chaosblade

1
#define _GNU_SOURCE
2
#include <stdio.h>
3
#include <unistd.h>
4
#include <errno.h>
5
#include <sched.h>
6
#include <stdio.h>
7
#include <stdlib.h>
8
#include <string.h>
9
#include <fcntl.h>
10
#include <getopt.h>
11
#include <sys/types.h>
12
#include <sys/wait.h>
13
#include <sys/prctl.h>
14
#include <sys/stat.h>
15
#include <sys/syscall.h>
16

17
extern char** environ;
18

19
int enter_ns(int pid, const char* type) {
20
#ifdef __NR_setns
21
    char path[64], selfpath[64];
22
    snprintf(path, sizeof(path), "/proc/%d/ns/%s", pid, type);
23
    snprintf(selfpath, sizeof(selfpath), "/proc/self/ns/%s", type);
24

25
    struct stat oldns_stat, newns_stat;
26
    if (stat(selfpath, &oldns_stat) == 0 && stat(path, &newns_stat) == 0) {
27
        // Don't try to call setns() if we're in the same namespace already
28
        if (oldns_stat.st_ino != newns_stat.st_ino) {
29
            int newns = open(path, O_RDONLY);
30
            if (newns < 0) {
31
                return -1;
32
            }
33

34
            // Some ancient Linux distributions do not have setns() function
35
            int result = syscall(__NR_setns, newns, 0);
36
            close(newns);
37
            return result < 0 ? -1 : 1;
38
        }
39
    }
40
#endif // __NR_setns
41
    return 0;
42
}
43

44
void sig(int signum){}
45

46
int main(int argc, char *argv[]) {
47

48
    int target = 0;
49
    char *cmd;
50

51
    int stop = 0;
52
    int opt;
53
    int option_index = 0;
54
    char *string = "st:mpuni";
55

56
    int ipcns = 0;
57
    int utsns = 0;
58
    int netns = 0;
59
    int pidns = 0;
60
    int mntns = 0;
61

62
    while((opt =getopt(argc, argv, string))!= -1) {
63
        switch (opt) {
64
            case 's':
65
                stop = 1;
66
                break;
67
            case 't':
68
                target = atoi(optarg);
69
                break;
70
            case 'm':
71
                mntns = 1;
72
                break;
73
            case 'p':
74
                pidns = 1;
75
                break;
76
            case 'u':
77
                utsns = 1;
78
                break;
79
            case 'n':
80
                netns = 1;
81
                break;
82
            case 'i':
83
                ipcns = 1;
84
                break;
85
            default:
86
                break;
87
        }
88
    }
89

90
    // check target pid
91
    if (target <= 0) {
92
        fprintf(stderr, "%s is not a valid process ID\n", target);
93
        return 1;
94
    }
95

96
    // pause
97
    if(stop) {
98
            char *pe = "pause";
99
            prctl(PR_SET_NAME, pe);
100
            signal(SIGCONT,sig);
101
            pause();
102
            char *nc = "nsexec";
103
            prctl(PR_SET_NAME, nc);
104
    }
105

106
    // enter namespace
107
    if(ipcns) {
108
        enter_ns(target, "ipc");
109
    }
110

111
    if(utsns) {
112
        enter_ns(target, "uts");
113
    }
114

115
    if(netns) {
116
        enter_ns(target, "net");
117
    }
118

119
    if(pidns) {
120
        enter_ns(target, "pid");
121
    }
122

123
    if(mntns) {
124
        enter_ns(target, "mnt");
125
    }
126

127
    // fork exec
128
    pid_t pid;
129
    int status;
130

131
    if((pid = fork())<0) {
132
        status = -1;
133
    } else if(pid == 0){
134
        // args
135
        int i,j=0;
136
        char *args[256] = {NULL};
137
        for(i = optind; i < argc; i++, j++) {
138
            args[j] = argv[i];
139
        }
140
        execvp(argv[optind], args);
141
        _exit(127);
142
    } else {
143
        while(waitpid(pid, &status, 0) < 0){
144
            if(errno != EINTR){
145
                status = -1;
146
                break;
147
            }
148
        }
149
        if(WIFEXITED(status)){
150
            exit(WEXITSTATUS(status));
151
        }
152
    }
153
    return 0;
154
}
155