| SO |
[Feb. 11th, 2016|10:23 pm] |
| [ | Current Mood |
| | accomplished | ] |
Сделал загрузку shared objects из памяти без временных файлов. И никаких сигнатур. Красивенько. |
|
|
| Runtime GOT poisoning from injected shared object |
[Mar. 13th, 2015|02:36 pm] |
| [Tags | | | glibc, got, hijacking, inject, link_map, linux, plt, poisoning, rtld, runtime, so | ] |
| [ | Current Mood |
| |  calm | ] |
This short article describes how the combination of the two well-known techniques would allow to intercept library calls in runtime without PIC-code (as in [2]), patching the library functions or searches in the /proc/PID/maps.
( TL;DR ) |
|
|