I'm getting in trouble trying to do this. Firstly, a c++ problem:
This is on memory.cpp (it got compiled):
template<class T>
bool peekValue(T * value, char * offset, pid_t pid)
{
// Get /proc/$pid/mem
char mem_file_name[255];
sprintf(mem_file_name, "/proc/%d/mem", pid);
// Opening /proc/$pid/mem
FILE * mem_fd = fopen(mem_file_name, "r");
// Tracing the app.
if (ptrace(PTRACE_ATTACH, pid, NULL, NULL) == -1)
return false;
// Force it to wait
if (waitpid(pid, NULL, 0) == -1)
{
ptrace(PTRACE_DETACH, pid, NULL, NULL);
return false;
}
// Move pointer to offset.
fseek(mem_fd, (long int)offset, SEEK_SET);
// Read from memory.
fread(value, 1, sizeof(T), mem_fd);
// End petrace.
ptrace(PTRACE_DETACH, pid, NULL, NULL);
return true;
}
and in main.cpp:
many includes after:
int main(int argc, char ** argv)
{
programinfo pnfo;
int m;
long int offset = 0;
...
cout << "Enter the PID of the program you want to hack" << endl;
cin >> pnfo.pid;
cout << "Enter the pointer to int you want to read" << endl;
cin >> offset;
pnfo.mem_blocks = getMemoryMemblocks(pnfo.pid);
peekValue<int>(&m, (char*)offset, pnfo.pid);
cout << m << endl;
return 0;
}
Got error (from linker):
/home/***/proyectos/xeat_engine/main.cpp|22|undefined reference to `bool peekValue<int>(int*, char*, int)'|
So I changed it to:
/*template<class T>*/
bool peekValue(int * value, char * offset, pid_t pid)
{
// Get /proc/$pid/mem
char mem_file_name[255];
sprintf(mem_file_name, "/proc/%d/mem", pid);
// Opening /proc/$pid/mem
FILE * mem_fd = fopen(mem_file_name, "r");
// Tracing the app. This fails:
if (ptrace(PTRACE_ATTACH, pid, NULL, NULL) == -1)
return false;
// Force it to wait
if (waitpid(pid, NULL, 0) == -1)
{
ptrace(PTRACE_DETACH, pid, NULL, NULL);
return false;
}
// Move pointer to offset.
fseek(mem_fd, (long int)offset, SEEK_SET);
// Read from memory.
fread(value, 1, sizeof(int), mem_fd);
// End petrace.
ptrace(PTRACE_DETACH, pid, NULL, NULL);
return true;
}
And:
many includes after:
int main(int argc, char ** argv)
{
programinfo pnfo;
int m;
long int offset = 0;
...
cout << "Enter the PID of the program you want to hack" << endl;
cin >> pnfo.pid;
cout << "Enter the pointer to int you want to read" << endl;
cin >> offset;
pnfo.mem_blocks = getMemoryMemblocks(pnfo.pid);
peekValue/*<int>*/(&m, (char*)offset, pnfo.pid);
cout << m << endl;
return 0;
}
It "works". Any idea about this?
The second question is that it "works". It means the function got executed but it doesn't do its job. It fails on ptrace attachment. I'm trying to ptrace pid 6000, which is the pid of neverball (a videogame of a ball), but it returns -1.
What are the conditions to do a ptrace? Any idea?
Thank you for read.
---------- Post updated at 04:55 PM ---------- Previous update was at 11:09 AM ----------
I've solved the above problem (super user privileges).
Now I'm wonder a thing. Is to write in /proc/pid/mem possible?