Created
December 15, 2016 04:40
-
-
Save tklengyel/afc951011a5310fbb4355e162d10a3c9 to your computer and use it in GitHub Desktop.
Make breakpoint instruction (0xCC) length 4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Make 0xCC instruction length larger then 1 | |
| */ | |
| #include <stdio.h> | |
| #include <sys/mman.h> | |
| #include <stdlib.h> | |
| typedef void(*FUN)(void); | |
| char * myFunc; | |
| char *allocExecutablePages (int pages) | |
| { | |
| char *t = valloc (getpagesize() * pages); | |
| if (mprotect (t, getpagesize(), PROT_READ|PROT_EXEC|PROT_WRITE) == -1) { | |
| fprintf (stderr, "mprotect"); | |
| } | |
| return t; | |
| } | |
| void main(void) { | |
| myFunc = allocExecutablePages(1); | |
| myFunc[0] = 0x67; // add redundant prefix | |
| myFunc[1] = 0x67; // add redundant prefix | |
| myFunc[2] = 0x67; // add redundant prefix | |
| myFunc[3] = 0xcc; // breakpoint | |
| ((FUN)myFunc)(); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment