Skip to content

Instantly share code, notes, and snippets.

@Hanaasagi
Created December 26, 2018 14:36
Embed
What would you like to do?
hijacking write call in Linux
use libc;
use std::ffi::CString;
use std::mem::transmute;
use std::os::raw::c_char;
use std::os::raw::c_int;
use std::os::raw::c_void;
#[no_mangle]
extern "C" fn strcmp(s1: *const c_char, s2: *const c_char) -> c_int {
println!("strcmp");
return 0;
}
#[no_mangle]
extern "C" fn write(fd: c_int, buf: *const c_void, count: libc::size_t) -> libc::ssize_t {
let name = CString::new("write").expect("CString::new failed");
let ptr = unsafe { libc::dlsym(libc::RTLD_NEXT, name.as_ptr()) };
let msg = "hijacking\n";
let handler: fn(c_int, *const c_void, libc::size_t) -> libc::ssize_t =
unsafe { transmute(ptr) };
//let b: c_void = unsafe { transmute(msg) };
handler(fd, msg as *const _ as *const c_void, 10);
return count as libc::ssize_t;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment