Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIGSEGV when injecting. #12

Open
foxt opened this issue Oct 11, 2020 · 0 comments
Open

SIGSEGV when injecting. #12

foxt opened this issue Oct 11, 2020 · 0 comments

Comments

@foxt
Copy link

foxt commented Oct 11, 2020
edited
Loading 

sudo ./osxinj goat test.dylib
test.dylib
module: 0xA9600000
bootstrapfn: 0x2515D90
pid: 26665
image name: /Users/thelmgn/Library/Developer/Xcode/DerivedData/osxinj-avedzsjtjazwnxcvyqeygmiplxzv/Build/Products/Debug/bootstrap.dylib
mach_inject: found threadEntry image at: 0x102515000 with size: 28384
wrote param with size 54
fish: 'goat' terminated by signal SIGSEGV (Address boundary error)

Process:               goat [26665]
Path:                  /Users/USER/*/goat
Identifier:            goat
Version:               0
Code Type:             X86-64 (Native)
Parent Process:        fish [11796]
Responsible:           goat [26665]
User ID:               501

Date/Time:             2020-10-11 13:28:26.439 +0100
OS Version:            Mac OS X 10.14.6 (18G6032)
Report Version:        12
Anonymous UUID:        AE3DCE2B-FFEE-8873-5AAA-0B0E77639EA0


Time Awake Since Boot: 4900 seconds

System Integrity Protection: disabled

Crashed Thread:        1

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x00000001024d384a
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Segmentation fault: 11
Termination Reason:    Namespace SIGNAL, Code 0xb
Terminating Process:   exc handler [26665]

External Modification Warnings:
Thread creation by external task.

VM Regions Near 0x1024d384a:
-->
    __TEXT                 000000010964e000-000000010964f000 [    4K] r-x/r-x SM=COW  /Users/USER/*

Application Specific Information:
dyld2 mode

Thread 0:: Dispatch queue: com.apple.main-thread
0   goat                    	0x000000010964ef77 main + 39
1   libdyld.dylib                 	0x00007fff583f03d5 start + 1

Thread 1 Crashed:
0   ???                           	0x00000001024d384a 0 + 4333582410

Thread 2:
0   dyld                          	0x000000010c04b14d strcmp + 45
1   dyld                          	0x000000010c018eaa _dyld_func_lookup + 42
2   libdyld.dylib                 	0x00007fff583dbd30 dlopen + 181
3   ???                           	0x000000010976ad4a 0 + 4453739850
4   libsystem_pthread.dylib       	0x00007fff585e42eb _pthread_body + 126
5   libsystem_pthread.dylib       	0x00007fff585e7249 _pthread_start + 66
6   libsystem_pthread.dylib       	0x00007fff585e340d thread_start + 13

Thread 1 crashed with X86 Thread State (64-bit):
  rax: 0x0000000000000000  rbx: 0x0000000000000000  rcx: 0x000000010969e20a  rdx: 0x0000000000000000
  rdi: 0x0000000109667fac  rsi: 0x0000000109656000  rbp: 0x0000000109667ff4  rsp: 0x0000000109667f4c
   r8: 0x000000000301002f   r9: 0x0000000000000003  r10: 0x000070000bb6d000  r11: 0x0000000000000246
  r12: 0x0000000000000000  r13: 0x0000000000000000  r14: 0x0000000000000000  r15: 0x0000000000000000
  rip: 0x00000001024d384a  rfl: 0x0000000000010246  cr2: 0x00000001024d384a

Logical CPU:     5
Error Code:      0x00000014
Trap Number:     14


Binary Images:
       0x10964e000 -        0x10964eff7 +goat (0) <DDFA27F1-38DE-3C54-828E-D0C94987BBED> /Users/USER/*/goat
       0x109657000 -        0x109658ffb  libSystem.B.dylib (1252.250.1) <C466C7C6-4DCD-3C2E-B6A8-5D495BFF07BB> /usr/lib/libSystem.B.dylib
       0x10965f000 -        0x10965fff7  liblaunch.dylib (1336.261.5) <5CB1CB72-8BDD-38F4-8BE0-2C76098BD915> /usr/lib/system/liblaunch.dylib
       0x10966c000 -        0x10966eff7  libquarantine.dylib (86.270.1) <3F36A3D6-9606-3D90-B520-809BAEF981C3> /usr/lib/system/libquarantine.dylib
       0x10967a000 -        0x109680ffb  libsystem_dnssd.dylib (878.270.3) <D5352ABD-0311-3327-8E64-93F29EB19BF1> /usr/lib/system/libsystem_dnssd.dylib
       0x10968c000 -        0x10968fff7  libsystem_sandbox.dylib (851.270.4) <05B25238-3B19-334C-894F-FDFF7807027A> /usr/lib/system/libsystem_sandbox.dylib
       0x10969b000 -        0x1096c3ff7  libsystem_kernel.dylib (4903.278.44) <135154C7-B928-380F-BE89-101050F001C3> /usr/lib/system/libsystem_kernel.dylib
       0x1096e0000 -        0x1096f5ff7  libsystem_trace.dylib (906.260.2) <12C1B9A2-39D6-3428-AE60-2303BD201A57> /usr/lib/system/libsystem_trace.dylib
       0x109707000 -        0x109736fff  libxpc.dylib (1336.261.5) <A1EABC2B-A88E-365C-AEA5-1543FD75BAC7> /usr/lib/system/libxpc.dylib
       0x10c00a000 -        0x10c07470f  dyld (655.1.1) <91A01B2E-622F-3FBC-8D67-AC6D5D1C0023> /usr/lib/dyld
    0x7fff5561a000 -     0x7fff5566dff7  libc++.1.dylib (400.9.4) <9A60A190-6C34-339F-BB3D-AACE942009A4> /usr/lib/libc++.1.dylib
    0x7fff5566e000 -     0x7fff55683ff7  libc++abi.dylib (400.17) <38C09CED-9090-3719-90F3-04A2749F5428> /usr/lib/libc++abi.dylib
    0x7fff56c0e000 -     0x7fff57393fdf  libobjc.A.dylib (756.2) <7C312627-43CB-3234-9324-4DEA92D59F50> /usr/lib/libobjc.A.dylib
    0x7fff58273000 -     0x7fff58277ff3  libcache.dylib (81) <1987D1E1-DB11-3291-B12A-EBD55848E02D> /usr/lib/system/libcache.dylib
    0x7fff58278000 -     0x7fff58282ff3  libcommonCrypto.dylib (60118.250.2) <1765BB6E-6784-3653-B16B-CB839721DC9A> /usr/lib/system/libcommonCrypto.dylib
    0x7fff58283000 -     0x7fff5828aff7  libcompiler_rt.dylib (63.4) <5212BA7B-B7EA-37B4-AF6E-AC4F507EDFB8> /usr/lib/system/libcompiler_rt.dylib
    0x7fff5828b000 -     0x7fff58294ff7  libcopyfile.dylib (146.250.1) <98CD00CD-9B91-3B5C-A9DB-842638050FA8> /usr/lib/system/libcopyfile.dylib
    0x7fff58295000 -     0x7fff58319fc3  libcorecrypto.dylib (602.260.2) <01464D24-570C-3B83-9D18-467769E0FCDD> /usr/lib/system/libcorecrypto.dylib
    0x7fff583a0000 -     0x7fff583d9ff7  libdispatch.dylib (1008.270.1) <97273678-E94C-3C8C-89F6-2E2020F4B43B> /usr/lib/system/libdispatch.dylib
    0x7fff583da000 -     0x7fff58406ff7  libdyld.dylib (655.1.1) <002418CC-AD11-3D10-865B-015591D24E6C> /usr/lib/system/libdyld.dylib
    0x7fff58407000 -     0x7fff58407ffb  libkeymgr.dylib (30) <0D0F9CA2-8D5A-3273-8723-59987B5827F2> /usr/lib/system/libkeymgr.dylib
    0x7fff58416000 -     0x7fff5841bfff  libmacho.dylib (927.0.3) <A377D608-77AB-3F6E-90F0-B4F251A5C12F> /usr/lib/system/libmacho.dylib
    0x7fff5841f000 -     0x7fff58420ff7  libremovefile.dylib (45.200.2) <9FBEB2FF-EEBE-31BC-BCFC-C71F8D0E99B6> /usr/lib/system/libremovefile.dylib
    0x7fff58421000 -     0x7fff58438ff3  libsystem_asl.dylib (356.200.4) <A62A7249-38B8-33FA-9875-F1852590796C> /usr/lib/system/libsystem_asl.dylib
    0x7fff58439000 -     0x7fff58439ff7  libsystem_blocks.dylib (73) <A453E8EE-860D-3CED-B5DC-BE54E9DB4348> /usr/lib/system/libsystem_blocks.dylib
    0x7fff5843a000 -     0x7fff584c1fff  libsystem_c.dylib (1272.250.1) <7EDACF78-2FA3-35B8-B051-D70475A35117> /usr/lib/system/libsystem_c.dylib
    0x7fff584c2000 -     0x7fff584c5ffb  libsystem_configuration.dylib (963.270.3) <2B4A836D-68A4-33E6-8D48-CD4486B03387> /usr/lib/system/libsystem_configuration.dylib
    0x7fff584c6000 -     0x7fff584c9ff7  libsystem_coreservices.dylib (66) <719F75A4-74C5-3BA6-A09E-0C5A3E5889D7> /usr/lib/system/libsystem_coreservices.dylib
    0x7fff584ca000 -     0x7fff584d0fff  libsystem_darwin.dylib (1272.250.1) <EC9B39A5-9592-3577-8997-7DC721D20D8C> /usr/lib/system/libsystem_darwin.dylib
    0x7fff584d8000 -     0x7fff58523ffb  libsystem_info.dylib (517.200.9) <D09D5AE0-2FDC-3A6D-93EC-729F931B1457> /usr/lib/system/libsystem_info.dylib
    0x7fff5854d000 -     0x7fff58598ff7  libsystem_m.dylib (3158.200.7) <F19B6DB7-014F-3820-831F-389CCDA06EF6> /usr/lib/system/libsystem_m.dylib
    0x7fff58599000 -     0x7fff585c3fff  libsystem_malloc.dylib (166.270.1) <011F3AD0-8E6A-3A89-AE64-6E5F6840F30A> /usr/lib/system/libsystem_malloc.dylib
    0x7fff585c4000 -     0x7fff585ceff7  libsystem_networkextension.dylib (767.250.2) <FF06F13A-AEFE-3A27-A073-910EF78AEA36> /usr/lib/system/libsystem_networkextension.dylib
    0x7fff585cf000 -     0x7fff585d6fff  libsystem_notify.dylib (172.200.21) <145B5CFC-CF73-33CE-BD3D-E8DDE268FFDE> /usr/lib/system/libsystem_notify.dylib
    0x7fff585d7000 -     0x7fff585e0fef  libsystem_platform.dylib (177.270.1) <9D1FE5E4-EB7D-3B3F-A8D1-A96D9CF1348C> /usr/lib/system/libsystem_platform.dylib
    0x7fff585e1000 -     0x7fff585ebff7  libsystem_pthread.dylib (330.250.2) <2D5C08FF-484F-3D59-9132-CE1DCB3F76D7> /usr/lib/system/libsystem_pthread.dylib
    0x7fff585f0000 -     0x7fff585f2ff3  libsystem_secinit.dylib (30.260.2) <EF1EA47B-7B22-35E8-BD9B-F7003DCB96AE> /usr/lib/system/libsystem_secinit.dylib
    0x7fff585f3000 -     0x7fff585faff3  libsystem_symptoms.dylib (820.267.1) <03F1C2DD-0F5A-3D9D-88F6-B26C0F94EB52> /usr/lib/system/libsystem_symptoms.dylib
    0x7fff58612000 -     0x7fff58617ffb  libunwind.dylib (35.4) <24A97A67-F017-3CFC-B0D0-6BD0224B1336> /usr/lib/system/libunwind.dylib

External Modification Summary:
  Calls made by other processes targeting this process:
    task_for_pid: 2
    thread_create: 1
    thread_set_state: 0
  Calls made by this process:
    task_for_pid: 0
    thread_create: 0
    thread_set_state: 0
  Calls made by all processes on this machine:
    task_for_pid: 7329
    thread_create: 3
    thread_set_state: 12

VM Region Summary:
ReadOnly portion of Libraries: Total=234.4M resident=0K(0%) swapped_out_or_unallocated=234.4M(100%)
Writable regions: Total=27.8M written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=27.8M(100%)

                                VIRTUAL   REGION
REGION TYPE                        SIZE    COUNT (non-coalesced)
===========                     =======  =======
Kernel Alloc Once                    8K        1
MALLOC                            19.1M        7
MALLOC guard page                   16K        3
STACK GUARD                       56.0M        2
Stack                             8712K        2
VM_ALLOCATE                         24K        3
__DATA                            2252K       39
__LINKEDIT                       222.7M       11
__TEXT                            11.6M       39
mapped file                         24K        3
shared memory                        8K        2
===========                     =======  =======
TOTAL                            320.2M      112

This is a weird case of it works on everybody's machine, except mine. This is less of a project issue, but a dylib injection issue, as no dylib injector works, i'll admit that. I had dylib injection working, and one day, it just broke. I'm not sure if I changed a setting and not noticed but it ain't working anymore.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@foxt