Reverse Engineering Asked by movecx on February 27, 2021
I was reading this CTF write up and wanted to know more than the author cared to explain.
I actually just patched the PLT entries of getenv(), ptrace() and sleep(), as sleeps get pretty annoying during debug
What I wanted to know is what’s the best way of going about patching PLT or GOT entries directly into the binary?
You could use radare2 to do this. First open the binary in "write" mode.
radare2 -w ./binaryname
Now you need to seek to the address you wish to modify:
s 0x8048739
Assuming that you wished to write out, say 5 NOPs for whatever reason, you could do:
wx 9090909090
Finally to save and quit:
q
Correct answer by user1743 on February 27, 2021
You could use a hex editor like HxD or HIEW to modify the binary directly. Find the hex bytes that you want to change and lookup the opcodes that you want to change them to. Also, you can patch directly from IDA if you want as well, which is made easier with the idapatcher plug in.
Answered by tyh on February 27, 2021
You can do this pretty easily with Pwntools:
from pwn import *
elf = ELF('./your-binary')
elf.asm(elf.symbols.ptrace, 'xor eax, eax; ret')
elf.save('./your-patched-binary')
Answered by Zach Riggle on February 27, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP