BIMPLEMENTING PT_NOTE OVERWRITING USING LIBELF
In Chapter 7, you learned how to inject a code section by overwriting the PT_NOTE segment at a high level. Here, you’ll see how the elfinject tool you’ll find on the virtual machine implements this technique. In the process of describing the elfinject source, you’ll also learn about libelf, a popular open source library for manipulating the contents of ELF binaries.
I’ll focus on the parts of the code that implement the steps from Figure 7-2 (page 170) using libelf, leaving out some parts of the code that are straightforward and don’t involve libelf. To learn more, you can find the rest of the elfinject source on the virtual machine located in the code directory for Chapter 7.
Be sure to read Section ...
Get Practical Binary Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
