Included offset and extraction of interesting functions

2025-12-24 18:33:08 +08:00 · 2022-03-17 21:41:40 -04:00
parent 0fbcb8bdf7
commit 9dff5e71dc
6 changed files with 7632 additions and 7528 deletions
--- a/src/helpers/.gdb_history
+++ b/src/helpers/.gdb_history
@@ -114,3 +114,59 @@ si
 ni
 stack 200
 q
+b timerfd_settime
+r
+si
+ni
+d/10i 0x7ffff7d89560
+d/i 0x7ffff7d89560
+disassemble 0x7ffff7d89560
+stack 30ç
+d/6x 7fffffffdcc8
+d/x 7fffffffdcc8
+p/x 7fffffffdcc8
+p/x 0x7fffffffdcc8
+d/x 0x7fffffffdcc8
+d/3x 0x7fffffffdcc8
+d/3x *0x7fffffffdcc8
+x/3x 0x7fffffffdcc8
+x/5i 0x7fffffffdcc8
+x/5x 0x7fffffffdcc8
+x/20x 0x7fffffffdcc8
+stack 
+p __libc_start_main 
+x/x __libc_start_main 
+stack 
+context
+context_code
+x/x __libc_start_main 
+q
+b timerfd_settime
+r
+si
+ni
+x/x __libc_start_main 
+x/x __libc_dlopen_mode
+rop
+ropsearch 0f 
+ropsearch "0f"  
+ropsearch "0f"  libc
+ropsearch "pop %rax" libc
+ropsearch "pop %rax" 
+ropsearch "pop %rax" 
+ropsearch "pop rax" 
+ropsearch "pop rax" libc
+ropsearch "pop eax" libc
+ropgadget 
+ropgadget libc
+help ropgadget
+help ropsearch
+ropsearch "pop eax" libc
+q
+disass main
+l test_time_values_injection 
+disass test_time_values_injection 
+b *(test_time_values_injection + 74)
+r
+si
+q
--- a/src/helpers/peda-session-execve_hijack.txt
+++ b/src/helpers/peda-session-execve_hijack.txt
@@ -1,2 +1,3 @@
 break timerfd_settime
+break timerfd_settime