search

arget13 / DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
GNU General Public License v3.0
791 stars 83 forks source link

Android? #13

Open WYNNGATE opened 1 year ago

WYNNGATE commented 1 year ago

Hi, can this be used on android? I'm guessing yes?...

arget13 commented 1 year ago

Hello, noup, this doesn't work in Android yet... The problem is that in Android there is a shell called mksh which is really really shitty since it doesn't even implement 64-bit integer arithmetic. And DDexec needs to calculate addresses and offsets which are 64-bit integers...

Having said this, I'm currently working in the technique memdlopen as a better way to load binaries, and I hope I will manage to make it work in Android and integrate it into DDexec :)

On the other hand I think the title of your question is rather misleading. What do you want to know about busybox?

tinmarino commented 1 year ago

I think @WYNNGATE is refering to Termux => any shell allowed.

This feature on Android would be nice because there the filesystem is really restricted.

I think this should work out of the box, let me have a look.