Skip to content

Instantly share code, notes, and snippets.

@cramforce

cramforce/gist:571529

Created September 9, 2010 07:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cramforce/571529 to your computer and use it in GitHub Desktop.
Save cramforce/571529 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.d
syscall::connect:entry
/execname == "Echofon"/
{
this->sock = (struct sockaddr_in *)copyin(arg1, arg2);
port = this->sock->sin_port;
ip = this->sock->sin_addr.s_addr;
printf("%s %d %d.%d.%d.%d\n", execname, port, (ip >> 0) & 0xff, (ip >> 8) & 0xff, (ip >> 16) & 0xff, (ip >> 24) & 0xff);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment