[217] | 1 | /*******************************************************************************
|
---|
| 2 | mach_inject.h
|
---|
| 3 | Copyright (c) 2003-2005 Jonathan 'Wolf' Rentzsch: <http://rentzsch.com>
|
---|
| 4 | Some rights reserved: <http://creativecommons.org/licenses/by/2.0/>
|
---|
| 5 |
|
---|
| 6 | ***************************************************************************/
|
---|
[153] | 7 |
|
---|
[217] | 8 | /***************************************************************************//**
|
---|
[153] | 9 | @mainpage mach_inject
|
---|
[217] | 10 | @author Jonathan 'Wolf' Rentzsch: <http://rentzsch.com>
|
---|
[153] | 11 |
|
---|
[217] | 12 | This package, coded in C to the Mach API, allows you to "inject" code into
|
---|
| 13 | an arbitrary process. "Injection" means both 1) copying over the necessary
|
---|
| 14 | code into the target's address space and 2) remotely creating a new thread
|
---|
| 15 | to execute the code.
|
---|
[153] | 16 |
|
---|
[217] | 17 | ***************************************************************************/
|
---|
[153] | 18 |
|
---|
| 19 | #ifndef _mach_inject_
|
---|
| 20 | #define _mach_inject_
|
---|
| 21 | #include <sys/types.h>
|
---|
| 22 | #include <mach/error.h>
|
---|
| 23 | #include <mach/vm_types.h>
|
---|
[217] | 24 | #include <stddef.h> // for ptrdiff_t
|
---|
[153] | 25 |
|
---|
[217] | 26 | #ifdef __cplusplus
|
---|
| 27 | extern "C" {
|
---|
| 28 | #endif
|
---|
| 29 |
|
---|
[153] | 30 | #define err_threadEntry_image_not_found (err_local|1)
|
---|
| 31 |
|
---|
| 32 | #define INJECT_ENTRY injectEntry
|
---|
| 33 | #define INJECT_ENTRY_SYMBOL "injectEntry"
|
---|
| 34 |
|
---|
[217] | 35 | typedef void (*mach_inject_entry)( ptrdiff_t codeOffset, void *paramBlock,
|
---|
| 36 | size_t paramSize, void* dummy_pthread_data );
|
---|
[153] | 37 |
|
---|
[217] | 38 | /***************************************************************************//**
|
---|
[153] | 39 | Starts executing threadEntry in a new thread in the process specified by
|
---|
| 40 | targetProcess.
|
---|
| 41 |
|
---|
[217] | 42 | @param threadEntry -> Required pointer to injected thread's entry
|
---|
| 43 | point.
|
---|
| 44 | @param paramBlock -> Optional pointer to block of memory to pass to
|
---|
| 45 | the injected thread.
|
---|
[153] | 46 | @param paramSize -> Optional size of paramBlock.
|
---|
| 47 | @param targetProcess -> Required target process ID.
|
---|
[217] | 48 | @param stackSize -> Optional stack size of threadEntry's thread. Set
|
---|
| 49 | to zero for default (currently 8K usable).
|
---|
[153] | 50 | @result <- mach_error_t
|
---|
| 51 |
|
---|
[217] | 52 | ***************************************************************************/
|
---|
[153] | 53 |
|
---|
| 54 | mach_error_t
|
---|
| 55 | mach_inject(
|
---|
| 56 | const mach_inject_entry threadEntry,
|
---|
| 57 | const void *paramBlock,
|
---|
| 58 | size_t paramSize,
|
---|
| 59 | pid_t targetProcess,
|
---|
| 60 | vm_size_t stackSize );
|
---|
| 61 |
|
---|
[217] | 62 | /***************************************************************************//**
|
---|
[153] | 63 | Given a pointer, returns its Mach-O image and image size.
|
---|
| 64 |
|
---|
[217] | 65 | @param pointer -> Required pointer.
|
---|
| 66 | @param image <- Optional returned pointer to image (really a
|
---|
| 67 | mach_header).
|
---|
| 68 | @param size <- Optional returned size of the image.
|
---|
| 69 | @param jumpTableOffset <- Optional returned offset of jump table within image (useful on intel)
|
---|
| 70 | @param jumpTableSize <- Optional returned size of jump table (useful on intel)
|
---|
| 71 | @result <- mach_error_t
|
---|
[153] | 72 |
|
---|
[217] | 73 | ***************************************************************************/
|
---|
[153] | 74 |
|
---|
| 75 | mach_error_t
|
---|
| 76 | machImageForPointer(
|
---|
| 77 | const void *pointer,
|
---|
| 78 | const void **image,
|
---|
[217] | 79 | unsigned long *size,
|
---|
| 80 | unsigned int *jumpTableOffset,
|
---|
| 81 | unsigned int *jumpTableSize );
|
---|
[153] | 82 |
|
---|
[217] | 83 | #ifdef __cplusplus
|
---|
| 84 | }
|
---|
[153] | 85 | #endif
|
---|
| 86 | #endif // _mach_inject_ |
---|