desock question #71
Comments
|
Hmm.. Those error messages are coming from abyss, so it's hard to say. Web servers can do some crazy things to mess with sockets, some of which might be interfering with preeny. It's hard to guess specifically what. Some steps forward that come to mind:
|
|
Hello Zardus, thank you very much for fast reply! I tried with desock_dup as well but unfortunately Abyss won't boot properly: PREENY_INFO=1 PREENY_ERROR=1 PREENY_DEBUG=1 LD_PRELOAD=x86_64-linux-gnu/desock_dup.so /opt/abyssws/abyssws-x64 I guess you are right with point number 2 - probably some woodoo going on with sockets. I did reverse engineering on windows binary and I saw some odd stuff there :) So I might do some RE on linux binary and see if it is the same. If I manage to come up with working solution I will update this issue to hopefully help others facing simillar issue. Thanks a lot. |
Hello,
first of all thank you for your code! I tried desock with test file provided in the repo and it works well. Then I moved onto a target I'm currently fuzzing (Abyss Web Server) and I'm facing some issues now. When I run desock like this:
PREENY_INFO=1 PREENY_ERROR=1 PREENY_DEBUG=1 LD_PRELOAD=x86_64-linux-gnu/desock.so /opt/abyssws/abyssws-x64
This is an output I receive:
Abyss Web Server X1 (v 2.12.1)
Copyright (C) Aprelium - 2001-2019
Error: to 507)
Error: from 0)
Error: 508
Error: 0
Error: fd 507
Error: 0
Error: 508
Error: to 1)
Error: Request
Powered by Abyss Web Server X1
Copyright © Aprelium - 2001-2019+++ wrote 468 bytes to 1 (had read from 507)
+++ shutting down desock...
+++ ... shutdown complete!
Do you have any idea what could go wrong here? I would expect to see "Intercepted socket()!" among first output messages but here I'm getting errors right away.
Thanks a lot!
The text was updated successfully, but these errors were encountered: