ELF格式:</p>
- 0x00 ~ 0x33 为文件头
- 节头和段头必须是连续的
并且section entry可以存放在任意位置,通过offset指定
所以我想将一个部分条目(.dynsym)移动到另一个位置,并且,仅适用于 ELF32
实用程序下载链接: http ://www10.zippyshare.com/v/25037401/file.html
The Process:
1. ModifyElf.exe
I write a utility called ModifyElf.exe, it can move a section entry of elf file. Usage:
ModifyElf.exe <srcfile> <dstfile> <sectionname> <mov2fileend:0|1> <clearold:0|1>
args:
<srcfile> -> src so file path
<dstfile> -> dst so file path
<sectionname> -> section name, just support ".dynsym " currently
<mov2fileend:0|1> -> mov2fileend:0 move section entry to the unused zero zone of so file, don't increase file size
mov2fileend:1 move section entry to the end of so file,will increase file size
<clearold:0|1> -> clearold:0 don't clear the original section entry
clearold:1 set all bytes of original section entry to 0xFF
for example:
ModifyElf.exe e:\test\libfoo_ori.so e:\test\libfoo.so .dynsym mov2fileend:0 clearold:1
2. libfoo.so and linux_hello
linux_hello call dlopen to load libfoo.so,and call myfn from libfoo.so, myfn just printf a string
neil0@vm32:~/share/test$ sudo chmod a+x linux_hello
neil0@vm32:~/share/test$ export LD_LIBRARY_PATH=~/share/test:$LD_LIBRARY_PATH
neil0@vm32:~/share/test$ ./linux_hello
dlopen ok!
call myfn...!
3. modify and exec
run ModifyElf.exe e:\test\libfoo_ori.so e:\test\libfoo.so .dynsym mov2fileend:0 clearold:1
move section entry to zero zone, get a new so file, replace it in linux,and exec linux_hello, it's OK!You can use file compare tool to see diff between libfoo.so and libfoo_ori.so
run ModifyElf.exe e:\test\libfoo_ori.so e:\test\libfoo.so .dynsym mov2fileend:1 clearold:1
move section entry to file end,get a new so file, replace it in linux,and exec linux_hello, it's said "Segmentation fault"
那么你能告诉我为什么我不能将它移动到文件末尾,如果我想这样做应该怎么做?谢谢!