mach_inject_test failed on snow leopard

[overboming]

I successfully compiled the whole thing and able to run rejector and rejectee separately.
But the injector will crash the injectee when injecting code to the target process.

mach_inject_test_injectee.app 's standard output:
mach error on bundle load (os/kern) successful
mach error on bundle load (os/kern) successful
mach error on bundle load (os/kern) successful
mach error on bundle load (os/kern) successful
mach error on bundle load (os/kern) successful
FS rep /Users/Malic/Documents/Code/c/mach_star/mach_inject_test/build/Development/mach_inject_test_injector.app/Contents/Resources/mach_inject_test_injected.bundle/Contents/MacOS/mach_inject_test_injected
LOADDDDDDDDDD!
Assertion failed: (0), function +[injected_PrincipalClass load], file /Users/Malic/Documents/Code/c/mach_star/mach_inject_test/injected-PrincipalClass.m, line 25.
Abort trap

mach_inject_test_injector 's standard output
injecting into pid 3651
injecting pid
mach_inject failing.. (os/kern) successful
mach inject done? 0
hi
injecting into pid 3680
injecting pid
mach_inject failing.. (os/kern) successful
mach inject done? 0
hi

any idea? thanks

[Siwen]

I have same question, who can help us ?

[alexzielenski]

On your executable run these commands:

sudo chgrp procmod /path/to/executable
sudo chmod 2755 /path/to/executable

This helps injection because on Intel you need elevated rights to inject on the mach level.

[xtremedreamer]

I've also found the same issue both on Lion and Snow Leopard. I've applied the commands as alexzielenski told but didn't help. Any idea how to fix this?

[rtibdewal]

Hello there,

I am facing the same problems as you were discussing. I tried using commands above but its not helping me. Can some one help here? Are there any special project settings required which has not been mentioned in the Git, so that it compiles and work properly.

If I try to inject by just executing commands
sudo chgrp procmod /path/to/executable
sudo chmod 2755 /path/to/executable

I get this error and Injector crash
You probably need to add user to procmod group, mach_inject failing.. (ipc/send) invalid destination port

If I run injector as root user, injectee crashes.

I just want if someone can help me with mach_inject_test. Then taking it's as reference I can work further.

[xtremedreamer]

Hi rtibdewal,

Actually i wanted to override some Finder functionality. I also could not get mach_inject_test fully functional.

Later i tried DisposeWindow+Beep which is also injecting and overriding some functionality but injectee is Finder.
To test override I used this symbol _NodeVolumeEject instead of _DisposeWindow as i didn't find _DisposeWindow symbol in Finder on Snow Leopard/Lion.
I think you can change the PID and inject code to any process.Probably you need to restart injectee after injecting.

[alexzielenski]

You don't need to restart the injectee after injecting. Rtibdewal, could you post your code and describe your scenario in a bit more detail? Are you using an executable for injection or an app? etc.

[albertz]

Try running your executable with sudo. Does this help?

[rtibdewal]

I downloaded code and tried to build mach_inject_test.
First compilation due to missing 10.4 sdk. I changed project to build with 10.5 sdk.
fails but its just due to header. So I change header path to "#import "../mach_inject_bundle/mach_inject_bundle.h"" in Injector-AppDelegate.m.
Then Linking fails, with error "Command /Developer/Library/PrivateFrameworks/DevToolsCore.framework/Resources/pbxcp failed with exit code 1". It was due to missing link to mach_inject_bundle.framework. I reestablished the link. Then It builds fine.

If I run the Injector App without sudo I get this result

injecting into pid 1386
injecting pid
Could not access task for pid 1386. You probably need to add user to procmod group
mach_inject failing.. (ipc/send) invalid destination port
hi
Assertion failed: (!err), function -[injector_AppDelegate inject:], file /Users/Test/Downloads/rentzsch-mach_star-b5c0803/mach_inject_test/injector-AppDelegate.m, line 50.

If I run commands
sudo chgrp procmod /path/to/executable
sudo chmod 2755 /path/to/executable

and then run executable with sudo then Injectee crashes..

Identifier: com.rentzsch.mach_inject_test_injectee_app
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000094bec16f
Crashed Thread: 4

I tried using executable and app both for injection.

[rtibdewal]

I tried with DisposeWindow+Beep too.

myserver:MacOS test$ sudo dscl . -read /Groups/procmod GroupMembership
Password:
GroupMembership: root test

If I run with sudo...
myserver:MacOS test$ ls -l
total 24
-rwxr-sr-x 1 test procmod 10976 Oct 31 17:38 DisposeWindow+Beep_Injector
myserver:MacOS test$ sudo ./DisposeWindow+Beep_Injector
pid 165
mach_inject failing.. (ipc/send) invalid memory
shit (ipc/send) invalid memory
2011-10-31 17:41:09.508 DisposeWindow+Beep_Injector[3375:e07] err = 268435468
myserver:MacOS test$

without sudo...

pid 165
Could not access task for pid 2410. You probably need to add user to procmod group
mach_inject failing.. (ipc/send) invalid destination port
shit (ipc/send) invalid destination port
2011-10-31 17:43:47.490 DisposeWindow+Beep_Injector[3448:a0f] err = 268435459

As you can see user is in procmod and so the group is procmod but I still cannot inject in process.