Bypass virtualization through `/proc/<PID>/root` on Linux

rdbo / libmem

Advanced Game Hacking Library for C, Modern C++, Rust and Python (Windows/Linux/FreeBSD) (Process/Memory Hacking) (Hooking/Detouring) (Cross Platform) (x86/x64/ARM/ARM64) (DLL/SO Injection) (Internal/External) (Assembler/Disassembler)

GNU Affero General Public License v3.0

764 stars 92 forks source link

Bypass virtualization through `/proc/<PID>/root` on Linux #139

Closed rdbo closed 11 months ago

rdbo commented 11 months ago

NOTE: This should be checked for BSD as well.

libmem would refuse to work with Flatpak apps because of libc incompatibility. After some discussion at the Flatpak repository (issue #5516), I got to know about the /proc/<PID>/root directory, which is a "symlink" of how the process sees the root filesystem. This could be used to access the real libc, even if the program is doing virtualization.

rdbo commented 11 months ago

Done: 428d7bdba521881af15274386b16347f35fe20ad