Created
November 16, 2024 15:17
-
-
Save zimnyaa/9cb8492456404648ab166bb13b9908e0 to your computer and use it in GitHub Desktop.
GDB script to spoof the nginx config file for a runtime reload with SIGHUP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set $conf = "server {\n\tlisten 8082 default_server;\n\tlisten [::]:8082 default_server;\n\troot /var/www/html;\n\tserver_name _;\n\tlocation / {\n\t\ttry_files $uri $uri/ =404;\n\t}\n}" | |
| set $conf_len = $_strlen($conf) | |
| set detach-on-fork off | |
| break open | |
| condition 1 $_streq((char *)$rdi, "/etc/nginx/sites-enabled/default") | |
| # signal break | |
| c | |
| c | |
| # open break | |
| # preserve regs | |
| set $old_rdi = $rdi | |
| printf "nginxject: rdi: %s\n", (char *)$rdi | |
| set $addr = (char *) malloc($conf_len) | |
| call strcpy($addr, $conf) | |
| set $mfd = (long long) memfd_create("newconf", 0) | |
| printf "nginxject: memfd: %d\n", $mfd | |
| call write($mfd, $conf, $conf_len) | |
| printf "nginxject: rewinding..." | |
| call lseek($mfd, 0, 0) | |
| printf "nginxject: returning..." | |
| set $rdi = $old_rdi | |
| return (long long) $mfd | |
| detach | |
| q |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment