Code Monkey home page Code Monkey logo

pangolin's Introduction

Contributors Forks Stargazers Issues


Pangolin

Inject ELF into remote process.

Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Roadmap
  5. Contributing
  6. License
  7. Contact
  8. Acknowledgements

About The Project

Pangolin is a program that allows to inject an ELF file into a remote process, both static & dynamically linked programs can be targeted.

Built With

Getting Started

Prerequisites

  • CMake 
    curl https://github.com/Kitware/CMake/releases/download/v3.21.0/cmake-3.21.0-linux-x86_64.sh | sh

Installation

  1. Clone the repo 
    git clone https://github.com/Hackerl/pangolin.git
  2. Update submodule 
    git submodule update --init --recursive
  3. Build shellcode 
    make -C shellcode
  4. Build injector 
    mkdir -p build && cd build && cmake .. && make

Usage

usage: pangolin [options] pid(int) ... inject argv ...
positional:
        pid                 process id(int)
optional:
        -?, --help          print help message
        -d, --daemon        daemon mode
        -e, --environs      environment variables(string[])

Start target:

./target

Inject target:

./pangolin -e "PANGOLIN=1" $(pidof target) $(pwd)/inject 1 "2 3"

If you want to make some threads reside in remote process, please specify daemon mode, pangolin will allocate a persistent memory as stack. In addition, after daemon thread created, call exit syscall in main thread to end injection.

Roadmap

See the open issues for a list of proposed features (and known issues).

Contributing

Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

License

Distributed under the beerware License.

Contact

Hackerl - @Hackerl

Project Link: https://github.com/Hackerl/pangolin

Acknowledgements

pangolin's People

Contributors

hackerl avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

zu1kbackup fzxcp3 hecg119 spartan-65 mushr00m xjas abioy nwanglu softking jinghao1 mrcoolzh lazypos diggold dragonkid xkroot fadinglr fengjixuchui wuyadie cumamon-san holdorigin cnguoyj xbeark

pangolin's Issues

pangolin 编译为可执行文件后,直接复制可执行文件到其它 linux 机器上执行报错

疑问
pangolin 编译为可执行文件后,是否支持复制可执行文件到其它 linux 机器上执行?

需求
需要使用 pangolin 做动态注入的机器不出网,无法安装依赖,因此,想先编译 pangolin,然后复制到目标机器上执行。

出现的问题

编译环境:alpine:latest
执行环境:centos7

编译后,pangolin 在编译机中可正常执行,尝试对 golang 目标进程注入 elkeid go_brobe,提示Function not implemented,详细报错如下:

/tmp # pangolin -e "PANGOLIN=1" 276 /root/Elkeid/rasp/golang/bin/go_probe
2023-05-09 09:58:25 | INFO  |             main.cpp:32  ] exec /root/Elkeid/rasp/golang/bin/go_probe
2023-05-09 09:58:25 | ERROR |           tracee.cpp:21  ] attach process 276 failed: Function not implemented
2023-05-09 09:58:25 | ERROR |             main.cpp:37  ] process injector open failed

怀疑时 alpine 容器不支持 ptrace,于是下载 centos7 镜像并复制 alpine 中编译的 pangolin 到 centos7 中进行测试,报错:

[root@eb4663cf66f3 tmp]# ./pangolin
qemu-x86_64: Could not open '/lib/ld-musl-x86_64.so.1': No such file or directory

复制 ld-musl-x86_64.so.1 到目标机器后,出现如下报错:

[root@eb4663cf66f3 tmp]# ./pangolin
Error loading shared library libstdc++.so.6: No such file or directory (needed by ./pangolin)
Error loading shared library libgcc_s.so.1: No such file or directory (needed by ./pangolin)
Error relocating ./pangolin: _ZNSolsEPFRSoS_E: symbol not found
Error relocating ./pangolin: _ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7_M_dataEv: symbol not found
Error relocating ./pangolin: _ZNSt10filesystem7__cxx1118directory_iteratorC1ERKNS0_4pathENS_17directory_optionsEPSt10error_code: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEixEm: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE17_S_to_string_viewESt17basic_string_viewIcS2_E: symbol not found
Error relocating ./pangolin: _ZNSo5tellpEv: symbol not found
Error relocating ./pangolin: _ZNSt10filesystem12read_symlinkERKNS_7__cxx114pathE: symbol not found
Error relocating ./pangolin: _Znam: symbol not found
Error relocating ./pangolin: _ZNSt10filesystem7__cxx1118directory_iteratorppEv: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_Alloc_hiderC1EPcRKS3_: symbol not found
Error relocating ./pangolin: _ZNSt10filesystem7__cxx114path5_ListC1ERKS2_: symbol not found
Error relocating ./pangolin: __cxa_end_catch: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEaSEPKc: symbol not found
Error relocating ./pangolin: _ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev: symbol not found
Error relocating ./pangolin: __cxa_allocate_exception: symbol not found
Error relocating ./pangolin: _ZNSt14basic_ifstreamIcSt11char_traitsIcEE7is_openEv: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12__sv_wrapperC1ESt17basic_string_viewIcS2_E: symbol not found
Error relocating ./pangolin: _ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EE: symbol not found
Error relocating ./pangolin: _ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4dataEv: symbol not found
Error relocating ./pangolin: _ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc: symbol not found
Error relocating ./pangolin: _ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5beginEv: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4rendEv: symbol not found
Error relocating ./pangolin: _ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4dataEv: symbol not found
Error relocating ./pangolin: _ZNSt14basic_ifstreamIcSt11char_traitsIcEED1Ev: symbol not found
Error relocating ./pangolin: _ZNSt14basic_ofstreamIcSt11char_traitsIcEEaSEOS2_: symbol not found
Error relocating ./pangolin: _ZNKSt10filesystem7__cxx114path5_List13_Impl_deleterclEPNS2_5_ImplE: symbol not found
Error relocating ./pangolin: __cxa_guard_release: symbol not found

请教大佬,pangolin 是否支持复制可执行文件在其它机器上执行?

cmake make 出错。

因为main.cpp 调用了 `std::filesystem 这个为C++17 的新功能。当前配置的gcc 设置了C++17 也会出现报错。

path.cpp:(.text._ZNSt10filesystem7__cxx114pathC2IPcS1_EERKT_NS1_6formatE[_ZNSt10filesystem7__cxx114pathC5IPcS1_EERKT_NS1_6formatE]+0x64): undefined reference to `std::filesystem::__cxx11::path::_M_split_cmpts()'
collect2: error: ld returned 1 exit status
make[2]: *** [CMakeFiles/pangolin.dir/build.make:146: bin/pangolin] Error 1
make[1]: *** [CMakeFiles/Makefile2:100: CMakeFiles/pangolin.dir/all] Error 2
make: *** [Makefile:91: all] Error 2

应该修改CMakeLists.txt 最后一行为

target_link_libraries(pangolin zero $<$BOOL:${STATIC_BUILD}:-static-pie> stdc++fs)

[root@localhost pangolin]# cmake --version
cmake version 3.20.2

[root@localhost pangolin]# make 
Consolidate compiler generated dependencies of target zero
[  7%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/log.cpp.o
[ 14%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/time/date.cpp.o
[ 21%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/strings/strings.cpp.o
[ 28%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/proc/process.cpp.o
[ 35%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/atomic/event.cpp.o
[ 42%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/filesystem/path.cpp.o
[ 50%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/encoding/base64.cpp.o
[ 57%] Building CXX object _deps/zero-build/CMakeFiles/zero.dir/src/encoding/hex.cpp.o
[ 64%] Linking CXX static library ../../lib/libzero.a
[ 64%] Built target zero
Consolidate compiler generated dependencies of target pangolin
[ 71%] Building CXX object CMakeFiles/pangolin.dir/main.cpp.o
[ 78%] Building CXX object CMakeFiles/pangolin.dir/ptrace/tracee.cpp.o
[ 85%] Building CXX object CMakeFiles/pangolin.dir/ptrace/executor.cpp.o
[ 92%] Building CXX object CMakeFiles/pangolin.dir/inject/injector.cpp.o
[100%] Linking CXX executable bin/pangolin
[100%] Built target pangolin
[root@localhost pangolin]# cat CMakeLists.txt

问个题外话

RASP 行为序列入侵检测
这个功能能不能举个例子?

RASP 热补丁
热补丁除了Java之外, 其他语言也能热补丁吗?

problems on freebsd

Hello, i test "pangolin" success on ubuntu, but when test on freebsd, it fails, there is no file "/proc/*/auxv", how to bypass? thanks!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.