Finished injection module at userspace using /proc/<pid>/maps, enables to overwrite the GOT section with RELRO activated

2026-01-30 11:03:08 +08:00 · 2022-04-07 07:11:28 -04:00
parent 96cfda8c1f
commit 3438f5846f
24 changed files with 14973 additions and 14466 deletions
--- a/src/helpers/.gdb_history
+++ b/src/helpers/.gdb_history
@@ -1,195 +1,3 @@
-b *(test_time_values_injection+96)
-r
-si
-si
-q
-b *(test_time_values_injection+96)
-r
-si
-q
-b *(test_time_values_injection+96)
-r
-si
-x/32b 0x5555555556a9
-x/32x 0x5555555556a9
-x/2i 0x5555555556a9
-disass 0x5555555556a9
-disass /r 0x5555555556a9
-q
-b *(test_time_values_injection+96)
-r
-si
-disass /r 0x5555555556ae
-q
-b *(test_time_values_injection+96)
-r
-si
-disass /r 0x5555555556ae
-q
-r
-q
-r
-q
-b *(test_time_values_injection+96)
-r
-si
-q
-b *(test_time_values_injection+169)
-r
-si
-fin
-q
-b *(test_time_values_injection+169)
-r
-si
-q
-b *(test_time_values_injection+169)
-r
-si
-q
-r
-q
-r
-q
-r
-q
-r
-q
-r
-q
-r
-q
-r
-q
-disass test_time_values_injection 
-b *(test_time_values_injection+96)
-r
-si
-disass 0x7ffff7ede56c
-disass /r 0x7ffff7ede56c
-q
-b *(test_time_values_injection+96)
-r
-si
-q
-b *(test_time_values_injection+96)
-r
-si
-x/2i 0x5555555556a9
-x/2b 0x5555555556a9
-x/22b 0x5555555556a9
-q
-b *(test_time_values_injection+96)
-r
-si
-disass /r 0x5555555556ae
-q
-b *(test_time_values_injection+169)
-r
-si
-q
-b *(test_time_values_injection+169)
-r
-q
-b *(test_time_values_injection+96)
-r
-q
-b *(test_time_values_injection+96)
-r
-q
-b test_time_values_injection 
-r
-ni
-si
-fin
-q
-r
-q
-r
-q
-disass test_time_values_injection 
-b *(test_time_values_injection+96)
-r
-si
-q
-disass test_time_values_injection 
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-restart
-c
-r
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-x/10x 0x5555555556a9
-x/10i 0x5555555556a9
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-q
-b *(test_time_values_injection+94)
-r
-si
-x/10i 555555555510
-x/10i 0x555555555510
-x/10x 0x555555555510
-q
-b *(test_time_values_injection+94)
-r
-si
-x/10x 0x555555555510
-x/10i 0x555555555510
-q
-q
-q
-disass test_time_values_injection 
 b *(test_time_values_injection+167)
 r
 si
@@ -254,3 +62,195 @@ si
 x/2i 7ffff7f1d5b0
 x/2i 0x7ffff7f1d5b0
 q
+r
+q
+q
+r
+q
+r
+q
+q
+b *(test_time_values_injection+94)
+disass test_time_values_injection 
+b *(test_time_values_injection+167)
+r
+q
+b *(test_time_values_injection+167)
+r
+si
+q
+b *(test_time_values_injection+167)
+r
+x/10s 0x41350
+x/10s 0x405130
+x/10b 0x405130
+x/10i 0x405130
+q
+r
+q
+r
+q
+disass test_time_values_injection 
+b *(test_time_values_injection+94)
+r
+si
+fin
+fin
+si
+q
+b *(test_time_values_injection+94)
+r
+si
+x/20b 0x555555559fb0
+si
+x/20b 0x555555559fb0
+q
+r
+q
+r
+q
+b *(test_time_values_injection+94)
+r
+si
+si
+x/20b 0x555555559fb0
+x/20i 0x555555559fb0
+q
+b *(test_time_values_injection+94)
+r
+si
+x/20i 0x555555559fb0
+x/20b 0x555555559fb0
+si
+x/20b 0x555555559fb0
+x/20i 0x555555559fb0
+q
+r
+q
+r
+q
+r
+q
+r
+q
+r
+q
+b *(test_time_values_injection+94)
+r
+si
+x/20b 0x555555559fb0
+x/20x 0x555555559fb0
+si
+x/20x 0x555555559fb0
+q
+b *(test_time_values_injection+94)
+r
+si
+q
+b *(test_time_values_injection+94)
+r
+si
+q
+b *(test_time_values_injection+94)
+r
+si
+q
+b *(test_time_values_injection+94)
+r
+si
+x/20x 0x555555559fb0
+q
+x/20x 0x555555559fb0
+b *(test_time_values_injection+94)
+r
+si
+x/20x 0x555555559fb0
+fin
+si
+ni
+ni
+c
+q
+b test_time_values_injection 
+r
+disass test_time_values_injection 
+b *(test_time_values_injection+94)
+b *(test_time_values_injection+177)
+c
+c
+r
+q
+b *(test_time_values_injection+94)
+r
+ni
+disass /r test_time_values_injection
+q
+b *(test_time_values_injection+94)
+r
+si
+ni
+q
+disass main 
+q
+disass main
+b *(main+186)
+b *(main+448)
+r
+checkpoint
+si
+restore 1
+restore
+restart
+restart 1
+si
+restart 1
+si
+restart 1
+restart 1
+context
+context all
+si
+restart 1
+q
+b *(main+186)
+b *(main+448)
+r
+si
+q
+disass main
+b *(main+184)
+b *(main+446)
+r
+si
+x/20b 0x555555557fd0
+c
+si
+x/20b 0x555555557fd0
+q
+b *(main+184)
+b *(main+446)
+r
+si
+c
+si
+find 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+find 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+q
+b *(main+184)
+b *(main+446)
+r
+si
+q
+b *(main+184)
+r
+si
+x/20b 0x555555557fd0
+q
+b *(main+184)
+r
+si
+q
+b *(main+184)
+r
+si
+q