Documentation
¶
Index ¶
- Constants
- Variables
- func AddDTNeeded(filePath, libName string) error
- func FixELF(elf_path, rpath, ld_path string) (err error)
- func GetLibc(pid int) (path string, addr, offset int64, err error)
- func GetSymFromLibc(pid int, sym string) (addr int64, err error)
- func InMemExeRun(elf_data []byte, args []string, env []string) (output string, err error)
- func IsELF(file string) bool
- func IsStaticELF(file_path string) bool
- type Dynamic
- type Dynamic32
- type ELFHeader
- type ProgHeader32
- type ProgHeader64
- type ProgramHeader
- type SectionHeader
- type SectionHeader32
Constants ¶
const ( ELFCLASS32 = 1 ELFCLASS64 = 2 )
ELF constants
const ( SHT_DYNAMIC = 6 SHT_STRTAB = 3 )
ELF section types
const ( DT_NULL = 0 DT_NEEDED = 1 )
ELF dynamic tags
const (
SHF_ALLOC = 0x2
)
ELF section flags
Variables ¶
var ELFMAGIC = []byte{0x7f, 'E', 'L', 'F'}
Functions ¶
func AddDTNeeded ¶
AddDTNeeded adds a specified library to the DT_NEEDED entries of an ELF file. Parameters: - filePath: Path to the ELF file to modify. - libName: Name of the library to add.
func FixELF ¶
FixELF replaces ld and adds rpath to use musl libc. Parameters: - elf_path: Path to the ELF file to fix.
func GetLibc ¶
GetLibc gets the base address, ASLR offset value, and path of libc by parsing /proc/pid/maps. Parameters: - pid: Process ID of the target process.
func GetSymFromLibc ¶
GetSymFromLibc gets the pointer to a libc function that is currently loaded in the target process, ASLR-proof. Parameters: - pid: Process ID of the target process. - sym: Name of the symbol to find.
func InMemExeRun ¶
InMemExeRun runs an ELF binary with the given arguments and environment variables, completely in memory.
func IsStaticELF ¶
IsStaticELF checks if the given ELF file is statically linked. Parameters: - file_path: Path to the ELF file to check.
Types ¶
type ELFHeader ¶
type ELFHeader struct {
Ident [16]byte
Type uint16
Machine uint16
Version uint32
Entry uint64
Phoff uint64
Shoff uint64
Flags uint32
Ehsize uint16
Phentsize uint16
Phnum uint16
Shentsize uint16
Shnum uint16
Shstrndx uint16
ProgramHeaders []ProgramHeader
}
ELFHeader represents the ELF header for both 32-bit and 64-bit binaries.
func ParseELF32 ¶
ParseELF32 parses the ELF header for 32-bit binaries. Parameters: - reader: Reader for the ELF file data. - ident: ELF identification bytes.
func ParseELF64 ¶
ParseELF64 parses the ELF header for 64-bit binaries. Parameters: - reader: Reader for the ELF file data. - ident: ELF identification bytes.
func ParseELFHeaders ¶
ParseELFHeaders parses ELF headers from the given byte slice. Parameters: - data: Byte slice containing the ELF file data.
type ProgHeader32 ¶
type ProgHeader32 struct {
Type uint32
Off uint32
Vaddr uint32
Paddr uint32
Filesz uint32
Memsz uint32
Flags uint32
Align uint32
}
ProgHeader32 represents a 32-bit ELF program header.
type ProgHeader64 ¶
type ProgHeader64 struct {
Type uint32
Flags uint32
Off uint64
Vaddr uint64
Paddr uint64
Filesz uint64
Memsz uint64
Align uint64
}
ProgHeader64 represents a 64-bit ELF program header.
type ProgramHeader ¶
type ProgramHeader struct {
Type uint32
Flags uint32
Off uint64
Vaddr uint64
Paddr uint64
Filesz uint64
Memsz uint64
Align uint64
}
ProgramHeader represents a generic ELF program header.
func (*ProgramHeader) Print ¶
func (ph *ProgramHeader) Print(index int)
Print prints the program header information.
Source Files