All the programs that will follow are written and tested on RHEL4, with gcc 3.4.5.
Basically you can rename a process to whatever you want by overwriting argv[0], yo uhave to fully null out argv[0] and just a simple strcpy wont work entirely right.
int main(argc, argv)
int argc;
char **argv;
{
char *p;
for (p = argv[0]; *p; p++)
*p = 0;
strcpy(argv[0], "W32WormMail@@VIRUS");
(void) getchar (); /* to allow you to see that ps reports "W32WormMail@@VIRUS" */
return(0);
}
As requested by beginners:
Compile the above program (after including stdio.h and string.h) as follows
g++ -o program.exe program.c
Note: 'top' seems to pick the process names from somewhere else and not from the process table. The above code will change the process table entry. So 'ps' cannot identify the real name of the process. But 'top' can.
