update shellcode

ab87914e · Chu · 2c319d16 · ab87914e
Commit ab87914e authored Dec 27, 2019 by Chu
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 8 deletions

process.cpp inject/process.cpp +7 -8

No files found.
--- a/inject/process.cpp
+++ b/inject/process.cpp
@@ -132,17 +132,16 @@ void Process::set_registers(const user_regs_struct &registers)
 void Process::call_func(const void *address, std::array<const void *, 6> args)
 {
    check_for_attached();
-    // 0:   48 bb ef be ad de ef be ad de       movabs  $0xdeadbeefdeadbeef, %rbx
-    // a:   48 83 ec 08                         sub     $0x8,%rsp
-    // e:   ff d3                               callq   *%rbx
-    // 10:  48 83 c4 08                         add     $0x8,%rsp
-    // 14:  cc                                  int3
+    // 0:   48 83 e4 f0                         and $0xfffffffffffffff0, %rsp
+    // 4:   48 bb ef be ad de ef be ad de       movabs $0xdeadbeefdeadbeef, %rbx
+    // e:   ff d3                               callq  *%rbx
+    // 10:  cc                                  int3
    // https://stackoverflow.com/questions/44613592/shared-library-injection-dl-relocate-object-segfaults
-    std::vector<unsigned char> shellcode = {0x48, 0xbb, 0xef, 0xbe, 0xad, 0xde, 0xef, 0xbe, 0xad, 0xde, 0x48,
-                                            0x83, 0xec, 0x08, 0xff, 0xd3, 0x48, 0x83, 0xc4, 0x08, 0xcc};
+    std::vector<unsigned char> shellcode = {0x48, 0x83, 0xe4, 0xf0, 0x48, 0xbb, 0xef, 0xbe, 0xad,
+                                            0xde, 0xef, 0xbe, 0xad, 0xde, 0xff, 0xd3, 0xcc};
    while (shellcode.size() % sizeof(void *) != 0)
        shellcode.emplace_back(0x90);
-    std::memcpy(shellcode.data() + 2, &address, sizeof(address));
+    std::memcpy(shellcode.data() + 6, &address, sizeof(address));
    auto rx_area = find_rx_area();
    auto original_code = read(rx_area, shellcode.size());
    write(rx_area, shellcode);