aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/contrib/examples/extract-handshakes/extract-handshakes.sh
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/examples/extract-handshakes/extract-handshakes.sh')
-rwxr-xr-xcontrib/examples/extract-handshakes/extract-handshakes.sh80
1 files changed, 80 insertions, 0 deletions
diff --git a/contrib/examples/extract-handshakes/extract-handshakes.sh b/contrib/examples/extract-handshakes/extract-handshakes.sh
new file mode 100755
index 0000000..16ed630
--- /dev/null
+++ b/contrib/examples/extract-handshakes/extract-handshakes.sh
@@ -0,0 +1,80 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+# Copyright (C) 2017-2018 Peter Wu <peter@lekensteyn.nl>. All Rights Reserved.
+
+set -e
+
+ME_DIR="${BASH_SOURCE[0]}"
+ME_DIR="${ME_DIR%/*}"
+source "$ME_DIR/offsets.include" || { echo "Did you forget to run make?" >&2; exit 1; }
+
+case "$(uname -m)" in
+ x86_64) ARGUMENT_REGISTER="%si" ;;
+ i386|i686) ARGUMENT_REGISTER="%dx" ;;
+ aarch64) ARGUMENT_REGISTER="%x1" ;;
+ arm) ARGUMENT_REGISTER="%r1" ;;
+ *) echo "ERROR: Unknown architecture" >&2; exit 1 ;;
+esac
+
+ARGS=( )
+REGEX=".*: idxadd: .*"
+for key in "${!OFFSETS[@]}"; do
+ values="${OFFSETS[$key]}"
+ values=( ${values//,/ } )
+ for i in {0..3}; do
+ value="$ARGUMENT_REGISTER"
+ for indirection in "${values[@]:1}"; do
+ value="+$indirection($value)"
+ done
+ value="+$((i * 8 + values[0]))($value)"
+ ARGS+=( "${key,,}$i=$value:x64" )
+ REGEX="$REGEX ${key,,}$i=0x([0-9a-f]+)"
+ done
+done
+
+turn_off() {
+ set +e
+ [[ -f /sys/kernel/debug/tracing/events/wireguard/idxadd/enable ]] || exit
+ echo 0 > /sys/kernel/debug/tracing/events/wireguard/idxadd/enable
+ echo "-:wireguard/idxadd" >> /sys/kernel/debug/tracing/kprobe_events
+ exit
+}
+
+trap turn_off INT TERM EXIT
+echo "p:wireguard/idxadd index_hashtable_insert ${ARGS[*]}" >> /sys/kernel/debug/tracing/kprobe_events
+echo 1 > /sys/kernel/debug/tracing/events/wireguard/idxadd/enable
+
+unpack_u64() {
+ local i expanded="$1"
+ if [[ $ENDIAN == big ]]; then
+ printf -v expanded "%.*s$expanded" $((16 - ${#expanded})) 0000000000000000
+ for i in {0..7}; do
+ echo -n "\\x${expanded:(i * 2):2}"
+ done
+ elif [[ $ENDIAN == little ]]; then
+ (( ${#expanded} % 2 == 1 )) && expanded="0$expanded"
+ expanded="${expanded}0000000000000000"
+ for i in {0..7}; do
+ echo -n "\\x${expanded:((7 - i) * 2):2}"
+ done
+ else
+ echo "ERROR: Unable to determine endian" >&2
+ exit 1
+ fi
+}
+
+while read -r line; do
+ [[ $line =~ $REGEX ]] || continue
+ echo "New handshake session:"
+ j=1
+ for key in "${!OFFSETS[@]}"; do
+ bytes=""
+ for i in {0..3}; do
+ bytes="$bytes$(unpack_u64 "${BASH_REMATCH[j]}")"
+ ((++j))
+ done
+ echo " $key = $(printf "$bytes" | base64)"
+ done
+done < /sys/kernel/debug/tracing/trace_pipe
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.