-
Notifications
You must be signed in to change notification settings - Fork 3
/
internal_func.c.bleed
74 lines (48 loc) · 1.27 KB
/
internal_func.c.bleed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
--skip--
#+Function_name: inspect_status
#+Description: Inspect arguments given to the hooking functions 'pre_func' and 'post_func'
--declare--
@@types@@
// Ignore section for internal functions
@@vars@@
// Here we declare only static vars and strings
char * p = "Inject this. arg1:%d\n";
char * p2 = "PID: %d\n";
__static__ pino;
// because 'x' was declared as global/static data, then here 'x' will be declared as a pointer, in this case as 'int *'
__static__ x;
@@external-functions@@
getpid(0);
printf(2);
--code--
@@function@@
#+define:
// here we insert includes and struct typedf etc.
// - we can have only one "define" sub-section
#include <sys/types.h>
#include <unistd.h>
#+function:
// before declaring a function we must use the keyword "#+function"
int print_pino(int i)
{
pid_t pid;
// example of a string pushed into stack
// char p2[] = {'P','I','D',':','%','d','\n'}; <- this var is declared into stack only in intel
printf(p,i);
// printf(pino);
if (i == 0x1337)
{
pid = getpid();
printf(p2, pid);
printf(pino);
}
return *x;
}
#+function:
int call_print_pino(int j){
return print_pino(j);
}
@@post_func@@
// Ignore section for internal functions
@@pre_func@@
// Ignore section for internal functions