Created vondehi (markdown)
This commit is contained in:
parent
49e92405b8
commit
25687afdd0
|
@ -0,0 +1,12 @@
|
||||||
|
## vondehi
|
||||||
|
|
||||||
|
Vondehi is an in-memory unpacker for data compressed with `gzip` or `xz` (or
|
||||||
|
`xz` in LZMA1-mode). It basically performs these steps:
|
||||||
|
|
||||||
|
1. Set up a memfd using the `memfd_create` syscall. This file descriptor works
|
||||||
|
like a regular file, except the backing storage is RAM.
|
||||||
|
2. Fork, pipe the payload data to `zcat` or `xzcat`, which outputs everything
|
||||||
|
to teh memfd from step 1.
|
||||||
|
3. Run `execveat` on the memfd.
|
||||||
|
|
||||||
|
Of course, the code itself is hand-optimized x86 assembly, and is very crazy.
|
Loading…
Reference in New Issue