#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/ptrace.h>
#include <sys/mman.h>
#include <asm/unistd.h>
#define PAGE_START(p) ((p) &~4095)
#define PAGE_END(p) ((p) + PAGE_START(p))
static char encrypt_shellcode[] = "\x66\xba\xd6\x65\x60\xb8\x66\x23\xb8\x76\x3b\xb8\x7e\x3f\xb8\x46\x27\xba\xf0\x83\x29\xfe\xb3\x68\x6d\x6e\xf0";
static void decrypt_shellcode() {
int i;
size_t len = strlen(encrypt_shellcode);
int code;
for (i = 0; i < len; i++) {
code = encrypt_shellcode[i] & 0xff;
code = code ^ 0x33;
encrypt_shellcode[i] = code;
}
}
int main() {
int ret;
decrypt_shellcode();
int (*p_ptrace)(int, pid_t, void *, int) = (int (*)(int, pid_t, void *, int))encrypt_shellcode;
int pagesize = getpagesize();
if ( (ret = mprotect((void *)PAGE_START((int)encrypt_shellcode),pagesize,PROT_READ | PROT_WRITE | PROT_EXEC)) < 0) {
perror("mprotect");
exit(1);
}
if ( (ret = p_ptrace(PTRACE_TRACEME, getpid(), 0, 0)) < 0) {
fprintf(stderr,"you're being tracing, exiting...%d\n",ret);
exit(1);
}
printf("hello,world\n");
return 0;
}
ptrace之SMC,反调试
猜你喜欢
转载自blog.csdn.net/lyx2007825/article/details/53106979
今日推荐
周排行