forked from ish-app/ish
-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathptutil.c
80 lines (71 loc) · 2.01 KB
/
ptutil.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#define _GNU_SOURCE
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/personality.h>
#include <sys/wait.h>
#include <sys/ptrace.h>
#include <sys/user.h>
#include <sched.h>
#include <syscall.h>
#undef PAGE_SIZE // want definition from emu/memory.h
#include "../misc.h"
long trycall(long res, const char *msg) {
if (res == -1 && errno != 0) {
perror(msg); printf("\r\n"); exit(1);
}
return res;
}
int start_tracee(const char *path, char *const argv[], char *const envp[]) {
// shut off aslr
int persona = personality(0xffffffff);
persona |= ADDR_NO_RANDOMIZE;
personality(persona);
int pid = fork();
if (pid < 0) {
perror("fork");
exit(1);
}
if (pid == 0) {
// child
trycall(ptrace(PTRACE_TRACEME, 0, NULL, NULL), "ptrace traceme");
trycall(execve(path, argv, envp), "fexecve");
} else {
// parent, wait for child to stop after exec
int status;
trycall(wait(&status), "wait");
if (!WIFSTOPPED(status)) {
fprintf(stderr, "child failed to start\n");
exit(1);
}
}
return pid;
}
int open_mem(int pid) {
char filename[1024];
sprintf(filename, "/proc/%d/mem", pid);
return trycall(open(filename, O_RDWR), "open mem");
}
void pt_readn(int pid, addr_t addr, void *buf, size_t count) {
int fd = open_mem(pid);
trycall(lseek(fd, addr, SEEK_SET), "read seek");
trycall(read(fd, buf, count), "read read");
close(fd);
}
void pt_writen(int pid, addr_t addr, void *buf, size_t count) {
int fd = open_mem(pid);
trycall(lseek(fd, addr, SEEK_SET), "write seek");
trycall(write(fd, buf, count), "write write");
close(fd);
}
dword_t pt_read(int pid, addr_t addr) {
dword_t res;
pt_readn(pid, addr, &res, sizeof(res));
return res;
}
void pt_write(int pid, addr_t addr, dword_t val) {
pt_writen(pid, addr, &val, sizeof(val));
}
void pt_write8(int pid, addr_t addr, byte_t val) {
pt_writen(pid, addr, &val, sizeof(val));
}