Thursday, February 18, 2010

New injectso -- Debian proof

The new injectso comes with a new technique to find the
address of the needed rtld function. Some systems (Debian based)
make /proc/pid/maps unavailable by default which
former injectso needed to work properly.
It now also works via /proc/pid/auxv to read AT_BASE
and to calculate where rtld functions can be found.
The nm method is also still included for systems where
libc exports symbol names.
The /proc/pid/auxv method has only been tested on x86_64
but should work on x86 too.


Additionally, I am officially sorry for the coding style
of injectso before v0.51. All the exploit coding makes a
terrible style and I will drop that for a while.
The code has been cleaned up and is now readable and
something to learn from.

No comments: