Giter VIP home page Giter VIP logo

xclibc's People

Contributors

ef4tless avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

covteam xia0le phoenix0006

xclibc's Issues

Libc not in glibc-all-in-one can not be patched to a version nearby

情况简介

pwn题目录下如下

$ ls
exp_heap1.py  hacknote  libc_32.so.6

libc版本2.23,32位

$ file libc_32.so.6 
libc_32.so.6: ELF 32-bit LSB shared object, Intel 80386, version 1 (GNU/Linux), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=d26149b8dc15c0c3ea8a5316583757f69b39e037, for GNU/Linux 2.6.32, stripped
$ ./libc_32.so.6 
GNU C Library (Ubuntu GLIBC 2.23-0ubuntu5) stable release version 2.23, by Roland McGrath et al.
Copyright (C) 2016 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 5.4.0 20160609.
Available extensions:
	crypt add-on version 2.1 by Michael Glad and others
	GNU Libidn by Simon Josefsson
	Native POSIX Threads Library by Ulrich Drepper et al
	BIND-8.2.3-T5B
libc ABIs: UNIQUE IFUNC
For bug reporting instructions, please see:
<https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.

问题

如下执行命令尝试更换程序libc,失败

$ xclibc -x hacknote  libc_32.so.6 
Getting 2.23-0ubuntu5_i386
  -> Location: https://mirror.tuna.tsinghua.edu.cn/ubuntu/pool/main/g/glibc/libc6_2.23-0ubuntu5_i386.deb
  -> Downloading libc binary package
Getting 2.23-0ubuntu5_i386
  -> Location: http://old-releases.ubuntu.com/ubuntu/pool/main/g/glibc/libc6_2.23-0ubuntu5_i386.deb
  -> Downloading libc binary package
Failed to download package from http://old-releases.ubuntu.com/ubuntu/pool/main/g/glibc/libc6_2.23-0ubuntu5_i386.deb

并没有libc6_2.23-0ubuntu5_i386.deb这个包,而是 libc6_2.23-0ubuntu11.3_amd64.deb 或者libc6_2.23-0ubuntu3_amd64.deb

建议解决方案

建议增加临近版本匹配功能

Unreliable link speed may cause wget fail to download some of deb packages

情况简介

一部分libc版本的Libc包或者libc-dbg包疑似没有下载成功,导致出现空目录现象

以下是我在使用时碰到的示例(实际下载过程的log没有保存):

~/glibc-all-in-one/libs/2.23-0ubuntu11_amd64/.debug$ ls
libanl-2.23.so           libdl-2.23.so            libnss_dns-2.23.so       libresolv-2.23.so
libBrokenLocale-2.23.so  libm-2.23.so             libnss_files-2.23.so     librt-2.23.so
libc-2.23.so             libmemusage.so           libnss_hesiod-2.23.so    libSegFault.so
libcidn-2.23.so          libmvec-2.23.so          libnss_nis-2.23.so       libthread_db-1.0.so
libcrypt-2.23.so         libnsl-2.23.so           libnss_nisplus-2.23.so   libutil-2.23.so
libc.so.6                libnss_compat-2.23.so    libpcprofile.so
~/glibc-all-in-one/libs/2.23-0ubuntu11_amd64/.debug$ cd ..
~/glibc-all-in-one/libs/2.23-0ubuntu11_amd64$ ls
~/glibc-all-in-one/libs/2.23-0ubuntu11_amd64$

注意以上libc虽然debug库内有文件,但是libc库没有任何文件,而且因为程序是进行的目录存在性检测,需要删除该目录重新下载才有效

~/glibc-all-in-one/libs/2.23-0ubuntu11_amd64$ xclibc -d -r  2.23-0ubuntu11_amd64
[+]Successfully deleted 2.23-0ubuntu11_amd64
cp: invalid option -- '.'                                          <------------------------------------- 这里貌似也有bug,调用了RECORD函数
Try 'cp --help' for more information.
[+]restore!
~/glibc-all-in-one/libs/2.23-0ubuntu11_amd64$ xclibc -d   2.23-0ubuntu11_amd64

问题和建议解决方案

wget 问题

疑似因为下载速度过慢导致部分包被wget中断现象,建议加入支持断线重连选项,如 -c

以下是GPT4关于wget下载冗余处理的相关选项

Q:how to make wget download completely(when downloading process halted, trying to reconnect and download until files downloaded completely)?

A:If you're trying to make wget resilient to interruptions and want it to keep trying to download a file until it's complete, you can utilize several of its options:

--retry-connrefused: Retry if the connection is refused.

--waitretry=seconds: Wait the specified number of seconds between retries.

--timeout=seconds: Set the network timeout.

