Linux inject C/C++ dll - c++

Ire any solutions available to inject in process own C/C++ dll and start from entrypoint, i need hook process socket send functions and paste my own code there. Is it available on linux?
Thanks!

The typical way to do it is to set the LD_PRELOAD environment variable before launching the program. See for example tsocks. Note though that some programs will disable this due to security reasons (it can snoop a passwords etc), e.g. gnupg prevents LD_PRELOAD from working.
If you want to inject into a running program it's much more difficult. It can be done with ptrace (e.g. attach with gdb and call dlopen). But it's unreliable because you don't know what state the program is when you attach.

I made pyinjector, a tool you can use to inject a running process with a shared library.
To install, simply run pip install pyinjector.
Usage: inject <pid> <dll_path>

Related

Callgrind does not see source in dynamically loaded SO

I'm attempting to run KCacheGrind on some results of callgrind. Basically the codebase is a plugin container that launches a shared object to run a specific function. Upon using Callgrind to profile this application, I can see the costs at the function level, but not at the source level.
I can see at the source level with the plugin container code, before it launches the SO, but I can't see any code contained in the SO that was launched.
I know I'm compiling with debug symbols on, but for some reason I am unable to see the dynamically loaded SO source code.
Thanks,
I ran into this problem too. The way to fix it is to stop the host application from unloading the plugins before it exits. In my case I was trying to profile C modules for Lua and Lua was unloading the modules when the VM exited normally. To fix this issues I had the script call os.exit() to do a forced shutdown.
Either disable plugin unloading in the plugin container, or create a plugin the allows you to force the application to exit (calling _exit(0)).

Finding an installed application on Mac/Linux

If you have an application which relies on another app being installed, you ideally want your installer to find that dependency path automatically. On Windows you can use the registry but what about Mac/Linux? In this particular case it's a C++ application, if that makes a difference.
If you try to distribute your application through any of the common package managers on Linux (apt, yum) you can add the application as a dependency.
If you down the route of custom install scripts you need to resort to some kind of hackery. Either find out which package manager is in use on the system and try to query with it (which can fail, if the other application was installed without the package manager) or try something like which required_app.
Go for the first, if you want to do it right.
In Mac OS X, if you're looking for an application that's bundled in a typical .app bundle, you can use Spotlight to find it from its bundle ID using the command line utility mdfind(1). For example, to find out if Firefox is installed (and where), run this command:
mdfind 'kMDItemCFBundleIdentifier == org.mozilla.firefox'
Generally, on UNIX systems you can expect all programs to reside in $PATH instead of being distributed in a hodge-podge collection of stupidly named and partially localized directories. So, essentially you don't need to find any dependency path - you just call the other "app" (program) via execvp, and the libc takes care of walking through the entries of $PATH and finding the executable.
In the classic UNIX model, you don't check anything in an installer, but just check at runtime whether an executable is available (with which, for example) or not.
The equivalent of a Windows Installer is the Linux Package Manager. The Package Manager handles dependencies and installs it (if it is not already present on the system). The dependency information for an application is stored within the package file. Each distribution has its own Package Manager, though the concept is the same.
There are plenty of resources online for specifics about a Package Manager. However, if you would like to get an overview in comparison with a Windows Installer, check out application management in GNU/Linux for Windows users.

C++: How to ship a single executable without mingwm10.dll

I'm creating a small cross platform program with C++/wxWidgets. By using static linking I managed to get only one .exe file for Windows in the end. However it still requires a small (18 KB) mingwm10.dll
Although I can just distribute my app with this dll, I'd prefer to have it "inside" the .exe... Is it possible?
Thanks
If you use the configure script to compile wxWidgets, add --disable-threads. This will set wxUSE_THREADS to 0, wxThread class and all the code that depends on threads will not be compiled. Automatically mingwm10.dll will not be linked.
The "single EXE that includes all project files" is called a setup script. Consider something like InnoSetup, or MSI.
Rolling your own install DLL on first use code is theoretically possible, but extremely ugly. It gomes like this: you add the DLL (zipped, if possible) to the EXE as resources. On startup, you try to load the DLL; if you cannot, you take it from the resources and place somewhere. And that will break under non-admin user. And the automatic privilege escalation won't work (it works for setup files). And you have to be very careful not to call anything in the DLL before you install it. Like I said, very, very ugly.

Detect if an assembly is available

I'm implementing an installer in Java, that is supposed to download and install an application for non-privileged users in Windows (from XP and up). The application is written in C++, and depend on the usual VC runtime-libraries (msvcm90.dll and friends). In order to save bandwidth, I want to avoid downloading the VC redistributables if they already are available for the user. I do however have a problem finding a reliable method to detect if an assembly is installed.
If the assembly is missing, I will deploy it as described here:
http://msdn.microsoft.com/en-us/library/ms235291%28VS.80%29.aspx
So the question is simply how to detect if a (any) assembly is installed on the machine. It's no requirement that this can be done from Java. I can easily write a small probe in C++ and link it statically for the task.
jgaa
If you are willing to write a small test program, then rather than writing one that looks for your dependencies, write one that has the same dependencies as your application. Try to run it. If it runs, the dependencies are in place. If it fails, the probable reason is that the dependencies are missing.
Seems a fairly complicated trick really as depending on the setup these may already be located in several possible places. Perhaps your best bet would be testing for the existence of these DLL's using the WinAPI LoadLibrary - this should find any DLL that is shared and appropriate to the build automatically.
Even better LoadLibrary a DLL that requires them as Ben suggests.

Multithreaded Windows service in MingW

I am trying to build a Windows service with MingW. It need thread safe exceptions, so I added the linker flag -mthreads. The application works fine from the command-line, but when I try to start it from services.msc, the 1054 error ("The service did not respond to the start or control request in a timely fashion") is raised. The service starts if I re-build it without the -mthreads flag. How can I get this working with -mthreads?
I suspect -mthreads is bringing in a dependency on a DLL, and that DLL is not on the path when it's running as a service. In my cygwin environment, if I compile a trivial program with "-mno-cygwin -mthreads", I get a dependency on MINGWM10.DLL, which certainly wouldn't be on the path when running as a service. If I try running it with no PATH set, it crashes as it starts to load (and leaves a turd in the Application event log).
I'd be bringing up your exe in Dependency Walker (http://www.dependencywalker.com) to see what you're loading at load-time, and check your Windows Event Log to see if there are any hints there. You're probably going to need to put a copy of the DLLs it needs alongside the executable.
You need mingwm10.dll in the working directory or in [edit: system, not per user] PATH, because C++ programs compiled with -mthread option have that dependency. If you're pretty sure exception will never be thrown by your code nor propogate through your stack, use -fno-exception instead of -mthread to resolve the dependency.
I wonder if you can debug it when it runs as a service. There must be something spooking your program when service host runs it. Perhaps try to attach a debugger to svchost.exe, at least you can see what modules are loaded and maybe which exception causes the crash.
Is your application even starting up at all? Put a call to OutputDebugString (or equivalent) at the start of your main function to see if it even gets that far. (Grab DbgView from SysInternals if you don't have it already.)
If it doesn't get that far, we start checking for the obvious: is it a matter of the application not finding the runtime DLL? It could be that you have the regular runtime in its PATH, but it can't find the MT version. That could explain the behaviour you describe. You may need to copy the MT runtime or update the PATH accordingly.