Recently, I encountered Linux-inject, which is an injection program that can inject a. So file into a running application process. Similar to the functionality implemented by the LD_PRELOAD environment variable, it can be dynamically injected while the program is running, while Ld_preload is a dynamic-link library that defines priority loading before the program runs. In fact, Linux-inject does not replace any function. In other words, it can be seen as ignoring the lp_preload.
Its documentation is scarce, probably because developers believe that most users of this program are not novices in the field and should know what to do. But maybe some people aren't the target audiences, it took me a long time to figure out what I needed to do, so I hope this article will help others.
We first need to clone and build it:
1 2 3 |
git clone https://github. com/gaffe23/linux-inject. Git cd linux-inject make |
When we're done, we can start with this example. Open another terminal (so you have two free to use), CD to the directory of your cloned linux-inject, and then
1 |
CD ~/workspace/linux-inject, run. /sample-target. |
Go back to the first terminal and run
1 |
Sudo. /inject-n Sample-target sample-library.so. |
What does all this mean, inject sample-library.so into a process, the process is sample-target specified by-n name. If you need to inject the process into the specified PID, you can use the-p PID method.
This may not work, however, because a security module named Yama in Linux3.4 can disable ptrace-based code injection (or there are other blocking methods during code injection). To make it work in this situation, you need to run one of these commands (I prefer the second one for security reasons): Try the injection again, and you'll see "I just got loaded" in the Sample-target output "sleeping ...".
1 |
echo 0 | sudo tee/proc/sys/kernel/yama/ptrace_scope |