	printk("Memory region %px - module %s suspect list ptrs\n",(void *)addy
	,mahjool->name);
	}
	kobj = mahjool->mkobj.kobj;
	if(kobj.state_in_sysfs == 0)
	{
	printk("Memory region %px - module %s suspect sysfs state\n", (void *)addy
	,mahjool->name);
	}
	}
	}
	return 0;
	}

	void cleanup_module(void)
	{

	}

	MODULE_AUTHOR("linuxthor");
	MODULE_LICENSE("GPL");