News
Download
Prepatch
Documentation
Contact
|
Pie Reference
Invoking pie is the final step in the process of fixing a vulnerability with the Patch Integration Engine. Both prepatches and fingerprints are created for use by this tool. Pie handles all of the actual insertion and redirection of code required to successfully integrate a patch. Although pie performs several complicated tasks it is a relatively easy tool to use.
For detailed technical information on the internal functioning of pie see the document "PIE Internals". Kernels with mmap base randomization enabled will probably prevent the correct insertion of a prepatch. Randomized base support is a future development goal.
Pie Usage
usage: pie [options] <patchfile> [fingerprint]
-p, --pid
Specify the target process id.
-r, --remove
Remove a patch from the target processes.
-v, --verbose
Enable verbose output.
The only mandatory option when running pie is the patchfile. This is a path to a prepatch created by libpie. The optional fingerprint argument is a path to a function fingerprint created by pfp. If the pid is not specified, pie will prepatch all of the currently running processes which match the name of the target binary. Otherwise, only those process IDs specified on the command line will be altered. If the remove option is specified, the prepatch in patchfile will be removed from the target processes.
|