/main.c Secret

## main.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

void slankdev_test()
{
	puts("fuckin");
}

int main()
{
  while (1) {
    slankdev_test();
    sleep(1);
  }
}

## makefile

all:
	g++ -static main.c

## slankdev.py
#!/usr/bin/env python
from bcc import BPF


bpf_program = """
void call(struct pt_regs *ctx) { bpf_trace_printk("call\\n"); }
void ret (struct pt_regs *ctx) { bpf_trace_printk("ret\\n");  }
void pp  (void* c)             { bpf_trace_printk("puts\\n"); }
"""


trace_pgm_name = "./a.out"
b = BPF(text=bpf_program)
b.attach_uprobe   (name=trace_pgm_name, sym="_Z13slankdev_testv", fn_name="call")
b.attach_uretprobe(name=trace_pgm_name, sym="_Z13slankdev_testv", fn_name="ret")
b.attach_uprobe   (name=trace_pgm_name, sym="puts"              , fn_name="pp")


while True:
    print(b.trace_fields())
	#include <stdio.h>
	#include <stdlib.h>
	#include <unistd.h>

	void slankdev_test()
	{
	puts("fuckin");
	}

	int main()
	{
	while (1) {
	slankdev_test();
	sleep(1);
	}
	}
	#!/usr/bin/env python
	from bcc import BPF


	bpf_program = """
	void call(struct pt_regs *ctx) { bpf_trace_printk("call\\n"); }
	void ret (struct pt_regs *ctx) { bpf_trace_printk("ret\\n"); }
	void pp (void* c) { bpf_trace_printk("puts\\n"); }
	"""


	trace_pgm_name = "./a.out"
	b = BPF(text=bpf_program)
	b.attach_uprobe (name=trace_pgm_name, sym="_Z13slankdev_testv", fn_name="call")
	b.attach_uretprobe(name=trace_pgm_name, sym="_Z13slankdev_testv", fn_name="ret")
	b.attach_uprobe (name=trace_pgm_name, sym="puts" , fn_name="pp")


	while True:
	print(b.trace_fields())