search

lief-project / tutorials

Materials for LIEF tutorials
142 stars 42 forks source link

05_ELF_hooking fails to work well #2

Closed deathmemory closed 6 years ago

deathmemory commented 6 years ago 
$ cd 05_ELF_infect_plt-got/
$ make
gcc crackme.c -O3 -o crackme.bin
chmod u+rx crackme.bin
gcc -nostdlib -nodefaultlibs -fPIC -Wl,-shared hook.c -o hook
In file included from hook.c:1:0:
arch/x86_64/syscall.c:24:13: warning: conflicting types for built-in function ‘_exit’ [-Wbuiltin-declaration-mismatch]
 static long _exit(int errcode) {
             ^~~~~
$ python hook_pltgot.py 
$ ./crackme.hooked XXXXXXXXXXXXXXXXXXXXX
Wrong

my OS:

$ uname -a
Linux ubuntu 4.15.0-20-generic #21-Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

LIEF version: 0.9.0

I found the segment has to added to the crackme.hooked and the .got address has been changed exactly. But when it runs, the correct value will be changed back. it still calls memcmp from libc

Please help

romainthomas commented 6 years ago

Does make run fail ?

deathmemory commented 6 years ago

Yes , it says that

$ make run
python ./hook_pltgot.py
chmod u+x ./crackme.hooked
./crackme.hooked XXXXXXXXXXXXXXXXXXXXX
Wrong
make: *** [run] Error 1
romainthomas commented 6 years ago

could you attach your compiled crackme.bin and crackme.hooked ?

deathmemory commented 6 years ago

yes i can

romainthomas commented 6 years ago

I mean upload it on this github issue

deathmemory commented 6 years ago

OK ~

05_bin_hook.zip

deathmemory commented 6 years ago

It works now , thank you ! 👍