无文件执行程序

参考:

综合利用:Linux系统内存执行ELF的多种方式 https://www.anquanke.com/post/id/168791

perl参考两篇:
Linux无文件渗透执行ELF: https://www.secpulse.com/archives/70269.html
In-Memory-Only ELF Execution (Without tmpfs): https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html

PPT:
https://2018.zeronights.ru/wp-content/uploads/materials/09-ELF-execution-in-Linux-RAM.pdf

1
2
3
4
5
6
7
8
9
#ifdef HAVE_MEMFD
#include
#else
#include
#ifndef SYS_memfd_create
#define SYS_memfd_create 319
#endif
#define memfd_create(info_str, flags) syscall(SYS_memfd_create, info_str, flags)
#endif