Comment by aa-jv
8 hours ago
Parse /proc/<pid>/maps to find the relevant target_addr in your process-under-attack. And then its a matter of:
$ dd if=shellcode.bin of=/proc/<pid>/mem bs=1 seek=$((target_addr)) ...
See also: DDExec
8 hours ago
Parse /proc/<pid>/maps to find the relevant target_addr in your process-under-attack. And then its a matter of:
$ dd if=shellcode.bin of=/proc/<pid>/mem bs=1 seek=$((target_addr)) ...
See also: DDExec
What legitimate purpose does this feature serve? Why should a process be able to write into the virtual memory of another process?