Skip to content

pwnlib exception in patch 32 bit PIE ELF #3

New issue
New issue
Open
Open
pwnlib exception in patch 32 bit PIE ELF#3
@0x4A-210

Description

@0x4A-210
0x4A-210
opened on Jan 19, 2026

当patch 32位、开启了PIE的ELF文件时遇到如下报错:

k40@DESKTOP-SN5ARCQ:~/Tools/evilPatcher$ python3 evilPatcher.py ./test/hello32_pie ./sandboxs/shell_sandbox.asm
[*] '/home/k40/Tools/evilPatcher/test/hello32_pie'
    Arch:     i386-32-little
    RELRO:    Full RELRO
    Stack:    No canary found
    NX:       NX enabled
    PIE:      PIE enabled
 line  CODE  JT   JF      K
=================================
 0000: 0x20 0x00 0x00 0x00000000  A = sys_number
 0001: 0x15 0x02 0x00 0x0000000b  if (A == execve) goto 0004
 0002: 0x15 0x01 0x00 0x00000166  if (A == execveat) goto 0004
 0003: 0x06 0x00 0x00 0x7fff0000  return ALLOW
 0004: 0x06 0x00 0x00 0x00000000  return KILL
/home/k40/Tools/evilPatcher/patch32.py:62: BytesWarning: Text is not bytes; assuming ASCII, no guarantees. See https://docs.pwntools.com/#bytes
  ct.append(u64(sandboxCt[i * 8:i * 8 + 8]))
/home/k40/Tools/evilPatcher/patch32.py:62: BytesWarning: Text is not bytes; assuming ISO-8859-1, no guarantees. See https://docs.pwntools.com/#bytes
  ct.append(u64(sandboxCt[i * 8:i * 8 + 8]))
[ERROR] Address 0xf0e4c3a5 is not contained in ELF('/home/k40/Tools/evilPatcher/test/hello32_pie')
Traceback (most recent call last):
  File "/home/k40/Tools/evilPatcher/evilPatcher.py", line 58, in <module>
    main()
  File "/home/k40/Tools/evilPatcher/evilPatcher.py", line 49, in main
    patch32_handler(filename, sandboxFile, debugFlag).run()
  File "/home/k40/Tools/evilPatcher/patch32.py", line 22, in run
    self.patch_pie_elf()
  File "/home/k40/Tools/evilPatcher/patch32.py", line 108, in patch_pie_elf
    main_addr = u32(self.elf.read((got_start + offset1) & 0xffffffff, 4))
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/pwnlib/elf/elf.py", line 1417, in read
    log.error("Address %#x is not contained in %s" % (start, self))
  File "/usr/lib/python3/dist-packages/pwnlib/log.py", line 439, in error
    raise PwnlibException(message % args)
pwnlib.exception.PwnlibException: Address 0xf0e4c3a5 is not contained in ELF('/home/k40/Tools/evilPatcher/test/hello32_pie')

其中沙箱规则文件shell_sandbox.asm如下:

A = sys_number
A == execve ? dead : next
A == execveat ? dead : next
return ALLOW
dead:
return KILL

环境信息:Ubuntu 24.04 LTS(WSL),glibc=2.39-0ubuntu8.6,python=3.12.3

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions