Verify some core functionalities of remote process injection, including:
- Dynamically resolve the target PIE process base address (/proc/pid/maps)
- Use ptrace to hijack the execution flow and call mmap to allocate rwx memory
- Integrate the Capstone disassembler engine to dynamically calculate the instruction length required to save the jump table
- Construct the jump table (movabs rax, addr; jmp rax) and inject shellcode
- After executing the payload, safely return to the original control flow, and the target process runs stably.
验证远程进程注入的部分核心功能,包括:
- 动态解析目标 PIE 进程基址 (/proc/pid/maps)
- 利用 ptrace 劫持执行流调用 mmap 分配 rwx 内存
- 集成 Capstone 反汇编引擎,动态计算跳板所需保存的指令长度
- 构造跳板 (movabs rax, addr; jmp rax) 并注入 shellcode
- 执行 payload 后安全返回原控制流,目标进程稳定运行