Skip to content

0x00snape/pinject

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
src
src
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
sleep.rs
sleep.rs
 
 

Repository files navigation

maxresdefault

PINJECT

PINJECT is a seamless process injector for Linux, which inject your payload directly into other running process. It restore normal execution flow of the target program after payload injected.

Working

PINJECT uses simple method to inject payload into the running process.

  1. Pass the target process name you want to inject.
  2. PINJECT itself recognize the pid of the target process and attach to it.
  3. It sets tracer option (PTRACE_O_TRACEFORK) to trace forks into target process.
  4. Saves the original registers, RIP and instruction.
  5. Inject shellcode that call fork() syscall.
  6. Catch that injected fork() syscall with getevent() for getting the child pid CPID.
  7. And, overwrites existing bytes of RIP with payload on that child process.
  8. Then, it restore the original instruction of target program.

For testing phase i use shellcode that prints "Injected: ar.p" but can use bind-shell or reverse-shell

Usage

:$ git clone https://github.com/0x00snape/pinject.git
:$ cd pinject
:$ cargo build --release

Disclaimer

Works with target process having proper write permissions.

POC

pocinject

License

This project is licensed under MIT

About

process injection for Linux.

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages