Last active
April 7, 2020 20:24
-
-
Save andreafioraldi/820fff2314ed129ac5d1ceed9ca71d29 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <sys/mman.h> | |
| #include <sys/stat.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <unistd.h> | |
| #include <stdint.h> | |
| #include <stdint.h> | |
| typedef uint8_t u8; | |
| typedef uint16_t u16; | |
| typedef uint32_t u32; | |
| typedef uint64_t u64; | |
| typedef int8_t s8; | |
| typedef int16_t s16; | |
| typedef int32_t s32; | |
| typedef int64_t s64; | |
| typedef u8* ptr; | |
| ptr start_addr; | |
| ptr end_addr; | |
| void load_err(char* msg) { | |
| fprintf(stderr, "LOADER ERROR: %s\n", msg); | |
| abort(); | |
| } | |
| u8 load_blob(ptr addr, s32 fd) { | |
| struct stat st; | |
| fstat(fd, &st); | |
| s32 size = st.st_size; | |
| addr = mmap(addr, size, PROT_READ | PROT_WRITE | PROT_EXEC, | |
| MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); | |
| if (addr == MAP_FAILED) | |
| return 1; | |
| read(fd, addr, size); | |
| start_addr = addr; | |
| end_addr = addr + size; | |
| return 0; | |
| } | |
| u8 load_memory_blob(ptr addr, ptr blob, s32 size) { | |
| addr = mmap(addr, size, PROT_READ | PROT_WRITE | PROT_EXEC, | |
| MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); | |
| if (addr == MAP_FAILED) | |
| return 1; | |
| memcpy(addr, blob, size); | |
| start_addr = addr; | |
| end_addr = addr + size; | |
| return 0; | |
| } | |
| u8 load_memory_blob_inplace(ptr addr, s32 size) { | |
| ptr align = (ptr)((unsigned long)addr &~ (sysconf(_SC_PAGESIZE) -1)); | |
| s32 align_size = size + (addr - align); | |
| if (mprotect(align, align_size, PROT_READ | PROT_WRITE | PROT_EXEC) == -1) | |
| return 1; | |
| start_addr = addr; | |
| end_addr = addr + size; | |
| return 0; | |
| } | |
| #ifdef __x86_64__ | |
| ptr hook_place_jump(ptr addr, ptr dest_cb) { | |
| size_t instr_len = 5; | |
| u32 displ = dest_cb - (addr + instr_len); | |
| addr[0] = 0xe9; // relative near jmp | |
| *(u32*)&addr[1] = displ; | |
| return addr + instr_len; | |
| } | |
| #elif __i386__ | |
| ptr hook_place_jump(ptr addr, ptr dest_cb) { | |
| size_t instr_len = 5; | |
| u32 displ = dest_cb - (addr + instr_len); | |
| addr[0] = 0xe9; // relative near jmp | |
| *(u32*)&addr[1] = displ; | |
| return addr + instr_len; | |
| } | |
| #elif __arm__ | |
| ptr hook_place_jump(ptr addr, ptr dest_cb) { | |
| size_t instr_len = 4; | |
| u32 displ = (dest_cb - addr) / instr_len; | |
| *(u32*)&addr[0] = displ; | |
| arr[3] = 0x14; // b jump | |
| return addr + instr_len; | |
| } | |
| #elif __aarch64__ | |
| ptr hook_place_jump(ptr addr, ptr dest_cb) { | |
| size_t instr_len = 4; | |
| u32 displ = (dest_cb - addr) / instr_len; | |
| *(u32*)&addr[0] = displ; | |
| addr[3] = 0x14; // b jump | |
| return addr + instr_len; | |
| } | |
| #else | |
| #error "This arhcitecture is not supported!" | |
| #endif |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment