How to hijack the Demo of printf function 01/19 Update SLTechnology News&Howtos

How to hijack the Demo of printf function

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)05/31 Report--

This article focuses on "how to hijack the Demo of the printf function", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to hijack the Demo of the printf function.

# # hijacking Demo of printf function

[root@garnett-vm-1-3nskg test_ld] # ls hijack_printf.c printf_hello.c

Root@garnett-vm-1-3nskg test_ld] # cat printf_hello.c

# include main () {printf ("hello garnett.wang!");}

[root@garnett-vm-1-3nskg test_ld] # cat hijack_printf.c

# define _ GNU_SOURCE#include # include int printf (const char * format,...) {va_list list; char * parg; typeof (printf) * old_printf; / / format variable arguments va_start (list, format); vasprintf (& parg, format, list); va_end (list) / / DO HERE SOMETHING VERY EVIL / / get a pointer to the function "printf" old_printf = dlsym (RTLD_NEXT, "printf"); (* old_printf) ("I have hijacked printf:% s", parg); / / and we call the function with previous arguments free (parg);}

Note: add # define _ GNU_SOURCE before # include because it is included in the RTLD_NEXTposix standard.

[root@garnett-vm-1-3nskg test_ld] # gcc printf_hello.c-o printf_hello [root@garnett-vm-1-3nskg test_ld] # ls hijack_printf.c printf_hello printf_hello.c

# before hijacking: [root@garnett-vm-1-3nskg test_ld] #. / printf_hello hello garnett.wang!

Compile source code to generate hijacked so file: [root@garnett-vm-1-3nskg test_ld] # gcc-shared-fPIC hijack_printf.c-o libhijack_printf.so-ldl [root@garnett-vm-1-3nskg test_ld] # ls hijack_printf.c libhijack_printf.so printf_hello printf_hello.c

# configure LD_PRELOAD: [root@garnett-vm-1-3nskg test_ld] # export LD_PRELOAD=pwd/libhijack_printf.so [root@garnett-vm-1-3nskg test_ld] # echo $LD_PRELOAD / root/test_ld/libhijack_printf.so

# after hijacking: [root@garnett-vm-1-3nskg test_ld] #. / printf_hello I have hijacked printf: hello garnett.wang!

# View ld dependency: [root@garnett-vm-1-3nskg test_ld] # ldd libhijack_printf.so linux-vdso.so.1 = > (0x00007fff0fcfe000) libdl.so.2 = > / lib64/libdl.so.2 (0x00007fb30bd30000) libc.so.6 = > / lib64/libc.so.6 (0x00007fb30b99b000) / lib64/ld-linux-x86-64.so.2 (0x00007fb30c13c000)

[root@garnett-vm-1-3nskg test_ld] # ldd printf_hello linux-vdso.so.1 = > (0x00007fff0c5ff000) / root/test_ld/libhijack_printf.so (0x00007fc6329a8000) libc.so.6 = > / lib64/libc.so.6 (0x00007fc63260d000) libdl.so.2 = > / lib64/libdl.so.2 (0x00007fc632409000) / lib64/ld-linux-x86-64.so.2 (0x00007fc632baa000)

At this point, I believe you have a deeper understanding of "how to hijack the Demo of the printf function". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.