GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ ret2jazzy β†’ ELFPatch

ret2jazzy / ELFPatch

Licence: other
A library for patching ELFs

Programming Languages

python
139335 projects - #7 most used programming language

Labels

elfpatching

Projects that are alternatives of or similar to ELFPatch

Hellf
ELF patching library in Python
Stars: ✭ 18 (-60.87%)
Mutual labels:  elf, patching
ghidra2dwarf
πŸ‰ Export ghidra decompiled code to dwarf sections inside ELF binary
Stars: ✭ 135 (+193.48%)
Mutual labels:  elf
0x00sec code
Code for my 0x00sec.org posts
Stars: ✭ 190 (+313.04%)
Mutual labels:  elf
Elfio
ELFIO - ELF (Executable and Linkable Format) reader and producer implemented as a header only C++ library
Stars: ✭ 234 (+408.7%)
Mutual labels:  elf
Lief
Authors
Stars: ✭ 2,730 (+5834.78%)
Mutual labels:  elf
The Backdoor Factory
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Stars: ✭ 2,904 (+6213.04%)
Mutual labels:  elf
Checksec.py
Checksec tool in Python, Rich output. Based on LIEF
Stars: ✭ 188 (+308.7%)
Mutual labels:  elf
gdb-memstr
Generate arbitrary strings out of contents of ELF sections
Stars: ✭ 13 (-71.74%)
Mutual labels:  elf
checksec.rs
Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.
Stars: ✭ 71 (+54.35%)
Mutual labels:  elf
Elfparser
Cross Platform ELF analysis
Stars: ✭ 228 (+395.65%)
Mutual labels:  elf
Cave miner
Search for code cave in all binaries
Stars: ✭ 218 (+373.91%)
Mutual labels:  elf
Elfhook
modify PLT to hook api, supported android 5\6.
Stars: ✭ 202 (+339.13%)
Mutual labels:  elf
extrude
πŸ•΅οΈ Analyse binaries for missing security features, information disclosure and more...
Stars: ✭ 51 (+10.87%)
Mutual labels:  elf
Holodec
Decompiler for x86 and x86-64 ELF binaries
Stars: ✭ 195 (+323.91%)
Mutual labels:  elf
elfinfo
Utility for displaying which compiler was used for creating an ELF file + basic info
Stars: ✭ 22 (-52.17%)
Mutual labels:  elf
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+6382.61%)
Mutual labels:  elf
Xhook
πŸ”₯ A PLT hook library for Android native ELF.
Stars: ✭ 2,996 (+6413.04%)
Mutual labels:  elf
Android Disassembler
Disassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. μ•ˆλ“œλ‘œμ΄λ“œ NDK 곡유 라이브러리, Windows λ°”μ΄λ„ˆλ¦¬, etc,... 리버싱 μ•±
Stars: ✭ 250 (+443.48%)
Mutual labels:  elf
elfloader
ARMv7M ELF loader
Stars: ✭ 71 (+54.35%)
Mutual labels:  elf
IPAPatch
Patch iOS Apps, The Easy Way, Without Jailbreak.
Stars: ✭ 301 (+554.35%)
Mutual labels:  patching
View All Similar Projects βž”

ELFPatch

A library to manipulate and patch ELFs with dynamically sized patches.

Why

Mainly for CTFs and blackbox fuzzing. There have been times where I've wanted to patch ELFs but not enough space was available to do it inline, which is why this was created.

I've tried using few other ELF patching programs, but none of them fit my needs/worked on my usecases.

How

The process of adding a patch briefly boils down to the following:

  • New segments are added that hold a patch.
    • To add new segments, the segment table is first moved to the end of the binary.
  • The code at the patch address is replaced with a jump to the newly added segment.
  • At the end of the patch, it jumps back to the original address.

Issues faced

  • Moving the segment table to the end was a huge hassle because of the diversity in ELF loaders.
    • Some binaries loaded with ld.so but broke with kernel's loader and vice versa.
    • It turns out some worked with overlapping segments which others absolutely hated it.
    • And a lot more weird quirks

Support

Currently only supports x86/64, but it shouldn't be hard to extend it to other architectures (only need to modify the assembler directives). I'll add other architectures when I get time.

Bugs/issues

It's still in beta, so any issues and bugs are welcome.

Documentation

Sorry, there's no documentation available yet. You can read the API below or look at the examples directory. For a little more complicated example, look at the debugging section of this blogpost.

API

Credits to @LevitatingLion for this.

class ELFPatch: # The main patcher

    def __init__(self, file_or_path):
        ...

    def new_chunk(self, size, prot='rwx', align=0x1) -> Chunk:
        ...

    def new_patch(self, virtual_address, size=None, content=b"", append_jump_back=True, append_original_instructions=True) -> Patch:
        ...

    def write_file(self, filename): #writes patched ELF to file
        ...

class Patch: # The actual patch object

    @property
    def chunk(self) -> Chunk:
        ...

    @property
    def size(self) -> int:
        ...

    @property
    def content(self) -> bytes:
        ...

    @content.setter
    def content(self, new_content):
        ...

class Chunk: #raw memory chunk for anything

    @property
    def virtual_address(self) -> int:
        ...

    @property
    def size(self) -> int:
        ...

    @property
    def content(self) -> bytes:
        ...

    @content.setter
    def content(self, new_content):
        ...
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].