Tags down


How to prevent LD_PRELOAD on a binary?

By : 0xEC108
Date : August 02 2020, 12:00 AM
around this issue Just like scripts have an interpreter specified via the #! mechanism, excecutables work similarly. ELF executables have a field in the program header whose type is PT_INTERP and it gives a path to an "interpreter" for the executable. That "interpreter" is the dynamic linker, ld-linux.so. That linker will process the header and map the file into memory and all the rest.
It is this ld-linux.so loader that implements the LD_PRELOAD feature.
code :

Share : facebook icon twitter icon

LD_PRELOAD affects new child even after unsetenv("LD_PRELOAD")

By : Angel Barrientos Cru
Date : March 29 2020, 07:55 AM
help you fix your problem edit: so the problem/question actually was: howcome can't you unset LD_PRELOAD reliably using a preloaded main_init() from within bash.
The reason is that execve, which is called after you popen, takes the environment from (probably)
code :
extern char **environ;
extern char**environ;

int  __attribute__((constructor))  main_init(void)
int i;
printf("Unsetting LD_PRELOAD: %x\n",unsetenv("LD_PRELOAD"));
printf("LD_PRELOAD: \"%s\"\n",getenv("LD_PRELOAD"));
printf("Environ: %lx\n",environ);
printf("unsetenv: %lx\n",unsetenv);
for (i=0;environ[i];i++ ) printf("env: %s\n",environ[i]);
FILE *fp = popen("ls", "r");
unsetenv: 7f4c78fd5290
unsetenv: 7f1127317290
unsetenv: 7f1ab63a2290
unsetenv: 46d170
for (i=0;environ[i];i++ )
    if ( strstr(environ[i],"LD_PRELOAD=") )
         printf("hacking out LD_PRELOAD from environ[%d]\n",i);
         environ[i][0] = 'D';
execve("/bin/sh", ["sh", "-c", "ls"], [... "DD_PRELOAD=mylib.so" ...]) = 0

Prevent from reverse engineering C++ binary

By : Bin Sun
Date : March 29 2020, 07:55 AM
This might help you If I got you right, you are talking about obfuscation.
This question on Stackoverflow covers the topic. There is a lot of software that obfuscates C++ code, quick googling shows a lot of such apps, e.g. this or this.

Is there a git hook which can prevent binary check-ins

By : pulkit bhardwaj
Date : March 29 2020, 07:55 AM
help you fix your problem I don't know of an existing hook, but git already comes with a hook that checks for adding "non-ascii names", as a sample pre-commit hook. This will likely already be in your existing git repositories as .git/hooks/pre-commit.sample.
Using that hook as a template and considering the answers to "How to determine if Git handles a file as binary or as text?", you could do something like this (see "git's semi-secret empty tree" for where EMPTY_TREE comes from):
code :
#! /bin/sh

stop_binaries=$(git config --get hooks.stop_binaries)

exec 1>&2

if [ "$stop_binaries" = true ]; then
    EMPTY_TREE=$(git hash-object -t tree /dev/null)
    # or: EMPTY_TREE=4b825dc642cb6eb9a060e54bf8d69288fbee4904
    if git diff --cached --numstat $EMPTY_TREE | grep -e '^-' >/dev/null; then
        echo Error: commit would add binary files:
        git diff --cached --numstat $EMPTY_TREE | grep -e '^-' | cut -f3-
        exit 1

LD_PRELOAD with setuid binary

By : Divya Theodore
Date : March 29 2020, 07:55 AM
hope this fix your issue LD_PRELOAD cannot be used with setuid. This is a security feature in linux. For reference check this article, which goes into the detail on how to use LD_PRELOAD to substitute some library calls with custom code, at the example of malloc.

How to prevent LD_PRELOAD or ld.so.preload configuration?

By : kevinliu
Date : March 29 2020, 07:55 AM
Hope that helps
is it possible to prevent/detect preloaded library, either through LD_PRELOAD environment variable or through /etc/ld.so.preload configuration?
Related Posts Related Posts :
  • Why does my execve() only works when arguments include /bin/?
  • Is there a way to print a pointer with %x argument
  • Segmentation fault core dumped error in c
  • what is the output this null character printing?
  • Trouble incrementing and decrementing a malloced array of multiple data types in C
  • How to get a global state of the locks in Linux kernel?
  • What does mean of "return (int, int);" in c language?
  • arrange number with 5 digits from the biggest to lowest in c only with 'if'
  • How should I create a linked list with a generic amount of items per node in C
  • Dereference Operator Before an Array Element?
  • posix thread in c: terminating 1 thread from another using by passing threads
  • Simple Program in C: Adding two matrices. What is going on with the result?
  • Stuck on Paper-Scissors-Rock game
  • Scan this from a text file into 2 arrays using C
  • Realloc returns invalid pointer when char array is passed into another function
  • Continued: Segmentation fault for program that indexes words from a file
  • Program to find parity
  • Logic error with an encode/decode program (C)
  • Why do i need to typecast here?
  • put() prints duplicate lines in c
  • Forking a proccess into 7 childs without looping
  • Problem in writing to an output file using pipes
  • Understanding the difference between different C pointer assignment
  • Avoid the use of .data segment
  • Why can I have a const char pointer point to a mutable char array?
  • How to correct the error in this fibonacci series program in C?
  • Syscall alternative for printf()?
  • How to Fix this error: initializer element is not constantt in OpenGL program?
  • How do I deal with a void pointer to an array for sorting algorithm?
  • pow function in C not working as intended
  • flex bison windows introduction
  • Value of a Pre-processor directive statement in C
  • Haskell -> C FFI performance
  • Having trouble understanding the output of code when dealing with pointers in C
  • How to process macros in LEX?
  • when trying to write file fprintf does not work
  • Function pointer without a name in C
  • Get overflow from arithmetic operations
  • Find the length of the longest word in a string. C language
  • Parallelization of true dependencies
  • Is there a way to make an array of size 530000 in C?
  • Compiling with optimization gets a condition wrong
  • Interaction or assignment of struct variable to memory location
  • Is it legal to allocate only part of a struct?
  • Variable Length Array Used C
  • Not equal using bitwise operations?
  • What's the difference between these two ways of incrementing pointers for a 2D array in C?
  • Too few arguments error, but passing in enough arguments?
  • Unexpected result when trying to continuously prompt until they give an integer-only input
  • function-like macros and variables
  • Using makefile file as prerequisite in a rule
  • Questions about Structure definitions
  • How many processes are created
  • strcmp usage to terminate file writing doesn't work
  • waitpid does not give me consistent results
  • Lex and Yacc symbol table generation and manipulation
  • Including all the library statically instead of parts of the library upon linking/compilation
  • Is it possible to create an array of generic function pointers?
  • Does lseek()'s SEEK_HOLE behaves as expected?
  • Why does using struct work but typedef struct not?
  • shadow
    Privacy Policy - Terms - Contact Us © voile276.org