BSD/Unix 上可执行文件的动态修补

发布于 2024-10-07 16:31:21 字数 217 浏览 26 评论 0原文

我面临着一个很大的问题。我需要修补可执行文件以修改其行为。该程序是用 C 编写的,到目前为止我一直在使用 IDA 来编辑它,但是这样我就无法替换整个函数等。在我看来,最简单的方法就是创建一种加载程序将加载程序并在运行之前对其进行修补。这会节省我很多时间,所有的编辑都会容易得多。

问题是我找不到任何关于如何做到这一点的文章。你们中的任何人都可以解释我应该如何处理这个过程吗?加载器将用 C/C++ 编写。

I'm facing quite a big problem. I need to patch an executable to modify its behaviour. The program is written in C and until now I've been using IDA to edit it, but that way I couldn't for example replace whole functions etc. It seems for me that the easiest way to do that is to create a kind of loader that will load the program and patch it before it runs. It would save me a lot time and all the editing would be much easier.

The problem is that I can't find any article about how to do it. Could any of you explain how I should handle this process? The loader would be written in C/C++.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

独﹏钓一江月 2024-10-14 16:31:21

尝试这个过程是完全传统的。

  • 为什么不重新编译更改呢?
    • 来源不可用是常见原因。
  • 它是一个闭源程序吗?
    • 如果是这样,您的尝试可能会违反许可条款。
  • 源码丢失了吗?
    • 备份和版本控制发生了什么变化?
  • 它是用共享库中的关键代码构建的吗?
    • 如果是这样,您可以考虑用新功能替换共享库吗?
  • 您可以使用LD_PRELOAD来实现您的目标吗?

由于 UNIX 的“源代码可用”理念,没有太多工具可以帮助修补二进制文件 - 通常,选择的工具是一个名为 adb 的程序 - 一个调试器(第七个UNIX 版手册称“adb - 调试器”)。它允许您编辑二进制文件。

然而,人们很少像你想做的那样做出重大改变,主要是因为这是一项非常艰苦的工作,而通过重新编译原始源代码来做到这一点要简单得多、更可靠。

It is utterly aconventional to try that process.

  • Why aren't you just recompiling with the changes?
    • Source not available is the usual reason.
  • Is it a closed source program?
    • If so, you are likely breaking the licence terms by trying.
  • Is the source lost?
    • What happened to the backups and version control?
  • Is it built with the key code in shared libraries?
    • If so, you can look to replace the shared libraries with the new functionality?
  • Can you use LD_PRELOAD to achieve your aims?

Because of the 'source is available' philosophy of UNIX, there aren't many tools to help with the patching of binaries - classically, the tool of choice was a program called adb - a debugger (the 7th Edition UNIX manual said 'adb - debugger'). It allowed you to edit the binary.

However, people seldom make major changes as it sounds like you want to do, primarily because it is very hard work and it is much simpler and more reliable to do it by recompiling the original source.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文