pouët.net

Go to bottom

Haxxoring the elf format for 1k/4k stuff

category: code [glöplog]
Right, step 1: Getting addresses of libraries you've linked against:

http://pastebin.com/f4e387b03
Note: The 'GetLinkMap' function is just there for reference, the r_debug structure actually lies at a fixed address in the process image, I don't know how to reliably calculate it at compile time without hand crafting the elf header though.
moar :D
added on the 2008-12-14 16:23:52 by las las
Step 2: Dumping all symbols from all loaded libraries:

http://pastebin.com/f3563ad65
step3:

did same topic exists for win32 ?
added on the 2008-12-14 17:15:32 by Tigrou Tigrou
There's a video of a seminar about Win32 anatomy by Muhmac, I don't know the url though.
Step 3: Compare with symbol hashes:
http://pastebin.com/m57cc4efe

Step 4: PROFIT

Step 5:
rewrite the whole thing in assembler (I'll do that later).

Step 6:
Linux world domination! + More Profit
added on the 2008-12-14 17:27:42 by las las
I suppose I should post this link.. contains all the 4k-related seminar contents:
http://in4k.untergrund.net/index.php?title=Seminar_Content
added on the 2008-12-14 17:28:45 by bigcheese bigcheese
bigcheese, that's the one
Step 3: Some code that actually does something useful

http://pastebin.com/f479f8beb
One more thing; that source code is just proof of concept to show how to resolve symbols without dlopen and dlsym. The elf you get from compiling that is still 4088 after sstrip-ing...
no - it's not ;)
added on the 2008-12-14 18:16:06 by las las
Okay, it is if you use a version of GCC from >1990 ;)
Thx a lot for these urls, i'll check it
added on the 2008-12-14 20:17:56 by Tigrou Tigrou
for win32 you just use crinkler - for linux - wait a couple of days ;)
added on the 2008-12-14 21:50:53 by las las
Step 5:
DONE - Sample source later.
added on the 2008-12-15 04:24:06 by las las
Step 5 - waiting for parapete :D
added on the 2008-12-15 17:58:17 by las las
WHAAAAT? I'm at work! :)
you shall not visit pouet while at work!

I wanted you to take a look at the tarball first.
added on the 2008-12-15 18:32:41 by las las
added on the 2008-12-16 11:24:29 by las las
This is the right step into the right direction, good work. vollkommen unglaublich Herr Las, kommen Sie doch mal in mein Buero =)
Quote:

for win32 you just use crinkler - for linux - wait a couple of days ;)


Expect crinkler works not so pretty with 1k and small stuff...

crinkler will let you 750octets minimum for basic gl/directx init (with shaders) while others techniques can get with something like 550/600 (its only 100 octets more or less but for very small things like 1k it has huge importance...)

himalaya have not been compiled with cinkler that sure
added on the 2008-12-16 20:00:52 by Tigrou Tigrou
eventho i´m not into linux at all (yet), i´m very happy this topic got resurrected and hopefully it leads to more linux-intros....wanna switch to linux myself at some point !
really sick of windows...would only use it for business afterwards, as sadly everything you can make a living-of is windows-based !
maybe i´ll even get into it enough to help further linux ! who knows ! but would be sth i would invest time into without doubts !
Quote:
as sadly everything you can make a living-of is windows-based !

Wrong, you can get a cool last name, like Stallman... stop showering and shaving alltogether, not change clothes in 2 weeks, and just be a loud-mouth idiot, and you can make a living out of GNU/Linux... even travel everywhere to give lectures and have people make photos with you.

:-)
added on the 2008-12-16 20:41:43 by Jcl Jcl

login

Go to top