Created
January 26, 2011 19:34
-
-
Save ice799/797267 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> I am trying to patch an executable with does not link to Lua (script library) yet includes the source. The function luaL_newstate is the | |
> one wanted, which is present in the mach-o and I can see the instruction address and the displacement to the function. | |
so you have a binary which does not link to lua_whatever.so ? ok... | |
> I have tried numerous methods of inserting the hook displacement for the displacement in the binary of interest. I would assume it requires | |
> using execve to run the binary of interest yet that will overwrite the address space of the patcher. I have tried fork -> ptrace | |
> PT_TRACE_ME execve and then trying dlsym(RTLD_DEFAULT, "luaL_newstate"); after a signal with the intention of overwriting memory with the | |
> hook. I tested this by not including the Lua lib in the patcher and it does not find the symbol. | |
ok so i'm not sure i totally understand what you are asking. yes exec* will overwrite the address space. what you need to do to patch a | |
running executable is ptrace attach to it and create a small trampoline like injectso does. use this trampoline to call dlopen and load | |
the library that is not linked to the binary. | |
have you read the source for injectso? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment