Skip to content

Instantly share code, notes, and snippets.

@andreafioraldi
Last active April 7, 2020 20:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save andreafioraldi/820fff2314ed129ac5d1ceed9ca71d29 to your computer and use it in GitHub Desktop.
Save andreafioraldi/820fff2314ed129ac5d1ceed9ca71d29 to your computer and use it in GitHub Desktop.
#include <sys/mman.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <stdint.h>
#include <stdint.h>
typedef uint8_t u8;
typedef uint16_t u16;
typedef uint32_t u32;
typedef uint64_t u64;
typedef int8_t s8;
typedef int16_t s16;
typedef int32_t s32;
typedef int64_t s64;
typedef u8* ptr;
ptr start_addr;
ptr end_addr;
void load_err(char* msg) {
fprintf(stderr, "LOADER ERROR: %s\n", msg);
abort();
}
u8 load_blob(ptr addr, s32 fd) {
struct stat st;
fstat(fd, &st);
s32 size = st.st_size;
addr = mmap(addr, size, PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (addr == MAP_FAILED)
return 1;
read(fd, addr, size);
start_addr = addr;
end_addr = addr + size;
return 0;
}
u8 load_memory_blob(ptr addr, ptr blob, s32 size) {
addr = mmap(addr, size, PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (addr == MAP_FAILED)
return 1;
memcpy(addr, blob, size);
start_addr = addr;
end_addr = addr + size;
return 0;
}
u8 load_memory_blob_inplace(ptr addr, s32 size) {
ptr align = (ptr)((unsigned long)addr &~ (sysconf(_SC_PAGESIZE) -1));
s32 align_size = size + (addr - align);
if (mprotect(align, align_size, PROT_READ | PROT_WRITE | PROT_EXEC) == -1)
return 1;
start_addr = addr;
end_addr = addr + size;
return 0;
}
#ifdef __x86_64__
ptr hook_place_jump(ptr addr, ptr dest_cb) {
size_t instr_len = 5;
u32 displ = dest_cb - (addr + instr_len);
addr[0] = 0xe9; // relative near jmp
*(u32*)&addr[1] = displ;
return addr + instr_len;
}
#elif __i386__
ptr hook_place_jump(ptr addr, ptr dest_cb) {
size_t instr_len = 5;
u32 displ = dest_cb - (addr + instr_len);
addr[0] = 0xe9; // relative near jmp
*(u32*)&addr[1] = displ;
return addr + instr_len;
}
#elif __arm__
ptr hook_place_jump(ptr addr, ptr dest_cb) {
size_t instr_len = 4;
u32 displ = (dest_cb - addr) / instr_len;
*(u32*)&addr[0] = displ;
arr[3] = 0x14; // b jump
return addr + instr_len;
}
#elif __aarch64__
ptr hook_place_jump(ptr addr, ptr dest_cb) {
size_t instr_len = 4;
u32 displ = (dest_cb - addr) / instr_len;
*(u32*)&addr[0] = displ;
addr[3] = 0x14; // b jump
return addr + instr_len;
}
#else
#error "This arhcitecture is not supported!"
#endif
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment