From mboxrd@z Thu Jan 1 00:00:00 1970 From: cdkrot@yandex.ru (Sayutin Dmitry) Date: Tue, 03 Jan 2017 22:54:55 +0300 Subject: Inject custom code or data into running process In-Reply-To: <20170103194518.GA29904@gmail.com> References: <1246901483471451@web40m.yandex.ru> <20170103194518.GA29904@gmail.com> Message-ID: <1268311483473295@web40m.yandex.ru> To: kernelnewbies@lists.kernelnewbies.org List-Id: kernelnewbies.lists.kernelnewbies.org This sounds like a solution, but it's a bit complicated one. I would prefer to implement injection in kernel space, because it should be more simple. Thank you for your idea nevertheless =) 03.01.2017, 22:45, "Mike Krinkin" : > On Tue, Jan 03, 2017 at 10:24:11PM +0300, Sayutin Dmitry wrote: >> ?Hello, how one should inject code or data into allready running process? > > If you have enough priviledges to use ptrace you can write in a target > process memory. Though, AFAIK, you can only overwrite existing memory and > can't create new mapping using ptrace, so in order to overcome this you > need to save original code first, rewrite it with your injection bootstrap > code (bootstrap code for example can load a shared library), execute it > and then return original code back. > >> ?There is no need to start code execution at this point, but it should appear in it's virtual memory. >> >> ?Moreover, i want this data to persist across execve's or clone's (probably can be implemented as hook on appropriate kernel methodes) >> >> ?(If you want to know motivation for this -- I want to implement some new idea on sandboxing). >> >> ?Thanks in advance, Sayutin Dmitry >> >> ?_______________________________________________ >> ?Kernelnewbies mailing list >> ?Kernelnewbies at kernelnewbies.org >> ?https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ----- Sayutin Dmitry