安全地修改 x86 二进制文件中的操作码
例如,给定一个使用 gdb 分析的二进制文件,我想通过修改其中的一些字节来“修补”该二进制文件(以便执行一些自定义代码)。例如,
leave
ret
push $0x108f6680
jmp 0x49c0028
...
可以修改以下内容,使其看起来像这样:
sub %esi, 0x0
jne <short range>
leave
ret
...
不幸的是,据我所知,这不是一个安全的修改(即使在第一个代码块中,看起来被丢弃的是一些垃圾代码从未执行),因为在 x86 中,相同的操作码可以在不同的指令中重用(存在一些指令重叠)。尽管如此,是否有一种安全的方法来修改这些字节(也许是二进制文件中的其他地方?)?我希望二进制文件仍然正常执行,除了基本上是我添加的代码。
注意:这是出于教育目的在我自己的二进制文件上完成的,这里没有任何非法内容。
Given a binary analyzed with gdb for example, I want to "patch" the binary by modifying some bytes in it (so that some custom code is executed). For example, the following :
leave
ret
push $0x108f6680
jmp 0x49c0028
...
Could be modified so that it looks like that :
sub %esi, 0x0
jne <short range>
leave
ret
...
Unfortunately, as far as I know, this is not a safe modification (even if in the first block of code it looks like what has been discarded was some junk code never executed) because in x86, the same opcodes can be reused in different instructions (there is some instruction overlap). Nonetheless, is there a safe method to modify those bytes (maybe somewhere else in the binary?) ? I want the binary to still execute normally, except that there is my added code basically.
N.B : This is done for educational purposes on my own binaries, nothing illegal here.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
没有编译器会这样做。只有当二进制文件被故意混淆并跳转到指令中间时才会发生这种情况。
如果您没有将此类混淆放入您的二进制文件中(即,如果它只是编译器生成的二进制文件),那么您无需担心“指令重用”。
No compiler will do that. This can only happen if the binary is intentionally obfuscated, and jumps into the middle of instruction.
If you didn't put such obfuscation into your binary (i.e. if it's simply a compiler-generated binary), then you don't need to worry about "instruction reuse".