Now control flow is redirected back to the syscall after running the shared library constructor instead of skipping it

2025-12-20 16:53:07 +08:00 · 2022-04-09 14:17:09 -04:00
parent 036585371c
commit e881502ffa
11 changed files with 9928 additions and 9678 deletions
--- a/src/common/constants.h
+++ b/src/common/constants.h
@@ -45,8 +45,8 @@
 "\xbe\x01\x00\x00\x00\x48\x89\xdf\
 \x48\x81\xec\x00\x10\x00\x00\xff\
 \xd0\x48\x81\xc4\x00\x10\x00\x00\x5e\
-\x5f\x5b\x5a\x59\x58\x5d\xc3"
-#define CODE_CAVE_SHELLCODE_ASSEMBLE_3_LEN 32
+\x5f\x5b\x5a\x59\x58\x5d\xff\x25\x00\x00\x00\x00"
+#define CODE_CAVE_SHELLCODE_ASSEMBLE_3_LEN 37


 #endif