linux-injector

by dismantl

dismantl / linux-injector

Utility for injecting executable code into a running process on x86/x64 Linux

209 Stars 43 Forks Last release: Not found GNU General Public License v3.0 9 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

linux-injector

Utility for injecting executable code into a running process on x86/x64 Linux. It uses

ptrace()
to attach to a process, then
mmap()
's memory regions for the injected code, a new stack, and space for trampoline shellcode. Finally, the trampoline in the target process is used to create a new thread and execute the chosen shellcode, so the main thread is allowed to continue. This project borrows from a number of other projects and research, see References below.

Requirements

  • fasm, the flat assembler

Building

With fasm installed in your

PATH
, simply run:
make

Included programs and files

  • print: Test program for executing shellcode using a variety of techniques:
    fork()
    ,
    clone()
    , clone syscall with inline assembly.
  • dummy: A trivial program for injecting into. Prints a message every second, then sleeps.
  • injector: The main program for injecting executable code into a running process. Simply provide it with the PID of the process to inject into, and the shellcode to execute:

./injector 1234 print64.bin
  • clone64.asm, clone32.asm, mmap64.asm, mmap32.asm: Shellcode stubs used by the injector.
  • print64.asm, print32.asm: Sample shellcode for printing a single line to stdout. Useful for testing the injector.

References

Further work

I plan on expanding this project to be a full ELF shared library injector. While this tool could theoretically be used as-is to inject a statically-compiled, position-independent ELF library, I want to be able to parse libraries with dynamically-loaded dependencies and load those dependencies as part of the injection process. The following resources are a useful starting point: * Injectso * Dynamically inject a shared library into a running process on Android/ARM * ELF file format * The Inside Story on Shared Libraries and Dynamic Loading

Copyright (c) 2015, Dan Staples. This code is available under the GNU General Public License, version 3.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.