--tries=number: Set the number of retries.

-c or --continue: Resume getting a partially-downloaded file.

Here's an example that wraps these options together:


wget --retry-connrefused --waitretry=5 --read-timeout=20 --timeout=15 -t 0 -c [URL]


Here's a breakdown of the command:

--retry-connrefused: Even if the connection is refused, wget will keep trying.

--waitretry=5: wget will wait 5 seconds before the next retry.

--read-timeout=20: Set the read timeout to 20 seconds. If no data is received for more than this specified time, wget will retry.

--timeout=15: The network timeout is set to 15 seconds. If the server does not respond within this time, wget will retry.

-t 0: This tells wget to keep retrying indefinitely.

-c: If the download is interrupted, running this command again will resume from where it left off.

For very unreliable connections, you might need to adjust the retry and timeout values to be more lenient. You can also use -T as a shorthand for --timeout.

Keep in mind that this setup will have wget trying indefinitely, which might not be suitable in all scenarios. Adjust the -t option or remove it entirely if you want a finite number of retries.

log问题

由于没有目前没有简易的手段检测各个库是否下载完全,建议以下两种选择,选择其中一种即可:

  • 在批量下载时进行log(校验deb文件hash或者在stderr输出错误信息打log)
  • 编写脚本使得对各个目录进行完整性检测(或者文件存在的检测),列出不完整目录

在此基础上,支持对于未下载或者漏下载的deb包进行批量下载,或者让用户一一下载未成功包

Incomplete libc packages and directories available in option entries

问题

~/glibc-all-in-one/libs 目录下部分libc版本文件缺失,例如

  • 2.23-0ubuntu7_amd64 下没有任何文件
  • 2.23-0ubuntu6_amd64 下目录 .debug 为空

但是在xclibc选项中还可以看到以上选项

编写如下bash脚本以检测缺失哪些文件库和调试文件

#!/bin/bash

# Check if a directory is provided
if [ "$#" -ne 1 ]; then
    echo "Usage: $0 <directory>"
    exit 1
fi

START_DIR="$1"

# Traverse directories and check for your conditions
find "$START_DIR" -maxdepth 1 -type d | while read dir; do
    # Check if the directory contains any non-hidden files
    if [ -z "$(find "$dir" -maxdepth 1 -type f ! -name '.*')" ]; then
        echo "Directory without files (excluding hidden ones): $dir"
    fi

    # Check for .debug directory
    if [ ! -d "$dir/.debug" ]; then
        echo "Missing .debug directory: $dir/.debug"
    else
        # Check if .debug directory contains files
        if [ -z "$(find "$dir/.debug" -type f ! -name '.*')" ]; then
            echo ".debug directory without files (excluding hidden ones): $dir/.debug"
        fi
    fi
    
done

在个人环境下的运行结果如下

~/glibc-all-in-one/libs$ ./checkout.sh .
Missing .debug directory: ./.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu3_i386/.debug
Directory without files (excluding hidden ones): ./2.23-0ubuntu11_i386
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.8_amd64/.debug
Directory without files (excluding hidden ones): ./2.27-0ubuntu2_amd64
Directory without files (excluding hidden ones): ./2.31-0ubuntu2_i386
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.6_i386/.debug
Directory without files (excluding hidden ones): ./2.31-0ubuntu1_amd64
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.9_amd64/.debug
Directory without files (excluding hidden ones): ./2.23-0ubuntu11.2_i386
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.4_amd64/.debug
Directory without files (excluding hidden ones): ./2.18-0ubuntu1_i386
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu5_amd64/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.9_i386
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu5_i386/.debug
Directory without files (excluding hidden ones): ./2.18-0ubuntu5_amd64
Directory without files (excluding hidden ones): ./2.19-0ubuntu1_i386
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu5_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu2_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.10_i386
Directory without files (excluding hidden ones): ./2.31-0ubuntu4_amd64
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu5_i386/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.7_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu1_amd64
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.2_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.1_amd64
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.2_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.21-0ubuntu6_amd64/.debug
Directory without files (excluding hidden ones): ./2.18-0ubuntu4_amd64
.debug directory without files (excluding hidden ones): ./2.26-0ubuntu4_i386/.debug
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu2_amd64/.debug
Directory without files (excluding hidden ones): ./2.31-0ubuntu7_i386
.debug directory without files (excluding hidden ones): ./2.26-0ubuntu3_i386/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu2_i386/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.13_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu7_amd64/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.13_i386
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.8_i386
Directory without files (excluding hidden ones): ./2.27-3ubuntu1.4_i386
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.15_i386/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.3_amd64/.debug
Directory without files (excluding hidden ones): ./2.31-0ubuntu9.2_i386
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.3_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6_i386
Directory without files (excluding hidden ones): ./2.23-0ubuntu7_amd64
Directory without files (excluding hidden ones): ./2.19-0ubuntu4_amd64
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.5_amd64
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu11.2_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu9.1_amd64/.debug
Directory without files (excluding hidden ones): ./2.31-0ubuntu8_i386
.debug directory without files (excluding hidden ones): ./2.17-93ubuntu4_i386/.debug
Directory without files (excluding hidden ones): ./2.31-0ubuntu3_amd64
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu3_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu2_amd64/.debug
Directory without files (excluding hidden ones): ./2.17-93ubuntu4_amd64
.debug directory without files (excluding hidden ones): ./2.27-3ubuntu1.3_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu1_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu7_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.11_i386/.debug
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu6_amd64/.debug
Directory without files (excluding hidden ones): ./2.23-0ubuntu9_amd64
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu6_amd64/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.14_amd64
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu4_i386/.debug
Directory without files (excluding hidden ones): ./2.18-0ubuntu2_amd64
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu6_i386/.debug
.debug directory without files (excluding hidden ones): ./2.30-0ubuntu3_i386/.debug
Directory without files (excluding hidden ones): ./2.27-0ubuntu3_i386
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu3_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.6_amd64
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.15_amd64/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.7_amd64
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu9.2_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu9_i386/.debug
.debug directory without files (excluding hidden ones): ./2.27-0ubuntu2_i386/.debug
Directory without files (excluding hidden ones): ./2.27-3ubuntu1.3_i386
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu9.1_i386/.debug
Directory without files (excluding hidden ones): ./2.18-0ubuntu6_i386
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.5_i386
Directory without files (excluding hidden ones): ./2.23-0ubuntu10_amd64
Directory without files (excluding hidden ones): ./2.31-0ubuntu9.3_amd64
.debug directory without files (excluding hidden ones): ./2.26-0ubuntu3_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu3_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.21-0ubuntu6_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6_amd64
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu2_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.27-3ubuntu1.2_amd64/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.1_i386
.debug directory without files (excluding hidden ones): ./2.30-0ubuntu3_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.27-3ubuntu1.2_i386/.debug
Directory without files (excluding hidden ones): ./2.31-0ubuntu1_i386
Directory without files (excluding hidden ones): ./2.23-0ubuntu1_i386
.debug directory without files (excluding hidden ones): ./2.27-3ubuntu1.4_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu9.3_i386/.debug
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.14_i386
.debug directory without files (excluding hidden ones): ./2.27-0ubuntu3_amd64/.debug
Directory without files (excluding hidden ones): ./2.21-0ubuntu5_amd64
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu6_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu5_amd64/.debug
Directory without files (excluding hidden ones): ./2.23-0ubuntu10_i386
Directory without files (excluding hidden ones): ./2.19-0ubuntu4_i386
Directory without files (excluding hidden ones): ./2.31-0ubuntu4_i386
Directory without files (excluding hidden ones): ./2.18-0ubuntu7_i386
Directory without files (excluding hidden ones): ./2.23-0ubuntu7_i386
Directory without files (excluding hidden ones): ./2.19-0ubuntu6.4_i386
Directory without files (excluding hidden ones): ./2.26-0ubuntu4_amd64
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu3_i386/.debug
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu5_i386/.debug
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu5_i386/.debug
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu2_i386/.debug
.debug directory without files (excluding hidden ones): ./2.31-0ubuntu8_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.10_amd64/.debug
Directory without files (excluding hidden ones): ./2.23-0ubuntu6_i386
Directory without files (excluding hidden ones): ./2.21-0ubuntu5_i386
.debug directory without files (excluding hidden ones): ./2.18-0ubuntu4_i386/.debug
.debug directory without files (excluding hidden ones): ./2.19-0ubuntu6.11_amd64/.debug
.debug directory without files (excluding hidden ones): ./2.23-0ubuntu4_amd64/.debug

建议解决方案

各个版本的libc库无非由原libc文件和调试用libc文件组成:

  • 如果两者都没有,则从选项中删除
  • 如果有前者没有后者,可以不做处理,但建议在选项中标出
  • 如果没有前者有后者,建议将后者直接拷贝至前者
  • 如果两者都有,则不处理

实现可以有以下三种方式,任选一种:

  • 对libc单独维护其完整性信息,写入文件;编码成本中等,但有可能不小心对文件误操作会导致不统一问题,风险高
  • 对目录做出标记(如在目录中写入隐藏文件,目录名做标记等等),最建议,编码成本小、改动小并且回显快
  • 运行程序实时检测各库的存在性;风险低,但是回显慢

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.