If the command line of a program is a password And so on , How to prevent ps How about printing it out ?

ps From /proc/$pid/cmdline Command line in Lina , and /proc/$pid/cmdline The user program is parsed in kernel space stack Data obtained from the region , So the answer is simple , Just cover this area , Here's an example :
#include <stdio.h> #include <stdlib.h> #include <string.h> int main(int argc,
char **argv) { char orig[16]; // obtain stack Command line on strcpy(orig, argv[1]); //
Get the first time after the command line overlay stack Command line on strcpy(argv[1], "skinshoe"); getchar(); }
If the application is not modifiable, recompile the code , Is there any unified approach ? Of course , use LD_PRELOAD Very convenient :
// inject.c #define _GNU_SOURCE #include <dlfcn.h> #include <stdio.h> #include
<stdlib.h> #include <string.h> int (*_main) (int, char * *, char * *); static
int pixie_main(int argc, char **argv, char **env) { char tmp[16]; strcpy(tmp,
argv[1]); strncpy(argv[1], "pixie", strlen(argv[1])); argv[1] = tmp; return
_main(argc, argv, env); } int (*orig_start_main)(int (*main)(int, char **, char
**), int argc, char **argv, void (*init) (void), void (*fini) (void), void (*
_fini) (void), void (*stack_end)); int __libc_start_main(int (*main)(int, char *
*, char **), int argc, char **argv, void (*init)(void), void (*fini)(void), void
(*_fini)(void), void (*stack_end)) { orig_start_main = dlsym(RTLD_NEXT,
"__libc_start_main"); _main = main; return orig_start_main(pixie_main, argc,
argv, init, fini, _fini, stack_end); }
Compiling :
gcc -O2 -fPIC -shared -o libinject.so inject.c -ldl
Here's one “ Existing programs that cannot be changed ”:
// demo.c #include <stdio.h> #include <stdlib.h> int main(int argc, char **argv
) { printf("%s\n", argv[1]); getchar(); }
use LD_PRELOAD Implementation :
LD_PRELOAD=./libinject.so ./demo 12345
here ,demo The program still prints 12345, then ps That's what I saw pixie It's over .

hold LD_PRELOAD Just deploy to the path . This is the standard way of robbing the Treasury .

Everything is a double-edged sword , If you can do good, you can do bad , With the above trick, you can modify the command line of any program at will :
int (*_main) (int, char * *, char * *); static int pixie_main(int argc, char
**argv, char **env) { argv[1] = "pixie"; return _main(argc, argv, env); }
have a try :
root@zhaoya-VirtualBox:~# LD_PRELOAD=./libinject.so ls -a ls: cannot access
'pixie': No such file or directory root@zhaoya-VirtualBox:~#
LD_PRELOAD=./libinject.so /bin/echo hello pixie
Wet leather shoes in Wenzhou, Zhejiang Province , If it rains, you won't get fat .

©2019-2020 Toolsou All rights reserved,
Solve in servlet The Chinese output in is a question mark C String function and character function in language MySQL management 35 A small coup optimization Java performance —— Concise article Seven sorting algorithms (java code ) use Ansible Batch deployment SSH Password free login to remote host according to excel generate create Build table SQL sentence Spring Source code series ( sixteen )Spring merge BeanDefinition Principle of Virtual machine installation Linux course What are the common exception classes ?