feat: attempt to load process symbol and hook it

fails because undefined symbol?
This commit is contained in:
əlemi 2023-03-29 00:43:53 +02:00
parent f567080751
commit 28778ab2e1
Signed by: alemi
GPG key ID: A4895B84D311642C
2 changed files with 21 additions and 0 deletions

View file

@ -21,3 +21,4 @@ retour = "0.1" # plain detour doesn't work on latest nightly? idk
elf = "0.7.2" elf = "0.7.2"
nix = "0.26.2" nix = "0.26.2"
proc-maps = "0.3.0" proc-maps = "0.3.0"
dlopen = "0.1.8"

View file

@ -1,14 +1,24 @@
use std::{error::Error, ffi::c_int}; use std::{error::Error, ffi::c_int};
use dlopen::symbor::Library;
use nix::libc::{socklen_t, sockaddr}; use nix::libc::{socklen_t, sockaddr};
use retour::static_detour; use retour::static_detour;
static_detour! { static_detour! {
static SOCKET_HOOK : unsafe extern "C" fn(i32, i32, i32) -> i32; static SOCKET_HOOK : unsafe extern "C" fn(i32, i32, i32) -> i32;
static CONNECT_HOOK : unsafe extern "C" fn(c_int, *const sockaddr, socklen_t) -> c_int; static CONNECT_HOOK : unsafe extern "C" fn(c_int, *const sockaddr, socklen_t) -> c_int;
static LOAD_EXT_HOOK : unsafe extern "C" fn(c_int) -> c_int;
} }
// extern "C" {
// fn load_ext() -> ();
// }
fn add_hooks() -> Result<(), Box<dyn Error>> { fn add_hooks() -> Result<(), Box<dyn Error>> {
let exec = Library::open_self()?;
let load_ext_sym = unsafe { exec.symbol::<unsafe extern "C" fn(c_int) -> c_int>("load_ext") };
unsafe { unsafe {
SOCKET_HOOK.initialize(nix::libc::socket, |dom, tp, proto| { SOCKET_HOOK.initialize(nix::libc::socket, |dom, tp, proto| {
eprintln!("caught socket({}, {}, {}) call", dom, tp, proto); eprintln!("caught socket({}, {}, {}) call", dom, tp, proto);
@ -21,6 +31,16 @@ fn add_hooks() -> Result<(), Box<dyn Error>> {
CONNECT_HOOK.call(fd, info, len) CONNECT_HOOK.call(fd, info, len)
})?; })?;
CONNECT_HOOK.enable()?; CONNECT_HOOK.enable()?;
match load_ext_sym {
Ok(sym) => {
LOAD_EXT_HOOK.initialize(*sym, |x| { eprintln!("intercepted load_ext!"); x })?;
LOAD_EXT_HOOK.enable()?;
},
Err(e) => {
eprintln!("[!] skipping load_ext hook : {}", e);
},
}
} }
Ok(()) Ok(())