Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Injection does not work for 32 bit process. #6

Closed
rtibdewal opened this Issue · 3 comments

2 participants

Rahul Tibdewal comex
Rahul Tibdewal

Hello there,

In file, Inject.c

static kern_return_t get_stuff(task_t task, cpu_type_t *cputype, struct addr_bundle *addrs) {

...
#if defined(i386) || defined(x86_64) || defined(ppc)
// Try to guess whether the process is 64-bit,
bool proc64 = info.all_image_info_addr > 0;
#else
bool proc64 = false;
#endif
mach_vm_address_t dyldImageLoadAddress = proc64 ? u.data64.dyldImageLoadAddress : u.data.dyldImageLoadAddress;

...

}

Above code gives wrong result and thus injection fails at mach_vm_read_overwrite();

I think check for #if defined(i386) || defined(x86_64) || defined(ppc)
is wrong as it will check whether injection process is 64 bit or 32 bit or ppc. It wont check whether task(injectee process) is 32 bit or 64 bit.

comex
Owner

The #if is there just because it will never be 64-bit on ARM.

Rahul Tibdewal

Sorry about the mess.. but I was not able to understand the bug better. Next time I will take care and will do through testing before approaching to anybody with bug.

Real bug is we cannot inject in 32 bit process. Usually all apple applications process on OSX 10.6 onwards are 64 bit but if you try with third party applications like google chrome, skype, VMWare fussion or any other 32 bit process, injection does not work.

Rahul Tibdewal

We need 32bit libs for 32bit processes, and 64bit libs for 64bit processes. My bad.

But I did had to change following line

bool proc64 = info.all_image_info_addr > 0;

with the code I had submitted in pull request.

Rahul Tibdewal rtibdewal closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.