root@bastion-VirtualBox:/media/sf_work/es/lin_monitor/src/lkm# cat /proc/lkm_log
2019-10-23T2:51:46: insmod (6838:6838): General: lkm/lkm.c:115: Module akrm loading
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:29: Importing 38 declarations
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000004729c452 <- 000000007ad3a292:vfs_write
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000006ec2a0b0 <- 0000000004611e90:__vfs_read
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000706faf8a <- 00000000272b02cf:access_process_vm
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000cf8be296 <- 0000000057b18e59:replace_fd
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000004c3bd533 <- 00000000c4310da9:schedule_on_each_cpu
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000004c3bd533 <- 00000000c4310da9:schedule_on_each_cpu
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000005f4476b1 <- 00000000df7b1586:security_task_fix_setuid
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000004c3bd533 <- 00000000c4310da9:schedule_on_each_cpu
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000d8244370 <- 00000000746c8c9c:module_alloc
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 0000000033d6c82f <- 0000000059fee289:text_poke_bp
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000c013fa1f <- 0000000099918e35:text_mutex
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000e1971160 <- 00000000f96ab903:security_inode_rename
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000005ce1fa4b <- 0000000002aebd0c:security_inode_unlink
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000218c833b <- 00000000ebb18db4:kernfs_rename_ns
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000b00a287b <- 00000000070961f2:kernfs_create_root
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000005feebfa7 <- 00000000be8fdbe7:find_task_by_vpid
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000a2f41c36 <- 00000000989eb176:find_ge_pid
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 0000000026d67b9c <- 000000002e6ecba5:show_vfsstat
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000009e681261 <- 000000008a3b5385:show_mountinfo
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000003d5368ea <- 00000000319ba642:show_vfsmnt
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000001e5aebe3 <- 000000002c2b4769:security_task_kill
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000c98e3cb0 <- 000000003a4d16ae:do_exit
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000922c576d <- 0000000001740f30:security_bprm_check
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000eb0de1a1 <- 0000000073a49c4f:wake_up_new_task
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000f9aa4f0e <- 000000008e3556b3:filp_close
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000009bdfa3e5 <- 00000000d9845303:security_path_symlink
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000cb3cc665 <- 0000000013353ca5:security_path_rename
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000008e0639e0 <- 00000000f89cfbdc:security_inode_permission
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000051398d6 <- 0000000069cb3571:security_file_open
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 0000000062777e2c <- 00000000cc6b63cb:n_tty_receive_buf2
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000004da94955 <- 0000000087d65e86:n_tty_receive_buf
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000003eb1c677 <- 00000000e91d8554:snd_pcm_hw_constraints_complete
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000a5df7ed3 <- 000000009b90628e:snd_pcm_hw_constraint_mask
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 000000009105c394 <- 00000000a4b4c145:snd_pcm_detach_substream
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 0000000040eb2cd6 <- 00000000a72bc80e:snd_pcm_attach_substream
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000364bed0d <- 00000000853a4ba0:snd_pcm_release_substream
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:36: Imported 00000000e6d44959 <- 0000000022444f4e:snd_pcm_open_substream
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing AKRM subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing Uid_proc subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing show_akrm_proc subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing application plugin subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing file plugin subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing hidedir subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing Hide mount points from /proc/self/mountinfo & mounts & etc
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:122: Initializing Netlink subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating application plugin subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_path_rename (ffffffff8a9d65c0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c97730
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 0000000013353ca5
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d65c0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d65c5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d65c6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d65c9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d65cb 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d65cd 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d65cf 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d65d1 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a9d65d2 488b4630 mov 0x30(%rsi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a9d65d6 f6400d02 test $0x2, 0xd(%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffff8a9d65da 0f85a7000000 jnz 0xffffffff8a9d6687
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000b475bcb1
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066dcf0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066dcf5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066dcf6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066dcf9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066dcfb 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066dcff 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc066dd01 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc066dd04 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc066dd05 4989d5 mov %rdx, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc066dd08 4889f3 mov %rsi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc066dd0b 4989ce mov %rcx, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffffc066dd0e 4589 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e92b77c935 jmp 0xffffb0d63ef6328b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 0000000013353ca5
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d65c0 e92b77c935 jmp 0xffffffffc066dcf0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d65c5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d65c6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d65c9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d65cb 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d65cd 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d65cf 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d65d1 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a9d65d2 488b4630 mov 0x30(%rsi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a9d65d6 f6400d02 test $0x2, 0xd(%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffff8a9d65da 0f85a7000000 jnz 0xffffffff8a9d6687
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at filp_close (ffffffff8a87df60)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35deff80
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 000000008e3556b3
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a87df60 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a87df65 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a87df66 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a87df69 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a87df6b 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a87df6d 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffff8a87df6e 488b4738 mov 0x38(%rdi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a87df72 4885c0 test %rax, %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a87df75 744c jz 0x8a87dfc3
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffff8a87df77 488b4728 mov 0x28(%rdi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffff8a87df7b 4531e4 xor %r12d, %r12d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 0000000014f9eb98
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066dee0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066dee5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066dee6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066dee9 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066deeb 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066deed 4989f4 mov %rsi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc066def0 4152 push %r10
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffffc066def2 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc066def3 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc066def6 f0ff055b672300 lock inc 0x23675b(%rip)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffffc066defd 48c7c7 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e97bffde35 jmp 0xffffb0d63f0bbadb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 000000008e3556b3
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a87df60 e97bffde35 jmp 0xffffffffc066dee0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a87df65 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a87df66 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a87df69 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a87df6b 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a87df6d 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffff8a87df6e 488b4738 mov 0x38(%rdi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a87df72 4885c0 test %rax, %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a87df75 744c jz 0x8a87dfc3
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffff8a87df77 488b4728 mov 0x28(%rdi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffff8a87df7b 4531e4 xor %r12d, %r12d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a87df7e 4889 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_bprm_check (ffffffff8a9d73f0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c95610
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 0000000001740f30
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d73f0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d73f5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d73f6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d73f9 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d73fb 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a9d7403 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a9d7406 4881fbb0f57a8b cmp $0xffffffff8b7af5b0, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffff8a9d740d 750e jnz 0x8a9d741d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a9d740f eb invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000afe7d90a
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066ca00 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066ca05 4c8d542408 lea 0x8(%rsp), %r10
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + a ffffffffc066ca0a 4883e4f0 and $0xfffffffffffffff0, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc066ca0e 41ff72f8 push -0x8(%r10)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffffc066ca12 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc066ca13 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc066ca16 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc066ca18 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc066ca1a 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffffc066ca1c 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffffc066ca1e 4989 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e90b56c935 jmp 0xffffb0d63ef6116b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 0000000001740f30
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d73f0 e90b56c935 jmp 0xffffffffc066ca00
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d73f5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d73f6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d73f9 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d73fb 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8a9d73fc 488b1dad81dd00 mov 0xdd81ad(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a9d7403 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a9d7406 4881fbb0f57a8b cmp $0xffffffff8b7af5b0, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffff8a9d740d 750e jnz 0x8a9d741d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a9d740f eb invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at do_exit (ffffffff8a696050)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35fd5250
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 000000003a4d16ae
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a696050 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a696055 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a696056 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a69605b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a69605d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a69605f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a696061 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a696064 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a696065 65488b1c25005c0100 mov %gs:0x15c00, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a69606e 4883 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000f67c0c5e
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066b2a0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066b2a5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066b2a6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066b2a9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066b2ab 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066b2ad 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066b2af 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc066b2b1 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc066b2b4 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc066b2b5 4883ec38 sub $0x38, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffffc066b2b9 65488b04252800 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e94b52fd35 jmp 0xffffb0d63f2a0dab
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 000000003a4d16ae
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a696050 e94b52fd35 jmp 0xffffffffc066b2a0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a696055 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a696056 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a696059 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a69605b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a69605d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a69605f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a696061 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a696064 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a696065 65488b1c25005c0100 mov %gs:0x15c00, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a69606e 4883 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating Audio plugin
2019-10-23T2:51:46: insmod (6838:6838): Debug: audio_plugin/hooks.c:218: Registering audio hooks
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at snd_pcm_ioctl (ffffffffc05d0d30)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000d29018f4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05d0d30 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05d0d35 4889f0 mov %rsi, %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 8 ffffffffc05d0d38 0fb6cc movzx %ah, %ecx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc05d0d3b 83f941 cmp $0x41, %ecx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05d0d3e 751c jnz 0xc05d0d5c
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc05d0d40 488b87c8000000 mov 0xc8(%rdi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffffc05d0d47 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc05d0d48 4889d1 mov %rdx, %rcx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc05d0d4b 89f2 mov %esi, %edx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffffc05d0d4d 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000f80057cb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0672820 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0672825 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0672826 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0672829 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc067282b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc067282d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc067282f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0672831 4989fd mov %rdi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc0672834 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc0672835 4989d6 mov %rdx, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc0672838 89f3 mov %esi, %ebx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc067283a 4883ec30 sub $0x30, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffffc067283e 6548 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 000000007254a2fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb3b e9eb1a0a00 jmp 0xffffb0d60936d62b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000d29018f4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05d0d30 e9eb1a0a00 jmp 0xffffffffc0672820
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05d0d35 4889f0 mov %rsi, %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 8 ffffffffc05d0d38 0fb6cc movzx %ah, %ecx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc05d0d3b 83f941 cmp $0x41, %ecx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05d0d3e 751c jnz 0xc05d0d5c
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc05d0d40 488b87c8000000 mov 0xc8(%rdi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffffc05d0d47 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc05d0d4b 89f2 mov %esi, %edx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffffc05d0d4d 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at snd_pcm_open_substream (ffffffffc05d2160)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: a0040
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 0000000022444f4e
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05d2160 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05d2165 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc05d2166 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc05d2169 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc05d216b 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffffc05d216c 4989cc mov %rcx, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc05d216f 488d4de0 lea -0x20(%rbp), %rcx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc05d2173 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc05d2176 4883ec18 sub $0x18, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc05d217a 65488b042528 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 0000000096b9776a
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc06721a0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc06721a5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc06721a6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc06721a9 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc06721ab 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc06721ad 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc06721af 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc06721b0 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc06721b3 4189f5 mov %esi, %r13d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc06721b6 4989d6 mov %rdx, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffffc06721b9 4889cb mov %rcx, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffffc06721bc 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 000000007254a2fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb3b e93b000a00 jmp 0xffffb0d60936bb7b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 0000000022444f4e
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05d2160 e93b000a00 jmp 0xffffffffc06721a0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05d2165 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc05d2166 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc05d2169 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffffc05d216c 4989cc mov %rcx, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc05d216f 488d4de0 lea -0x20(%rbp), %rcx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc05d2173 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc05d2176 4883ec18 sub $0x18, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc05d217a 65488b042528 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at snd_pcm_release_substream (ffffffffc05ce810)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: a3c60
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000853a4ba0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05ce810 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05ce815 8b8790010000 mov 0x190(%rdi), %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc05ce81b 83e801 sub $0x1, %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05ce81e 85c0 test %eax, %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc05ce820 898790010000 mov %eax, 0x190(%rdi)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc05ce826 7e01 jle 0xc05ce829
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc05ce828 c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffffc05ce829 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc05ce82a 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffffc05ce82d e82eff invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000f512b194
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0672470 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0672475 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0672476 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0672479 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + a ffffffffc067247a 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc067247d 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0672481 65488b042528000000 mov %gs:0x28, %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc067248a 488945f0 mov %rax, -0x10(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffffc067248e 31c0 xor %eax, %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 000000007254a2fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb3b e95b3c0a00 jmp 0xffffb0d60936f79b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000853a4ba0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05ce810 e95b3c0a00 jmp 0xffffffffc0672470
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05ce815 8b8790010000 mov 0x190(%rdi), %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc05ce81b 83e801 sub $0x1, %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05ce81e 85c0 test %eax, %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc05ce826 7e01 jle 0xc05ce829
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc05ce828 c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffffc05ce829 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc05ce82a 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffffc05ce82d e82eff invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at snd_pcm_attach_substream (ffffffffc05cb550)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: a7000
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000a72bc80e
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05cb550 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05cb555 4885ff test %rdi, %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 8 ffffffffc05cb558 0f84fd020000 jz 0xffffffffc05cb85b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05cb55e 4885c9 test %rcx, %rcx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc05cb561 0f84f4020000 jz 0xffffffffc05cb85b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffffc05cb567 83fe01 cmp $0x1, %esi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc05cb56a 0f87f1020000 ja 0xffffffffc05cb861
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000c886cf45
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0672550 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0672555 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0672556 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0672559 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc067255b 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc067255d 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc067255f 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc0672560 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc0672563 4189f5 mov %esi, %r13d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc0672566 4989d6 mov %rdx, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffffc0672569 4889cb mov %rcx, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffffc067256c 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 000000007254a2fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb3b e9fb6f0a00 jmp 0xffffb0d609372b3b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000a72bc80e
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05cb550 e9fb6f0a00 jmp 0xffffffffc0672550
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05cb555 4885ff test %rdi, %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 8 ffffffffc05cb558 0f84fd020000 jz 0xffffffffc05cb85b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05cb55e 4885c9 test %rcx, %rcx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffffc05cb567 83fe01 cmp $0x1, %esi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc05cb56a 0f87f1020000 ja 0xffffffffc05cb861
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at snd_pcm_detach_substream (ffffffffc05cb8c0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: a6e80
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000a4b4c145
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05cb8c0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05cb8c5 4885ff test %rdi, %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 8 ffffffffc05cb8c8 0f84cf000000 jz 0xffffffffc05cb99d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05cb8ce 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc05cb8cf 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffffc05cb8d2 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc05cb8d4 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc05cb8d5 4c8ba710010000 mov 0x110(%rdi), %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffffc05cb8dc 4d85e4 test %r12, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffffc05cb8df 0f invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 0000000074dadc6e
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0672740 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0672745 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0672746 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0672749 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + a ffffffffc067274a 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc067274d 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0672751 65488b042528000000 mov %gs:0x28, %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc067275a 488945f0 mov %rax, -0x10(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffffc067275e 31c0 xor %eax, %eax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 000000007254a2fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb3b e97b6e0a00 jmp 0xffffb0d6093729bb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000a4b4c145
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc05cb8c0 e97b6e0a00 jmp 0xffffffffc0672740
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc05cb8c5 4885ff test %rdi, %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 8 ffffffffc05cb8c8 0f84cf000000 jz 0xffffffffc05cb99d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc05cb8ce 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc05cb8cf 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffffc05cb8d2 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc05cb8d4 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffffc05cb8dc 4d85e4 test %r12, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffffc05cb8df 0f invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating Keylogger subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at n_tty_receive_buf (ffffffff8abf69b0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35a7b090
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 0000000087d65e86
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8abf69b0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8abf69b5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8abf69b6 4531c0 xor %r8d, %r8d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8abf69b9 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8abf69bc e8eff2ffff call 0xffffffff8abf5cb0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8abf69c1 5d pop %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8abf69c2 c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8abf69c3 0f1f00 nop (%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8abf69c6 662e0f1f840000000000 o16 nop %cs:(%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000409cb570
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0671a40 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0671a45 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0671a46 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0671a49 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc0671a4b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc0671a4d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc0671a4f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0671a51 4989f5 mov %rsi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc0671a54 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc0671a55 4189cf mov %ecx, %r15d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc0671a58 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc0671a5b 4883ec18 sub $0x18, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffffc0671a5f 48 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e98bb0a735 jmp 0xffffb0d63ed46beb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 0000000087d65e86
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8abf69b0 e98bb0a735 jmp 0xffffffffc0671a40
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8abf69b5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8abf69b6 4531c0 xor %r8d, %r8d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8abf69bc e8eff2ffff call 0xffffffff8abf5cb0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8abf69c1 5d pop %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8abf69c2 c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8abf69c3 0f1f00 nop (%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8abf69c6 662e0f1f840000000000 o16 nop %cs:(%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at n_tty_receive_buf2 (ffffffff8abf6990)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35a7af90
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000cc6b63cb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8abf6990 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8abf6995 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8abf6996 41b801000000 mov $0x1, %r8d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8abf699c 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8abf699f e80cf3ffff call 0xffffffff8abf5cb0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8abf69a4 5d pop %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8abf69a5 c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8abf69a6 662e0f1f840000000000 o16 nop %cs:(%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000c56a9093
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0671920 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0671925 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0671926 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0671929 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc067192b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc067192d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc067192f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0671931 4989f5 mov %rsi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc0671934 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc0671935 4189cf mov %ecx, %r15d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc0671938 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc067193b 4883ec18 sub $0x18, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffffc067193f 48 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e98bafa735 jmp 0xffffb0d63ed46aeb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000cc6b63cb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8abf6990 e98bafa735 jmp 0xffffffffc0671920
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8abf6995 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8abf699c 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8abf699f e80cf3ffff call 0xffffffff8abf5cb0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8abf69a4 5d pop %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8abf69a5 c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8abf69a6 662e0f1f840000000000 o16 nop %cs:(%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating file plugin subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_file_open (ffffffff8a9d86c0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c97820
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 0000000069cb3571
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d86c0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d86c5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d86c6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d86c9 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d86cb 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d86cd 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffff8a9d86ce 488b1d3b73dd00 mov 0xdd733b(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a9d86d5 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a9d86d8 4881fb10fa7a8b cmp $0xffffffff8b7afa10, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a9d86df 74 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 0000000040bb15a6
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066fee0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066fee5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066fee6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066fee9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066feeb 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066feed 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066feef 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc066fef1 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc066fef4 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc066fef5 4889f3 mov %rsi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc066fef8 4883ec38 sub $0x38, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffffc066fefc 65488b04 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e91b78c935 jmp 0xffffb0d63ef6337b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 0000000069cb3571
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d86c5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d86c6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d86c9 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d86cb 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d86cd 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffff8a9d86ce 488b1d3b73dd00 mov 0xdd733b(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a9d86d5 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a9d86d8 4881fb10fa7a8b cmp $0xffffffff8b7afa10, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a9d86df 74 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_inode_permission (ffffffff8a9d61d0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c99fa0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000f89cfbdc
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d61d0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d61d5 f6470d02 test $0x2, 0xd(%rdi)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d61d9 7550 jnz 0x8a9d622b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d61db 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8a9d61dc 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d61df 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d61e1 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a9d61e3 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a9d61e4 488b1d6596dd00 mov 0xdd9665(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffff8a9d61eb 4189f5 mov %esi, %r13d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a9d61ee 4989 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000c44a6437
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0670170 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0670175 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0670176 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0670179 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc067017b 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc067017d 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + e ffffffffc067017e 4989fd mov %rdi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0670181 4189f4 mov %esi, %r12d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc0670184 4883ec30 sub $0x30, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc0670188 65488b0425280000 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000f89cfbdc
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d61d0 e99b9fc935 jmp 0xffffffffc0670170
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d61d5 f6470d02 test $0x2, 0xd(%rdi)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d61d9 7550 jnz 0x8a9d622b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d61db 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffff8a9d61dc 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d61df 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d61e1 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a9d61e3 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a9d61e4 488b1d6596dd00 mov 0xdd9665(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffff8a9d61eb 4189f5 mov %esi, %r13d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a9d61ee 4989 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating hidedir subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_inode_unlink (ffffffff8a9d7a50)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c916a0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 0000000002aebd0c
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d7a50 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d7a55 488b4630 mov 0x30(%rsi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d7a59 f6400d02 test $0x2, 0xd(%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d7a5d 7550 jnz 0x8a9d7aaf
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d7a5f 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a9d7a60 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a9d7a63 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a9d7a65 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffff8a9d7a67 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a9d7a68 488b1d617ddd00 mov 0xdd7d61(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a9d7a6f 49 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000c36e41bc
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc06690f0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc06690f5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc06690f6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc06690f9 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc06690fb 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc06690fd 4989fd mov %rdi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc0669100 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc0669104 f0ff05bdb42300 lock inc 0x23b4bd(%rip)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc066910b 48c7c74047 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e99b16c935 jmp 0xffffb0d63ef5d1fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 0000000002aebd0c
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d7a50 e99b16c935 jmp 0xffffffffc06690f0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d7a55 488b4630 mov 0x30(%rsi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d7a59 f6400d02 test $0x2, 0xd(%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d7a5d 7550 jnz 0x8a9d7aaf
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d7a5f 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a9d7a60 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a9d7a63 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a9d7a65 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffff8a9d7a67 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a9d7a68 488b1d617ddd00 mov 0xdd7d61(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a9d7a6f 49 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_inode_rename (ffffffff8a9d7c20)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c91540
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000f96ab903
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d7c20 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d7c25 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d7c26 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d7c29 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d7c2b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d7c2d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d7c2f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d7c31 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a9d7c32 488b4630 mov 0x30(%rsi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a9d7c36 f6400d02 test $0x2, 0xd(%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffff8a9d7c3a 0f85a7000000 jnz 0xffffffff8a9d7ce7
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 000000005a2433a2
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0669160 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0669165 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0669166 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0669169 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066916d 4589c7 mov %r8d, %r15d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc0669170 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffffc0669172 4989d6 mov %rdx, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc0669175 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffffc0669177 4989fd mov %rdi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc066917a 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffffc066917b 4989cc mov %rcx, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffffc066917e 4889 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e93b15c935 jmp 0xffffb0d63ef5d09b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000f96ab903
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d7c20 e93b15c935 jmp 0xffffffffc0669160
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d7c25 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d7c26 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d7c29 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d7c2b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d7c2d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d7c2f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d7c31 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a9d7c32 488b4630 mov 0x30(%rsi), %rax
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a9d7c36 f6400d02 test $0x2, 0xd(%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffff8a9d7c3a 0f85a7000000 jnz 0xffffffff8a9d7ce7
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating Module operation subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating Userspace application pids hidder plugin subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at find_ge_pid (ffffffff8a6b1450)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35fb8740
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000989eb176
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a6b1450 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a6b1455 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a6b1456 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a6b1459 4883ec08 sub $0x8, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a6b145d 897dfc mov %edi, -0x4(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a6b1460 488d7e08 lea 0x8(%rsi), %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a6b1464 488d75fc lea -0x4(%rbp), %rsi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a6b1468 e8c3b68e00 call 0xffffffff8af9cb30
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a6b146e c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a6b146f 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 000000004a6584bf
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc0669b90 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc0669b95 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc0669b96 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc0669b99 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc0669b9b 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + c ffffffffc0669b9c 4989f4 mov %rsi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc0669b9f 89fb mov %edi, %ebx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc0669ba1 f0ff0530aa2300 lock inc 0x23aa30(%rip)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffffc0669ba8 48c7c740478ac0 mov $0xffffffffc08a4740, %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffffc0669baf e8 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e93b87fb35 jmp 0xffffb0d63f28429b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000989eb176
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a6b1450 e93b87fb35 jmp 0xffffffffc0669b90
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a6b1455 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a6b1456 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a6b1459 4883ec08 sub $0x8, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a6b145d 897dfc mov %edi, -0x4(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a6b1460 488d7e08 lea 0x8(%rsi), %rdi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a6b1464 488d75fc lea -0x4(%rbp), %rsi
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a6b1468 e8c3b68e00 call 0xffffffff8af9cb30
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffff8a6b146d c9 leave
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a6b146e c3 ret
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a6b146f 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating Hide mount points from /proc/self/mountinfo & mounts & etc
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at show_vfsstat (ffffffff8a8caa30)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35d9f7f0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 000000002e6ecba5
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a8caa30 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a8caa35 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a8caa36 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a8caa39 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a8caa3d 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a8caa3f 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a8caa40 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a8caa43 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffff8a8caa47 488975c8 mov %rsi, -0x38(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffff8a8caa4b 4c8b7778 mov 0x78(%rdi), %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a8caa4f 65 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 0000000025e90129
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066a220 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066a225 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066a226 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066a229 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066a22b 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066a22d 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066a22f 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc066a230 4989fe mov %rdi, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc066a233 4989f5 mov %rsi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc066a236 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc066a23a 65488b042528 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e9ebf7d935 jmp 0xffffb0d63f06b34b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 000000002e6ecba5
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a8caa30 e9ebf7d935 jmp 0xffffffffc066a220
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a8caa35 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a8caa36 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a8caa39 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a8caa3b 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a8caa3d 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a8caa3f 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a8caa40 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a8caa43 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 17 ffffffff8a8caa47 488975c8 mov %rsi, -0x38(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1b ffffffff8a8caa4b 4c8b7778 mov 0x78(%rdi), %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1f ffffffff8a8caa4f 65 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at show_vfsmnt (ffffffff8a8cabc0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 00000000319ba642
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a8cabc0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a8cabc5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a8cabc6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a8cabc9 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a8cabcb 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a8cabcd 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a8cabcf 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffff8a8cabd0 4989f4 mov %rsi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a8cabd3 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a8cabd6 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffff8a8cabda 488975c8 mov %rsi, -0x38(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a8cabde 488b invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 000000001b770dea
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066a360 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066a365 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066a366 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066a369 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066a36b 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066a36d 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066a36f 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc066a370 4989fe mov %rdi, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc066a373 4989f5 mov %rsi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc066a376 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc066a37a 65488b042528 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e99bf7d935 jmp 0xffffb0d63f06b2fb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 00000000319ba642
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a8cabc0 e99bf7d935 jmp 0xffffffffc066a360
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a8cabc5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a8cabc6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a8cabc9 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a8cabcb 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a8cabcd 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a8cabcf 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffff8a8cabd3 4889fb mov %rdi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffff8a8cabd6 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffff8a8cabda 488975c8 mov %rsi, -0x38(%rbp)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1e ffffffff8a8cabde 488b invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at show_mountinfo (ffffffff8a8cad30)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35d9f770
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 000000008a3b5385
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a8cad30 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a8cad35 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a8cad36 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a8cad39 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a8cad3b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a8cad3d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a8cad3f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a8cad41 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a8cad44 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a8cad45 4889f3 mov %rsi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a8cad48 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffff8a8cad4c 4c8b6e08 mov 0x8(%rsi), %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 00000000fd0b9784
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066a4a0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066a4a5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066a4a6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066a4a9 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066a4ab 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066a4ad 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066a4af 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 10 ffffffffc066a4b0 4989fe mov %rdi, %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 13 ffffffffc066a4b3 4989f5 mov %rsi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 16 ffffffffc066a4b6 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc066a4ba 65488b042528 invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e96bf7d935 jmp 0xffffb0d63f06b2cb
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 000000008a3b5385
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a8cad30 e96bf7d935 jmp 0xffffffffc066a4a0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a8cad36 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a8cad39 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a8cad3b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a8cad3d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a8cad3f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a8cad41 4989fc mov %rdi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffff8a8cad44 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffff8a8cad45 4889f3 mov %rsi, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 18 ffffffff8a8cad48 4883ec20 sub $0x20, %rsp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1c ffffffff8a8cad4c 4c8b6e08 mov 0x8(%rsi), %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating signal subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:153: Trying to set the breakpoint at security_task_kill (ffffffff8a9d8fb0)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:154: Forward offset: 35c918b0
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Function header: 000000002c2b4769
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d8fb0 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d8fb5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d8fb6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d8fb9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d8fbb 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d8fbd 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d8fbf 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d8fc1 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a9d8fc2 488b1dd76bdd00 mov 0xdd6bd7(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffff8a9d8fc9 4881fba0fb7a8b cmp $0xffffffff8b7afba0, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Hook: 000000009e798a2c
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffffc066a860 0f1f440000 nop (%rax,%rax)
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffffc066a865 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffffc066a866 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffffc066a869 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffffc066a86b 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffffc066a86d 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffffc066a86f 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffffc066a871 4989fd mov %rdi, %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 14 ffffffffc066a874 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 15 ffffffffc066a875 4989f4 mov %rsi, %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1a ffffffffc066a87a 4189ce mov %ecx, %r14d
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 1d ffffffffc066a87d 4883ec invalid
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patch: 00000000b9ab7bb4
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffb0d6092cbb5b e9ab18c935 jmp 0xffffb0d63ef5d40b
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:79: Patched: 000000002c2b4769
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 0 ffffffff8a9d8fb0 e9ab18c935 jmp 0xffffffffc066a860
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 5 ffffffff8a9d8fb5 55 push %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 6 ffffffff8a9d8fb6 4889e5 mov %rsp, %rbp
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 9 ffffffff8a9d8fb9 4157 push %r15
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + b ffffffff8a9d8fbb 4156 push %r14
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + d ffffffff8a9d8fbd 4155 push %r13
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + f ffffffff8a9d8fbf 4154 push %r12
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 11 ffffffff8a9d8fc1 53 push %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 12 ffffffff8a9d8fc2 488b1dd76bdd00 mov 0xdd6bd7(%rip), %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: hooks/hooks.c:90: + 19 ffffffff8a9d8fc9 4881fba0fb7a8b cmp $0xffffffff8b7afba0, %rbx
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:135: Activating Netlink subsystem
2019-10-23T2:51:46: insmod (6838:6838): Debug: lkm/lkm.c:147: All hooks installed
2019-10-23T2:51:48: bash (6840:6840): Debug: app_plugin/exec.c:618: security_bprm_check: cat(0) = 0
2019-10-23T2:51:56: bash (6841:6841): Debug: app_plugin/exec.c:618: security_bprm_check: ls(1000) = 0