#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/user.h>
#include <unistd.h>
#include <stdio.h>
// ½Ã½ºÅÛ ÄÝ ¹øÈ£¿Í À̸§ ¸ÅÇÎ
const char *syscall_names[] = {
"read", "write", "open", "close", "stat", "fstat", "lstat", "poll",
"lseek", "mmap", "mprotect", "munmap", "brk", "rt_sigaction", "rt_sigprocmask",
"ioctl", "pread64", "pwrite64", "readv", "writev", "access", "pipe", "select",
// ÇÊ¿ä½Ã Ãß°¡
};
void print_syscall_name(long syscall_no) {
if (syscall_no >= 0 && syscall_no < sizeof(syscall_names) / sizeof(syscall_names[0])) {
printf("½Ã½ºÅÛ ÄÝ: %s (%ld)\n", syscall_names[syscall_no], syscall_no);
} else {
printf("¾Ë ¼ö ¾ø´Â ½Ã½ºÅÛ ÄÝ (%ld)\n", syscall_no);
}
}
int main() {
pid_t child;
pid_t pid, ppid, pgid, sid;
struct user_regs_struct regs;
int status;
pid = getpid();
ppid = getppid();
pgid = getpgid(0);
sid = getsid(0);
printf("ºÎ¸ð ÇÁ·Î¼¼½º Á¤º¸:\n");
printf("PID: %d\n", pid);
printf("PPID: %d\n", ppid);
printf("PGID: %d\n", pgid);
printf("SID: %d\n", sid);
child = fork();
if (child == 0) {
ptrace(PTRACE_TRACEME, 0, NULL, NULL);
execl("/bin/ls", "ls", NULL);
} else {
wait(&status);
printf("\n½Ã½ºÅÛ ÄÝ ÃßÀû ½ÃÀÛ:\n");
while (!WIFEXITED(status)) {
// ½Ã½ºÅÛ ÄÝ Á÷Àü ÀÎÅͼÁÆ®
ptrace(PTRACE_SYSCALL, child, NULL, NULL);
wait(&status);
if (WIFSTOPPED(status)) {
// ·¹Áö½ºÅÍ »óÅ Àбâ
ptrace(PTRACE_GETREGS, child, NULL, ®s);
print_syscall_name(regs.orig_rax);
}
// ½Ã½ºÅÛ ÄÝ Á÷ÈÄ ÀÎÅͼÁÆ®
ptrace(PTRACE_SYSCALL, child, NULL, NULL);
wait(&status);
}
printf("½Ã½ºÅÛ ÄÝ ÃßÀû Á¾·á.\n");
}
return 0;
} |
1616, 
5/81 
