#1
  1. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95

    Question modify symbol table to point to random obj. code?


    is it possible to overwrite the addresses in the symbol table to point to objcode that you have inserted into the exe? im guessing the hard part would may be calculating the offset of where your injected code may be, but is this possible in the first place?

    ps. yes im going to start trying now, but some headsup on whether im trying the impossible would be appreciated. :D

    pps. if you dont have anything constructive to add, plz fvck off. thanx.
    Last edited by infamous41md; September 23rd, 2003 at 03:45 PM.
  2. #2
  3. Banned ;)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    Woodland Hills, Los Angeles County, California, USA
    Posts
    9,625
    Rep Power
    4247
    Yes it is. IIRC some viruses do it :D. http://www.amazon.com/exec/obidos/tg...77747?v=glance has some details, if you can get your hands on a copy :D
    Up the Irons
    What Would Jimi Do? Smash amps. Burn guitar. Take the groupies home.
    "Death Before Dishonour, my Friends!!" - Bruce D ickinson, Iron Maiden Aug 20, 2005 @ OzzFest
    Down with Sharon Osbourne

    "I wouldn't hire a butcher to fix my car. I also wouldn't hire a marketing firm to build my website." - Nilpo
  4. #3
  5. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    thanks i've heard of that book b4, but wasnt sure if it was one of those newbish hacker books; i guess not. it can be ordered directly from american eagle publishing which i think i'll be doing... meanwhile back to mangling hello world!:D
  6. #4
  7. Banned ;)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    Woodland Hills, Los Angeles County, California, USA
    Posts
    9,625
    Rep Power
    4247
    I have a copy and it's a pretty good book :D
    Up the Irons
    What Would Jimi Do? Smash amps. Burn guitar. Take the groupies home.
    "Death Before Dishonour, my Friends!!" - Bruce D ickinson, Iron Maiden Aug 20, 2005 @ OzzFest
    Down with Sharon Osbourne

    "I wouldn't hire a butcher to fix my car. I also wouldn't hire a marketing firm to build my website." - Nilpo
  8. #5
  9. I'm Baaaaaaack!
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    Jul 2003
    Location
    Maryland
    Posts
    5,538
    Rep Power
    244
    If you own the machine, you own the executables. Since the executable is just a series of binary instructions, you can make it do anything you want (within the security context). Hackers that take advantage of the many buffer overflows are essentially doing the exact same thing. Study up on linkers and loaders to know what is going on, but it appears to me (after having studied linkers and loaders) that it is just a bunch of pointer math. The main 'challenge' today vs the old virus writers is that there are a bunch of privledged instructions and OS calls that you can't execute if your security context lacks the appropriate permissions. These techniques are used to make executables hack resistant (nothing is hack proof if you own the machine/exe): encrypt the jump tables, encrypt the actual binary, etc. You can make your code quite obscure by dong this and make it nearly impossible to debug, so be sure you keep plenty of backups.

    My blog, The Fount of Useless Information http://sol-biotech.com/wordpress/
    Free code: http://sol-biotech.com/code/.
    Secure Programming: http://sol-biotech.com/code/SecProgFAQ.html.
    Performance Programming: http://sol-biotech.com/code/PerformanceProgramming.html.
    LinkedIn Profile: http://www.linkedin.com/in/keithoxenrider

    It is not that old programmers are any smarter or code better, it is just that they have made the same stupid mistake so many times that it is second nature to fix it.
    --Me, I just made it up

    The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable man.
    --George Bernard Shaw
  10. #6
  11. I'm Baaaaaaack!
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    Jul 2003
    Location
    Maryland
    Posts
    5,538
    Rep Power
    244
    Here is a link to an electronic version of the book (not free, though): http://www.ameaglepubs.com/store/gbb.html. If you find a place to get it hard-copy, please let me know.

    My blog, The Fount of Useless Information http://sol-biotech.com/wordpress/
    Free code: http://sol-biotech.com/code/.
    Secure Programming: http://sol-biotech.com/code/SecProgFAQ.html.
    Performance Programming: http://sol-biotech.com/code/PerformanceProgramming.html.
    LinkedIn Profile: http://www.linkedin.com/in/keithoxenrider

    It is not that old programmers are any smarter or code better, it is just that they have made the same stupid mistake so many times that it is second nature to fix it.
    --Me, I just made it up

    The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable man.
    --George Bernard Shaw
  12. #7
  13. I'm Baaaaaaack!
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    Jul 2003
    Location
    Maryland
    Posts
    5,538
    Rep Power
    244
    This is downloading for me: http://vx.netlux.org/lib/vml01.html. It looks like there is also an HTML version of the book as well (the download is PDF).

    My blog, The Fount of Useless Information http://sol-biotech.com/wordpress/
    Free code: http://sol-biotech.com/code/.
    Secure Programming: http://sol-biotech.com/code/SecProgFAQ.html.
    Performance Programming: http://sol-biotech.com/code/PerformanceProgramming.html.
    LinkedIn Profile: http://www.linkedin.com/in/keithoxenrider

    It is not that old programmers are any smarter or code better, it is just that they have made the same stupid mistake so many times that it is second nature to fix it.
    --Me, I just made it up

    The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable man.
    --George Bernard Shaw
  14. #8
  15. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    thanks for the link, i've been reading this for a couple hours and its very interesting stuff. i've also bee searching for a hardcopy but i cant find one anywhere on the net. none of the auction sites have it. im going to email a couple sellers i know from ebay whom usually have found me books i wanted fairly cheap, i'll let you know what i find.
    Last edited by infamous41md; September 23rd, 2003 at 08:16 PM.
  16. #9
  17. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    you guys prolly already knew about this, but in case you didn't (i just found out it existed); type 'man ptrace' and join in the fun! :D

    edit: this place has lots of good resources http://www.skyfree.org/linux/references/references.html
    such as the ELF specifications.
    and this is just plain fun
    http://www.muppetlabs.com/%7Ebreadbo...ny/teensy.html
    Last edited by infamous41md; September 25th, 2003 at 02:25 AM.

IMN logo majestic logo threadwatch logo seochat tools logo