Skip to content

Instantly share code, notes, and snippets.

@ocean1

ocean1/dump_vdso.c

Created May 18, 2015 11:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ocean1/a519ca647bff84c42232 to your computer and use it in GitHub Desktop.
Save ocean1/a519ca647bff84c42232 to your computer and use it in GitHub Desktop.
Download ZIP
dump vdso
Raw
dump_vdso.c
#include <stdio.h>
#include <string.h>
int
main()
{
FILE *maps;
void *vdso_begin, *vdso_end;
maps = fopen("/proc/self/maps", "r");
char buf[1024];
while (fgets(buf, 1024, maps)) {
if (strstr(buf, "[vdso]")) break;
}
fclose(maps);
sscanf(buf, "%p-%p", &vdso_begin, &vdso_end);
write(1, vdso_begin, vdso_end - vdso_begin);
return 0;
}
/*#include
#include
#include
#include
static void *getsys(char **envp)
{
Elf64_auxv_t *auxv;
/* walk past all env pointers */
while (*envp++ != NULL);
/* and find ELF auxiliary vectors (if this was an ELF binary) */
auxv = (Elf64_auxv_t *) envp;
for ( ; auxv->a_type != AT_NULL; auxv++)
if (auxv->a_type == AT_SYSINFO_EHDR)
return (void *)auxv->a_un.a_val;
fprintf(stderr, "no AT_SYSINFO_EHDR auxv entry found\n");
exit(1);
}
int main(int argc, char *argv[], char **envp)
{
unsigned char buffer[4096];
void *p;
p=getsys(envp);
fprintf(stderr, "AT_SYSINFO_EHDR at %p\n",p);
memcpy(buffer, p, 4096);
write(1, buffer, 4096);*/
Raw
dump_vdso.py
#!/usr/bin/env python
from ctypes import *
for ln in open('/proc/self/maps'):
if '[vdso]' in ln:
start, end = [int(x,16) for x in ln.split()[0].split('-')]
CDLL('libc.so.6').write(1, c_void_p(start), end-start)
break
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment