Skip to content
/ linux-process-injection Public
forked from W3ndige/linux-process-injection

Proof of concept for injecting simple shellcode via ptrace into a running process.

License

GPL-3.0 license
0 stars 14 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0x4b564b/linux-process-injection

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
sample-process
sample-process
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
inject.c
inject.c
 
 
poc.png
poc.png
 
 

Repository files navigation

Linux process injection

Proof of concept for injecting simple shellcode via ptrace into a running process.

Description

With ptrace() we can attach to any running process, allowing us to play with the current state. By looking at the /proc/PID/maps file we can find a memory region containing permission to execute, for example r-xp.

If we find such region, we can overwrite it's content using PTRACE_POKETEXT, with our shellcode. After that, we can modify the registers and set the value of rip register with the address of that memory region found in maps file.

In the end we have to continue execution with PTRACE_CONT.

POC

Proof Of Concept

About

Proof of concept for injecting simple shellcode via ptrace into a running process.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 96.8%
  • Makefile 3.2%