Menu
Suppose the binary is PIC, how can I load it into memory and execute the entry point?
I'm doing this to get familiar with ELF so execve is not allowed.
383
Loading an ELF binary is handled by the load_elf_binary () function, which starts by examining the ELF header to check that the file in question does indeed look like a supported ELF format .
ELF is a standard file format for executables, libraries, and more. Just like in our “Hello World” application; myapp is an ELF file (without even knowing it) and used other modules, such as the dynamic loader (which we’ll talk about later) to execute it. By design, the ELF format is flexible, extensible, and cross-platform.
/usr/bin/execstack – display or change if stack is executable /usr/bin/prelink – remaps/relocates calls in ELF files, to speed up the process
For those who love to read actual source code, have a look at a documented ELF structure header file from Apple. Tip: If you like to get better in the analyzing files and samples, then start using the popular binary analysis tools that are available. Was this article useful to you?
These are the basic steps:
mmap assign you an address. This will reserve contiguous virtual address space.MAP_FIXED.DYNAMIC vector, which will in turn give you the address of the relocation vector(s).RELATIVE relocations (just adding the base load address), meaning you don't have to perform any symbol lookups or anything fancy.Construct an ELF program entry stack consisting of the following sequence of system-word-sized values in an array on the stack:
ARGC ARGV[0] ARGV[1] ... ARGV[ARGC-1] 0 ENVIRON[0] ENVIRON[1] ... ENVIRON[N] 0 0
(This step requires ASM!) Point the stack pointer at the beginning of this array and jump to the loaded program's entry point address (which can be found in the program headers).
102
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
