DEV Community

Kamal Mustafa
Kamal Mustafa

Posted on • Edited on

2

How is a program on linux executed?

Just a self notes to refresh my mind on this, as it keep popping from time to time and I have to google it to answer the question.

Injecting into running process

  • Attach to the a current running process by gathering its PID.
  • Send a SIGSTOP to the program to halt it's execution
  • Dump its registers (specifically rip/eip)
  • Write your code to the stack where rip is pointing to.
  • Send a SIGCONT to the program to return control.
  • Profit.

https://www.real0day.com/hacking-tutorials/2017/11/6/injecting-a-running-process-linux

Also look into how strace work.

Summary

  • main() was defined in libc - the function in libc that assume the first function in C program to call is named main().
  • What address to load that contain the start of the program is defined in ELF headers.

https://stackoverflow.com/questions/7187981/whats-the-memory-before-0x08048000-used-for-in-32-bit-machine

Other similar topics

Heroku

This site is built on Heroku

Join the ranks of developers at Salesforce, Airbase, DEV, and more who deploy their mission critical applications on Heroku. Sign up today and launch your first app!

Get Started

Top comments (2)

Collapse
 
v6 profile image
🦄N B🛡

// , For more perfect grammar, I would do "How is a program on linux executed?"

Thanks for posting this, though.

Collapse
 
k4ml profile image
Kamal Mustafa

Thanks. I'm not a native speaker :)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs