af-graft icon indicating copy to clipboard operation
af-graft copied to clipboard

Published 20 hours ago verified publisher icon upa

If a program listens on both TCP/UDP, an error occours if tricked with libgraft-hijack.so

Open phantomcraft opened this issue 6 years ago • 1 comments

ip netns add ns1 && ip netns exec ns1 ip link set lo up modprobe -r ipx insmod /opt/af-graft/kmod/af_graft.ko /opt/af-graft/iproute2-4.10.0/ip/ip graft add nx4 type ipv4 addr 127.0.0.1 port 53 netns ns1 /opt/af-graft/iproute2-4.10.0/ip/ip graft add nx4-out type ipv4 netns 1

LD_PRELOAD="/opt/af-graft/tools/libgrwrap.so" GRAFT_CONV_PAIRS="127.0.0.1:53=nx4" GRAFT_BBCONN="nx4-out" DNS2SOCKS 127.0.0.1:9050 1.1.1.1:53 127.0.0.1:53

Error relocating /usr/local/lib/libgrwrap.so: __cmsg_nxthdr: symbol not found

Any other program that listen only on TCP or UDP works.

Strace Log:

LD_PRELOAD="/opt/af-graft/tools/libgrwrap.so" GRAFT_CONV_PAIRS="127.0.0.1:53=nx4" GRAFT_BBCONN="nx4-out" strace DNS2SOCKS execve("/usr/local/bin/DNS2SOCKS", ["DNS2SOCKS"], 0x7fff10261ca0 /* 25 vars */) = 0 arch_prctl(ARCH_SET_FS, 0x7fe35f821b28) = 0 set_tid_address(0x7fe35f821b68) = 9042 open("/opt/af-graft/tools/libgrwrap.so", O_RDONLY|O_CLOEXEC) = 3 fcntl(3, F_SETFD, FD_CLOEXEC) = 0 fstat(3, {st_mode=S_IFREG|0755, st_size=59816, ...}) = 0 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240#\0\0\0\0\0\0"..., 960) = 960 mmap(NULL, 65536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fe35f763000 mmap(0x7fe35f765000, 20480, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0x2000) = 0x7fe35f765000 mmap(0x7fe35f76a000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED, 3, 0x7000) = 0x7fe35f76a000 mmap(0x7fe35f76c000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x8000) = 0x7fe35f76c000 mmap(0x7fe35f76e000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe35f76e000 close(3) = 0 writev(2, [{iov_base="Error relocating /opt/af-graft/tools/libgrwrap.so"..., iov_len=77}, {iov_base=NULL, iov_len=0}], 2Error relocating /opt/af-graft/tools/libgrwrap.so: __cmsg_nxthdr: symbol not found) = 77 writev(2, [{iov_base="\n", iov_len=1}, {iov_base=NULL, iov_len=0}], 2 ) = 1 mprotect(0x7fe35f76c000, 4096, PROT_READ) = 0 mprotect(0x7fe35f81e000, 4096, PROT_READ) = 0 mprotect(0x5594cb367000, 4096, PROT_READ) = 0 exit_group(127) = ? +++ exited with 127 +++

Sorry for my English

phantomcraft avatar Dec 04 '18 22:12 phantomcraft

I tested with the new libgraft-convert.so and same error persists.

phantomcraft avatar Jan 08 '19 18:01 phantomcraft