This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Library injection

From: Adam <adam dot sznajder at purecode dot pl>
To: libc-help at sourceware dot org
Date: Mon, 04 Apr 2011 23:55:14 +0200
Subject: Library injection

Hello! my name is Adam Sznajder and I study computer science at Warsaw University of Technology. Currently I'm writting my graduate work which I have to do in order to finish my studies. The main aim of my project is to inject a library into some running process and create a new thread which will e.g. protect stack. As you can see it is a quite interesting task, but I have a problem with library injection. I found some awesome article on which I based my work: http://nologin.org/Downloads/Papers/remote-library-injection.pdf . Unfortunately my project doesn't work properly. It crashes in the middle of _dl_open function with the offset 0x163. Could you please have a look on my project and tell me what's wrong with it? You can download the sources here: www.purecode.pl/dllInjection.zip. I understand that you are busy and have much more important things to do, but can someone explain me what should I put into each register before _dl_open call? Currently I store in eax register address of library's path, in ebx 0x80000002 and in ecx NULL. Being honest I'm quite stressed because the time is running and I don't really know what's wrong. I work on Arch Linux with ld-2.13.so library.

Thanks in advance,
Adam Sznajder

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]