-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathREADME
61 lines (46 loc) · 1.71 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
=========
Injcode
=========
:Author: Thomas Habets
:Contact: [email protected]
:Copyright: GPL
Only supports x86 Linux, not 64bit.
Install
=======
Just type "make", and then put the binary (injcode) wherever you like.
How it works
============
Injcode attaches to the target process using ptrace(). It then copies code
and data into the memory space of the process and runs that. Then it cleans
up as if it was never there.
It places the code and data in the current code and data page, respectively.
This ensures that no stack execution protection blocks it.
The code injected can be anything, but currently these are implemented:
- test Prints a message to stdout in the context of the target process.
- close Close any file descriptor. (see /proc/<pid>/fd)
- dup2 Overwrite any fd with a newly opened file.
- retty Move a program from another tty to this one.
Doing retty is quite involved. See:
http://blog.habets.pp.se/2009/03/Moving-a-process-to-another-terminal
for the full story.
Running
=======
Example 1: move irssi from one terminal to another
--------------------------------------------------
Maybe move it into a screen.
First start irssi in one terminal.
Run injcode in another terminal:
$ injcode -m retty <pid of irssi>
Irssi should now be moved to the second terminal, including having a new
controlling terminal.
Example 2: redirect stdout of a running program into a file
-----------------------------------------------------------
$ injcode -m dup2 \
-ofd=1 \
-oflags=O_CREAT,O_WRONLY,O_TRUNC \
-ofilename=logfile.txt <pid of program>
Bugs
====
See bug list/wishist using BugsEverywhere.
This file is written in
`reStructuredText <http://docutils.sourceforge.net/docs/user/rst>`_