Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

function address in libc?

Tags:

c

linux

libc


I am trying to obtain the address (in hex) of function exit() provided in libc, but I am not sure where and how to find it.
Anyone knows the way to find it please share some idea. Thank you!

like image 530
Allan Jiang Avatar asked Mar 08 '13 19:03

Allan Jiang

People also ask

How to find address of libc?

You can easily check this by running gdb-->b main-->info proc mappings a couple of times and comparing the offsets. If they are different, your executable is probably running under ASLR. Assuming there is no ASLR protection, using gdb-->b main-->info proc mappings should give you the base address of the libc SO.

What LIBC contains?

The C standard library or libc is the standard library for the C programming language, as specified in the ISO C standard. Starting from the original ANSI C standard, it was developed at the same time as the C library POSIX specification, which is a superset of it.

Is bin sh in libc?

The string “/bin/sh” will also be present in the libc, and thus getting a pointer is just to note the address of this string.

What does __ Libc_csu_init do?

Both __libc_csu_init and call_init do basically the same thing: They run all constructors registered in the dynamic table entries INIT and INIT_ARRAY .

2 Answers

If you need the address of the exit function already present in your process, see answers by Grijesh and others. But if you need to resolve the libc exit function by name, for example because libc's exit has been shadowed by another library, you can obtain it with dlsym:

#define _GNU_SOURCE     /* for RTLD_NEXT */
#include <dlfcn.h>
/* ... */
void (*exit_addr)(int) = dlsym(RTLD_NEXT, "exit");

For dlsym to resolve, you'll need to link with -ldl.

like image 189
user4815162342 Avatar answered Sep 25 '22 15:09

user4815162342

I think this will work: 

printf("%p", (void*)exit);

IEEE Std 1003.1, 2004 Edition:

"%p" The argument shall be a pointer to void. The value of the pointer is converted to a sequence of printable characters, in an implementation-defined manner.

like image 31
Grijesh Chauhan Avatar answered Sep 23 '22 15:09

Grijesh Chauhan
Sign in to Comment

Related questions

Fast Euclidean division in C
How to store a version number in a static library?
How to split a string into tokens in C?
Understanding the memory content of a union
Where do I put all these function-like #defines, in C?
funny looking comments - c++
Most efficient portable overflow detection? [duplicate]
C++ Conditional Operator
remove all occurences of a character in C string - Example needed
Are there noteworthy uses of m4 besides autoconf? [closed]
What is the correct way to force an app to core dump and quit?
How to free pointer's space in memory?
__cdecl and __declspec calling conventions confusion
What does 0xFE mean in a C program?
Print wchar to Linux console?
Is it legal to overrun one element of a struct to view another?
tolower() Function not Working in C99
Which is preferable - printf or fprintf
Is inline asm part of the ANSI C standard?
How to compile C and Gtk+ with GCC on Linux?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!