Created
January 4, 2017 05:38
-
-
Save inaz2/3177f55b38bc7a257db92bf60c0a1555 to your computer and use it in GitHub Desktop.
write memory of the parent process via /proc/$PPID/mem
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ gcc write_ppid_memory.c -o write_ppid_memory | |
| $ sudo chown root write_ppid_memory | |
| $ sudo chmod u+s write_ppid_memory | |
| $ ls -al | |
| -rwsr-xr-x 1 root user 8984 Jan 4 14:35 write_ppid_memory* | |
| -rw-r--r-- 1 user user 475 Jan 4 14:28 write_ppid_memory.c | |
| $ ./write_ppid_memory | |
| Trace/breakpoint trap (core dumped) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <sys/types.h> | |
| #include <sys/stat.h> | |
| #include <sys/wait.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| int main() | |
| { | |
| int pid = fork(); | |
| if (pid == 0) { | |
| /* child */ | |
| char fpath[256]; | |
| snprintf(fpath, sizeof(fpath), "/proc/%d/mem", getppid()); | |
| int fd = open(fpath, 2); | |
| lseek(fd, 0x400801, 0); | |
| write(fd, "\xcc", 1); | |
| } else { | |
| /* parent */ | |
| waitpid(pid, NULL, 0); | |
| } | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment