1个不稳定版本
| 0.1.0 | 2022年3月16日 |
|---|
#5 在 #pwn
7KB
69 行
dobby-rs
Dobby是一个轻量级、多平台、多架构的漏洞利用钩子框架。
此crate是Dobby的Rust绑定。
注意:钩子操作不安全!请自行承担风险。
快速入门
use dobby_rs::{resolve_symbol, hook, Address};
use std::mem::transmute;
#[inline(never)]
#[no_mangle]
extern "C" fn add(a: u64, b: u64) -> u64 {
a + b
}
#[inline(never)]
#[no_mangle]
extern "C" fn sub(a: u64, b: u64) -> u64 {
a - b
}
unsafe {
let addr = add as usize as Address;
let replace = sub as usize as Address;
let origin = hook(addr, replace).unwrap();
let origin: extern "C" fn(u64, u64) -> u64 = transmute(origin);
assert_eq!(origin(2, 1), 2 + 1);
assert_eq!(add(2, 1), 2 - 1);
}
支持的目标
-
Android
- x86
- x86_64
- armv7
- aarch64
-
MacOS
- x86_64
- aarch64
-
Linux
- (WIP) x86
- x86_64
lib.rs:
此crate是Dobby的Rust绑定。
快速入门
use dobby_rs::{resolve_symbol, hook, Address};
use std::mem::transmute;
#[inline(never)]
#[no_mangle]
extern "C" fn add(a: u64, b: u64) -> u64 {
a + b
}
#[inline(never)]
#[no_mangle]
extern "C" fn sub(a: u64, b: u64) -> u64 {
a - b
}
unsafe {
let addr = add as usize as Address;
let replace = sub as usize as Address;
let origin = hook(addr, replace).unwrap();
let origin: extern "C" fn(u64, u64) -> u64 = transmute(origin);
assert_eq!(origin(2, 1), 2 + 1);
assert_eq!(add(2, 1), 2 - 1);
}
依赖
~3MB
~18K SLoC