Hi, > The current !inject command is nice for injecting code, but data is no > longer accessible, and current program memory is lost along the > execution of the shellcode. The correct way to implement !inject must > would be to mmap a PIC elf in random memory, and prepare the ELF > imports and allow to choose the symbol to be executed and also being > able to define the function arguments and so.
Yes, that would be the right way. As you know, the current !inject is a quick hack ;) The only problem with that approach is fix the addresses of imports. Now, I am working on r_bin, refactoring r_bin_pe and r_bin_elf a lot and adding write support for things precisely like that (add/remove/modify symbols, imports, sections...). I think I'll be able to backport it to r1 when it's done without many troubles :) And then I implement !inject in that way :P > Actually this approach can be done with r1, but very limited to few > cases, so, the idea in r2 is to be able to do all this stuff with the > libr api (r_bin). Exactly, it will be very easy using r_bin (and generic ;) Regards, Nibble _______________________________________________ radare mailing list [email protected] http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
