Created
February 20, 2022 14:11
-
-
Save SeeFlowerX/ed6d107b1dcf3edd82541e111ccd9bbd to your computer and use it in GitHub Desktop.
打印popen执行结果
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function hook_libc(){ | |
| let fgets_ptr = Module.findExportByName("libc.so", "fgets"); | |
| let fgets = new NativeFunction(fgets_ptr, "pointer", ["pointer", "int", "pointer"]); | |
| let popen_addr = Module.findExportByName("libc.so", "popen"); | |
| console.log(`popen_addr => ${popen_addr}`); | |
| Interceptor.attach(popen_addr, { | |
| onEnter: function(args){ | |
| let command = args[0].readUtf8String(); | |
| let mode = args[1].readUtf8String(); | |
| console.log(`[popen] [onEnter] command=${command} mode=${mode}`) | |
| }, | |
| onLeave: function(fp){ | |
| let output = ""; | |
| let buffer = Memory.alloc(1024); | |
| while (fgets(buffer, 1024, fp) > 0) { | |
| output += buffer.readUtf8String(); | |
| } | |
| console.log(`[popen] [onLeave] fp=${fp} output =>${output}<=`); | |
| } | |
| }) | |
| } | |
| // hook_libc(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment