C programming resources:
GNU C Function and Macro Index -- glibc reference manual
The C Book -- nice online learner guide
Current ISO draft standard
CCAN -- new CPAN like open source library repository
3 (different) GNU debugger tutorials: #1 -- #2 -- #3
cpwiki -- our wiki on sourceforge
You open the file, you read some data, you compare.
If you're dickering about with modifying an executable and you don't know how to do this basic stuff, then chances are you're going to screw it up.
Post some effort, and stop trying to get others to do the basics as well.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
Well, have you gotten the bit where you open a file and read the contents working yet? If not, that might be the next logical step. It might be a good idea to just read the entire file, just to keep things simple. Then it's just a matter of searching through a block of memory (think 'memcmp'), making changes, and then overwriting the file (once you get that working you may even want to make a backup copy of the file before making changes, just for posterity).but the problem is how to find the target block in my executable so that i can modify my data
here the my code source :the part in bold is when i try to access the .data segment note that i m using lib elf i get as an output the offset of the .data section but I m unable to read the data in it.I need helpCode:/* * Print the names of ELF sections. */ #include <err.h> #include <fcntl.h> #include <gelf.h> #include <stdio.h> #include <stdint.h> #include <stdlib.h> #include <sysexits.h> #include <unistd.h> #include <inttypes.h> //#include <vis.h> char *a="fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg"; int main(int argc, char **argv) { int fd; Elf *e; char *name, *p, pc[4*sizeof(char)]; Elf_Scn *scn; Elf_Data *data; GElf_Shdr shdr; size_t n, shstrndx, sz; char c[1000]; /* if (argc != 2) errx(EX_USAGE, "usage: %s file-name", getprogname()); */ if (elf_version(EV_CURRENT) == EV_NONE) errx(EX_SOFTWARE, "ELF library initialization failed: %s", elf_errmsg(-1)); if ((fd = open(argv[1], O_RDONLY, 0)) < 0) err(EX_NOINPUT, "open \%s\" failed", argv[1]); if ((e = elf_begin(fd, ELF_C_READ, NULL)) == NULL) errx(EX_SOFTWARE, "elf_begin() failed: %s.", elf_errmsg(-1)); if (elf_kind(e) != ELF_K_ELF) errx(EX_DATAERR, "%s is not an ELF object.", argv[1]); if (elf_getshstrndx(e, &shstrndx) == 0) errx(EX_SOFTWARE, "getshstrndx() failed: %s.", elf_errmsg(-1)); scn = NULL; while ((scn = elf_nextscn(e, scn)) != NULL) { if (gelf_getshdr(scn, &shdr) != &shdr) errx(EX_SOFTWARE, "getshdr() failed: %s.", elf_errmsg(-1)); if ((name = elf_strptr(e, shstrndx, shdr.sh_name)) == NULL) errx(EX_SOFTWARE, "elf_strptr() failed: %s.", elf_errmsg(-1)); if(strcmp(name,".data")==0) { data=elf_getdata(scn,NULL); printf("%zd ",data->d_size); //printf("%d ",(void *)data->d_off); p = (char *) data->d_buf; printf("%s",c); printf("%p \n",p); } (void) printf("Section %-4.4jd %s\n", (uintmax_t) elf_ndxscn(scn), name); } if ((scn = elf_getscn(e, shstrndx)) == NULL) errx(EX_SOFTWARE, "getscn() failed: %s.", elf_errmsg(-1)); if (gelf_getshdr(scn, &shdr) != &shdr) errx(EX_SOFTWARE, "getshdr(shstrndx) failed: %s.", elf_errmsg(-1)); (void) printf(".shstrab: size=%jd\n", (uintmax_t) shdr.sh_size); /* data = NULL; n = 0; while (n < shdr.sh_size && (data = elf_getdata(scn, data)) != NULL) { p = (char *) data->d_buf; while (p < (char *) data->d_buf + data->d_size) { if (vis(pc, *p, VIS_WHITE, 0)) printf("%s", pc); n++; p++; (void) putchar((n % 16) ? ' ' : '\n'); } } (void) putchar('\n');*/ (void) elf_end(e); (void) close(fd); exit(EX_OK); }
> data=elf_getdata(scn,NULL);
Calling it once is a start, but it would seem you really need to call it in a loop until you find what you're looking for, or you reach the end of the list.Originally Posted by manual page
FWIW, your "fggg" thing isn't in the data segment in all likelihood, it is a string constant.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
the while loop before the bold text loops through all the sections and then i check for the section whose name is ".data"when i call data=elf_getdata(scn,NULL); and i print the data->d_buf i get a address in hexadecimal I think this the begining address of the global variable .If I'm right Iwant to read from his memory location and this is what I m unable to do .plz help me
a) there is potentially more than one global variable (so a loop within the section). You're not the only one with global data you know, parts of the standard libraries have them too.
b) like I already mentioned, string constants MAY not be in the data section, but in .rodata.
Try
char a[] = "ffffgggg";
and see if you can find that.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
I get an output like this :Code:#include <err.h> #include <fcntl.h> #include <gelf.h> #include <stdio.h> #include <stdint.h> #include <stdlib.h> #include <sysexits.h> #include <unistd.h> #include <inttypes.h> //#include <vis.h> char *a="fggg"; int b=4; int main(int argc, char **argv) { int fd; Elf *e; char *name, *p, pc[4*sizeof(char)]; Elf_Scn *scn; Elf_Data *data; GElf_Shdr shdr; size_t n, shstrndx, sz; char c[1000]; /* if (argc != 2) errx(EX_USAGE, "usage: %s file-name", getprogname()); */ if (elf_version(EV_CURRENT) == EV_NONE) errx(EX_SOFTWARE, "ELF library initialization failed: %s", elf_errmsg(-1)); if ((fd = open(argv[1], O_RDONLY, 0)) < 0) err(EX_NOINPUT, "open \%s\" failed", argv[1]); if ((e = elf_begin(fd, ELF_C_READ, NULL)) == NULL) errx(EX_SOFTWARE, "elf_begin() failed: %s.", elf_errmsg(-1)); if (elf_kind(e) != ELF_K_ELF) errx(EX_DATAERR, "%s is not an ELF object.", argv[1]); if (elf_getshstrndx(e, &shstrndx) == 0) errx(EX_SOFTWARE, "getshstrndx() failed: %s.", elf_errmsg(-1)); scn = NULL; while ((scn = elf_nextscn(e, scn)) != NULL) { if (gelf_getshdr(scn, &shdr) != &shdr) errx(EX_SOFTWARE, "getshdr() failed: %s.", elf_errmsg(-1)); if ((name = elf_strptr(e, shstrndx, shdr.sh_name)) == NULL) errx(EX_SOFTWARE, "elf_strptr() failed: %s.", elf_errmsg(-1)); if(strcmp(name,".data")==0) { data=elf_getdata(scn,NULL); printf("%zd ",data->d_size); //printf("%d ",(void *)data->d_off); p = (char *) data->d_buf; printf("%p \n",p); } if(strcmp(name,".rodata")==0) { data=elf_getdata(scn,NULL); printf("%zd ",data->d_size); p = (char *) data->d_buf; printf("%p \n",p); } } (void) elf_end(e); (void) close(fd); exit(EX_OK); }
redone@ubuntu:~/Bureau$ ./sec sec
224 0xb7f29c68
16 0xb7f2a04c
I think this is the size and the offset of respectivly the .data and the .rodata
Still I m unable to read the content of this memory location and its size If anyone knows how to do that plz help me