Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-22-2013, 03:15
netseeker netseeker is offline
Friend
 
Join Date: Jan 2009
Posts: 23
Rept. Given: 14
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 0 Times in 0 Posts
netseeker Reputation: 0
Question need to help for cracking ELF linux

Hi all,

I am pretty new to linux reversing. I have a target whcih I want to choose between either following techniques :

1- change a constant string
2- change a JNE to JMP

I analysed my target using IDA and found the correct place to patch. but since the ELF file is "stripped" I am not quite sure if I change the JNE to JMP in HEX mode, does it solve my problem?.

the other way is, to change the constant string in HEX mode but the string needs to be the same length or less.

my problem : I want a reliable debugger/disassembler running under linux for doing such task(either changing string without hassale or change OP codes). which tool do you suggest?

Best,
Reply With Quote
  #2  
Old 03-22-2013, 05:29
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Red face

My favorite tool for such a tasks is hiew (a windows tool one)

you don't need a reliable debugger/disassemble to do these kind of things (patching and bytes changeout)

just an old good hex editor with a disassembler inside.
thats it
Reply With Quote
  #3  
Old 03-23-2013, 08:16
|roe |roe is offline
Friend
 
Join Date: Jun 2011
Location: Saturn V, towards the heaven
Posts: 50
Rept. Given: 193
Rept. Rcvd 24 Times in 17 Posts
Thanks Given: 2
Thanks Rcvd at 6 Times in 5 Posts
|roe Reputation: 24
Take a look at these posts, I hope they are useful:
[1] Basic RE under Linux - http://hypervion.blogspot.com/2012/07/basic-reverse-engineering-for-study.html
[2] GDB and DWARF standard under Linux - http://hypervion.blogspot.com/2012/07/using-gdb-and-dwarf-standard-for.html
[3] Debugging under Linux - http://hypervion.blogspot.com/2012/06/asm-and-debugging-on-linux-what-is-deal.html

hexedit tool or Bless Hex Editor (GUI) should do the job to change opcodes.
Reply With Quote
  #4  
Old 03-23-2013, 10:04
QuakeGamer QuakeGamer is offline
Friend
 
Join Date: Sep 2010
Posts: 71
Rept. Given: 2
Rept. Rcvd 8 Times in 6 Posts
Thanks Given: 4
Thanks Rcvd at 51 Times in 28 Posts
QuakeGamer Reputation: 8
You can simply use Hopper-Disassembler to patch it.
Reply With Quote
  #5  
Old 03-24-2013, 02:32
wilson bibe wilson bibe is offline
VIP
 
Join Date: Nov 2012
Posts: 499
Rept. Given: 491
Rept. Rcvd 439 Times in 180 Posts
Thanks Given: 953
Thanks Rcvd at 178 Times in 113 Posts
wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499
Look this: http://www.winehq.org/, Open Source Software for running Windows; and this: http://www.howtogeek.com/133515/4-ways-to-run-windows-software-on-linux/ applications on other operating systems, maybe this can help you.
Regards
Reply With Quote
  #6  
Old 05-08-2013, 07:51
swork3 swork3 is offline
Friend
 
Join Date: Jul 2004
Posts: 18
Rept. Given: 0
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 2
Thanks Rcvd at 10 Times in 4 Posts
swork3 Reputation: 2
the best (native, open source tool) is ht-editor hte.sf.net, it is not limited to elf/unix, even runs on win
Reply With Quote
Reply

Tags
elf, linux, reversing

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
EKOPARTY TRAINING: Introducci¨Žn al Cracking & Anti-Cracking in SPANISH 17/08/10 ricnar456 General Discussion 10 11-25-2010 02:15


All times are GMT +8. The time now is 06:33.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )