-
Notifications
You must be signed in to change notification settings - Fork 53
memexec
memexec - Execute a binary program or a script file in-memory from webserver
memexec URL ARGUMENTS
memexec uses a Perl script (see in-memory-only-elf-execution who I stole much of the basis of it for) or a Python script to execute a binary or a script in-memory.
The downloaded file will be stored in an anonymous file in the process memory /proc/self/fd.
A Python version 2, Python version 3 or Perl interpreter is needed.
A proxy could be set in https_proxy shell variable.
If no Python or Perl interpreter is available or if the Linux kernel is too old, then the files will be loaded into the $HOME directory. The $HOME directory is typical a directory in a tmpfs filesystem.
Argument is
- URL: The URL to load the program file. A http or https based address.
- ARGUMENTS: All other arguments are passed thru to the program.
Only Linux with kernel >= 3.17 is supported.
Only some architectures (x86_64, i386, ...) are supported.
The binary must be compiled for the target system.
A script file must start with "#!". This two characters must be the first two bytes of the files. The script must be prepared for a script interpreter on the target system.
Load and run a script with arguments. (The script in the example needs a sh interpreter.)
$ memexec https://raw.githubusercontent.com/zMarch/Orc/master/resources/echo_arguments.sh first second
Load and run a binary program with arguments. (The exec in the example requires a Linux x86_64 system.)
memexec https://github.com/XiphosResearch/netelf/raw/master/bin/test.Linux.x86_64.exe first second
Load and run a program without parameters.
$ memexec http://www.example.com/programs/mytool
Load the program file via proxy.
$ http_proxy=http://proxy.example.com:8080
$ memexec http://www.example.com/programs/mytool