Exemplo n.º 1
0
func main() {
	tpid := flag.Int("pid", 0, "the pid you want to f**k with")
	tname := flag.String("rename", "", "the name you want it to be called")
	flag.Parse()

	if *tpid == 0 || *tname == "" {
		flag.Usage() // RTFM
		os.Exit(1)
	}

	StackLocation := FindStack(*tpid)

	if StackLocation == "" {
		log.Fatal("Unable to find stack. this shouldnt happen.")
	}

	log.Printf("Found stack at %s", StackLocation)

	cmdline := GetCmdLine(*tpid)
	offset := GetRamOffset(*tpid, StackLocation, cmdline)

	data := []byte(fmt.Sprint(*tname))
	data = append(data, 0x00)

	eh, _ := os.FindProcess(*tpid)

	err := syscall.PtraceAttach(eh.Pid)

	if err != nil {
		log.Fatalf("Could not attach to the PID. Why? %s", err)
	}

	_, err = syscall.PtracePokeData(eh.Pid, uintptr(offset), data)

	if err != nil {
		log.Fatalf("now I've f****d up! %s is the error", err)
	}

	// fmt.Printf("No idea what it means, but here is 'c' : %d", c)

	err = syscall.PtraceDetach(eh.Pid)

	if err != nil {
		log.Fatalf("Unable to detach?? Why? %s", err)
	}

	err = syscall.Kill(eh.Pid, syscall.SIGCONT)

	if err != nil {
		log.Fatalf("Unable to detach?? Why? %s", err)
	}

}
Exemplo n.º 2
0
func RenamePid(tpid int, tname string) {
	log.Printf("Attempting to rename pid %d to %s", tpid, tname)
	StackLocation := FindStack(tpid)

	if StackLocation == "" {
		log.Printf("Unable to find stack. this shouldnt happen.")
		return
	}

	cmdline := GetCmdLine(tpid)
	offset := GetRamOffset(tpid, StackLocation, cmdline)

	data := []byte(fmt.Sprint(tname))
	data = append(data, 0x00)

	eh, _ := os.FindProcess(tpid)

	err := syscall.PtraceAttach(eh.Pid)

	if err != nil {
		log.Printf("Could not attach to the PID. Why? %s", err)
		return
	}

	_, err = syscall.PtracePokeData(eh.Pid, uintptr(offset), data)

	if err != nil {
		log.Printf("now I've f****d up! %s is the error", err)
		return
	}

	// fmt.Printf("No idea what it means, but here is 'c' : %d", c)

	err = syscall.PtraceDetach(eh.Pid)

	if err != nil {
		log.Printf("Unable to detach?? Why? %s", err)
		return
	}

	err = syscall.Kill(eh.Pid, syscall.SIGCONT)

	if err != nil {
		log.Printf("Unable to detach?? Why? %s", err)
		return
	}
}
Exemplo n.º 3
0
func (t *Tracer) PokeData(addr uintptr, data []byte) (int, error) {
	return syscall.PtracePokeData(t.Process.Pid, addr, data)
}