Skip to content

Instantly share code, notes, and snippets.

@Tosainu

Tosainu/Makefile

Created November 15, 2019 14:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Tosainu/163c24cb69ccf4dae6f91379b9ddfe75 to your computer and use it in GitHub Desktop.
Save Tosainu/163c24cb69ccf4dae6f91379b9ddfe75 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Makefile
memfd: memfd.o binary.o
binary.o: sc
$(LD) -r -b binary -o $@ $^
sc: sc.S
$(CC) -no-pie -nostdlib -s $< -o $@
.PHONY: clean
clean:
rm -f sc memfd memfd.o binary.o
Raw
memfd.c
#define _GNU_SOURCE
#include <fcntl.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>
extern char _binary_sc_start[];
extern char _binary_sc_end[];
int main() {
pid_t pid = getpid();
printf("[+] pid: %d\n", pid);
int memfd = memfd_create("hoge", MFD_CLOEXEC);
printf("[+] memfd: %d\n", memfd);
printf("[+] writing binary to memfd\n");
write(memfd, _binary_sc_start, _binary_sc_end - _binary_sc_start);
char* path = NULL;
asprintf(&path, "/proc/%d/fd/%d", pid, memfd);
printf("[+] executing %s\n", path);
execl(path, "hoge", NULL);
}
Raw
sc.S
.intel_syntax noprefix
.global _start
_start:
mov rsi, offset msg
mov rdi, 1
mov rdx, 14
mov rax, rdi
syscall
xor rdi, rdi
mov rax, 60
syscall
msg:
.ascii "Hello, World!\n"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment