Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: C Brain Teaser
Top Forums Programming C Brain Teaser Post 302221139 by redoubtable on Sunday 3rd of August 2008 02:17:22 PM
Old 08-03-2008
There's a more complex way of doing it.

We could open (argv[0], O_RDONLY), then unlink(argv[0]), and then re-open open(argv[0], O_RDWR).

Like that, you could read the content of your program before it was unlinked ('cause the kernel still holds the reference upon unlink() if the file is open by any process) and write a new content after it was unlinked.

Now, from here you could go to very funny stuff like changing the ELF format on-the-fly (something like changing the .comment section) and then have something on your file that says "if the .comment section has a certain sha1 hash that matches whatever, the program should run, otherwise it won't run". Be aware that someone could strip the comment section very easily lol.

Another way would also be very funny like creating an assembly program that just makes your program exit, then, extracting the hex opcodes (machine-language) of that program using something like objdump and injecting those opcodes on your other program's main function. Of course you would have to know the right offset to mmap() to, etc. With this, you could actually alter the way that your program feeds back after the first execution, because you could also inject write()'s, etc. (a lot more work would be needed)
 

6 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Brain Bench Certification

Hi, Can anybody provide me Pointers to Practice tests or any Material to prepare for Brainbench certification in Unix Shell Scripting? Also how good is this Certification for UNIX programmers. Is it worth it? I'm planning to take this certification in 2 weeks. Kindly let me know all the pros... (0 Replies)
Discussion started by: pavan_emani
0 Replies

2. Shell Programming and Scripting

This might be a programming teaser!

Hi gurus, I have done my best to be as precisely as possible with this. Besides giving the format of file a and file b and the result file I have also given the algorithm as I have figured out. I will try to do this and I hope that some of you could help me to solve this or better yet... (1 Reply)
Discussion started by: ljankok
1 Replies

3. Programming

Brain Teaser Extended

Hi Gurus, To the Brain Teaser, if I add another condition, say the executable should not be altered, how the program should be altered? (no perl please, purely C). I forgot to mention this condition my staff had mentioned. ( forgot then and got now :D ) The program executed the first time... (4 Replies)
Discussion started by: vrk1219
4 Replies

4. What is on Your Mind?

The Human Brain project

A global group of scientists are spending the next ten years and a billion dollars to try and develop a computer simulation of the brain: https://www.humanbrainproject.eu/ I always found it fascinating that the brain can understand itself. This almost sounds like in a few years the computer... (0 Replies)
Discussion started by: figaro
0 Replies

5. Shell Programming and Scripting

sed regexp teaser

G'day, Here's a teaser for a sed guru, which I surely am not one, as even my basic sed skills are rusted from years of not practising ... lol Ok ... we have a string of digits such as: 632413741610252847552619172459483022433027602515212950543016701812771409213148672112 we want it split... (9 Replies)
Discussion started by: naderra
9 Replies

6. What is on Your Mind?

Cyber Dystopia Teaser (720 HD)

Working on a new cybersecurity, dystopian world series and made a short 2 min teaser today. Cyber Dystopia (720 HD) https://www.youtube.com/watch?v=g9Ca07J_YC8 If anyone has any ideas for the story, please write out some story lines in the comments and join the production team! (1 Reply)
Discussion started by: Neo
1 Replies

LEARN ABOUT SUNOS

unlinkat

unlink(2)							   System Calls 							 unlink(2)

NAME

       unlink, unlinkat - remove directory entry

SYNOPSIS

       #include <unistd.h>

       int unlink(const char *path);

       int unlinkat(int dirfd, const char *path, int flag);

DESCRIPTION

       The  unlink()  function	removes a link to a file. If path names a symbolic link, unlink() removes the symbolic link named by path and does
       not affect any file or directory named by the contents of the symbolic link.
	Otherwise, unlink() removes the link named by the pathname pointed to by path and decrements the link count of the file referenced by  the
       link.

       The  unlinkat() function also removes a link to a file. See fsattr(5). If the flag argument is 0, the behavior of unlinkat() is the same as
       unlink() except in the processing of its path argument. If path is absolute, unlinkat() behaves the same as unlink() and the dirfd argument
       is unused. If path is relative and dirfd has the value AT_FDCWD, defined in <fcntl.h>, unlinkat() also behaves the same as unlink(). Other-
       wise, path is resolved relative to the directory referenced by the dirfd argument.

       If the flag argument is set to the value AT_REMOVEDIR, defined in <fcntl.h>, unlinkat() behaves the same as rmdir(2) except in the process-
       ing of the path argument as described above.

       When  the  file's  link	count  becomes 0 and no process has the file open, the space occupied by the file will be freed and the file is no
       longer accessible. If one or more processes have the file open when the last link is removed,  the  link  is  removed  before  unlink()	or
       unlinkat() returns, but the removal of the file contents is postponed until all references to the file are closed.

       The  path  argument  must not name a directory unless the process has appropriate privileges and the implementation supports using unlink()
       and unlinkat() on directories.

       Upon successful completion, unlink() and unlinkat() will mark for update the st_ctime and st_mtime fields of the parent directory.  If  the
       file's link count is not 0, the st_ctime field of the file will be marked for update.

RETURN VALUES

       Upon successful completion, 0 is returned.  Otherwise, -1 is returned, errno is set to indicate the error, and the file is not unlinked.

ERRORS

       The unlink() and unlinkat() functions will fail if:

       EACCES	       Search  permission  is denied for a component of the path prefix, or write permission is denied on the directory containing
		       the link to be removed.

       EACCES	       The parent directory has the sticky bit set and the file is not writable by the user, the user  does  not  own  the  parent
		       directory, the user does not own the file, and the user is not a privileged user.

       EBUSY	       The entry to be unlinked is the mount point for a mounted file system.

       EFAULT	       The path argument points to an illegal address.

       EINTR	       A signal was caught during the execution of the unlink() function.

       ELOOP	       Too many symbolic links were encountered in translating path.

       ENAMETOOLONG    The  length of the path argument exceeds PATH_MAX, or the length of a path component exceeds NAME_MAX while _POSIX_NO_TRUNC
		       is in effect.

       ENOENT	       The named file does not exist or is a null pathname.

       ENOLINK	       The path argument points to a remote machine and the link to that machine is no longer active.

       ENOTDIR	       A component of the path prefix is not a directory or the provided directory descriptor for unlinkat() is  not  AT_FDCWD	or
		       does not reference a directory.

       EPERM	       The named file is a directory and {PRIV_SYS_LINKDIR} is not asserted in the effective set of the calling process.

       EROFS	       The directory entry to be unlinked is part of a read-only file system.

       The unlink() and unlinkat() functions may fail if:

       ENAMETOOLONG    Pathname resolution of a symbolic link produced an intermediate result whose length exceeds {PATH_MAX}.

       ETXTBSY	       The entry to be unlinked is the last directory entry to a pure procedure (shared text) file that is being executed.

USAGE

       Applications should use rmdir(2) to remove a directory.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |unlink()	  is	Standard;  |
       |			     |unlinkat() is Evolving	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Async-Signal-Safe 	   |
       +-----------------------------+-----------------------------+

SEE ALSO

       rm(1), close(2), link(2), open(2), rmdir(2), remove(3C), attributes(5), privileges(5), fsattr(5)

SunOS 5.10							    1 Feb 2003								 unlink(2)
All times are GMT -4. The time now is 01:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy