Skip to content
/ linux-process-injection Public

Proof of concept for injecting simple shellcode via ptrace into a running process.

License

GPL-3.0 license
58 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

W3ndige/linux-process-injection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
sample-process
sample-process
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
inject.c
inject.c
 
 
poc.png
poc.png
 
 

Repository files navigation

Linux process injection

Proof of concept for injecting simple shellcode via ptrace into a running process.

Description

With ptrace() we can attach to any running process, allowing us to play with the current state. By looking at the /proc/PID/maps file we can find a memory region containing permission to execute, for example r-xp.

If we find such region, we can overwrite it's content using PTRACE_POKETEXT, with our shellcode. After that, we can modify the registers and set the value of rip register with the address of that memory region found in maps file.

In the end we have to continue execution with PTRACE_CONT.

POC

Proof Of Concept

About

Proof of concept for injecting simple shellcode via ptrace into a running process.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

58 stars

Watchers

2 watching

Forks

13 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages