injector Added fix for sandboxed apps like Flatpaks

Added fix for sandboxed apps like Flatpaks

Open rdbo opened this issue 2 years ago • 2 comments

On Linux, there is a virtual rootfs path at /proc/<pid>/root, which represents what the process thinks is the rootfs, and also allows you to access those files. For example, on Flatpak the libc path would be: /app/libc.so. But there is no /app on my system, that directory only exists in the sandboxed rootfs. Luckily, we can still access it through /proc/<pid>/root/app/libc.so. This fix adds the prefix /proc/<pid>/root to the libc path before calling open_libc, since the root directory exists in both regular processes and sandboxed ones.

Oct 21 '23 16:10 rdbo

css-flatpak Screenshot injecting into Counter-Strike Source, running from Flatpak Steam.

Oct 21 '23 16:10 rdbo

Still works on regular processes also:

$ ./target 
[*] Target Process
Waiting...................................... <LIBTEST LOADED> ..........

Oct 21 '23 17:10 rdbo

Thanks for pointing!

I fixed it by another way. Your code seems to work for processes in containers based on pivot_root, but not chroot.

Feb 19 '24 12:02 kubo

injector injector copied to clipboard

Added fix for sandboxed apps like Flatpaks

injector
injector copied to clipboard