LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 08-04-2008, 09:34 PM   #16
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,348

Rep: Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749

I'd like to know why you are doing this, I can't think of a good use for it?
 
Old 08-05-2008, 11:36 AM   #17
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,126
Blog Entries: 2

Rep: Reputation: 124Reputation: 124
ooo I got one (/me pulls out a paintbrush)

Imagine if you will a company buys a program from another company, the company they bought it from goes out of business. The program has a bug, but they can't fix it from the source because they don't have it and they can't request a fix 'cause the other company folded. So they want to test a couple of different patches (and instead of copying the executable and patching the object code directly) they use this method to evaluate the various proposed bug fixes.

 
Old 08-05-2008, 11:44 AM   #18
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 63
While this used to be a common practice, binary patching is rarely done today.

Before shared library loaders were prevalent, I used to write relocatable code objects that could be inserted into a running process. In essence, my programs did what the dynamic loader does today. But this is no longer necessary.

Because of the OPs masking his/her true purpose, I can't help but think this is a game hack or other shady job. I'm willing to be incorrect.
 
Old 08-05-2008, 06:52 PM   #19
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,348

Rep: Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749
Exactly as per Mr C's last.
 
Old 08-05-2008, 07:09 PM   #20
ta0kira
Senior Member
 
Registered: Sep 2004
Distribution: FreeBSD 9.1, Kubuntu 12.10
Posts: 3,078

Rep: Reputation: Disabled
Quote:
Originally Posted by raghu2383 View Post
I think its not really cracking if the program itself decides to inject the code on itself.
Ever wonder why crackers look for program weaknesses? It's because most of cracking is tricking a program into doing something it shouldn't do, such as overwrite a function like printf. If it's your own program then you should be able to just link the new printf symbol ahead of glibc, thereby replacing the mapping in the binary. If the program is already compiled and linked then you're exploiting a weakness, and are therefore cracking.
ta0kira
 
Old 08-05-2008, 09:14 PM   #21
jlinkels
LQ Guru
 
Registered: Oct 2003
Location: Bonaire, Leeuwarden
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195

Rep: Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043
It would be nice if the OP could tell us what application he is developing. He now only tells us he wants to put some code somewhere. Please tell us "I want to reach city A which is 200 miles from here" instead of "can someone tell me how to drive a car"

I never was a good cracker ... my last attempts were with DOS programs where I rerouted the code so it would circumvent the check for key floppy disks or dongles. I can also tell you that some programs copied a piece of data into memory (which actually were instructions) and jumped to it to to execute dongle checks. In that way you were not able to find the instruction in the data file, and if you found them in the running code, it was no use to change them there. Unless you understood the trick and changed the original data.

But...

This sounds not too difficult. All you have to to is write relocatable code. That is, use no absolute addresses. In 6800 we had branches which were relative instead of jumps which were absolute. In 68000 you could jump relative to a data or address register. I think the i386 assembler can jump relative to BP or so (I never liked the x86 assembly!) So as long as you code makes just relative jumps, and you address memory relative to SP, what can be the problem?

Except of course you have to find the address where you want to copy your code to so it can be excuted. But that could be done with a pointer to a function which contains the NOPs to be replaced.

jlinkels
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
function call in kernel code vishalbutte Programming 1 02-15-2006 01:32 PM
error function in c code shams Programming 3 08-06-2004 04:00 AM
Finding function name from address itsme86 Programming 3 07-16-2004 02:16 AM
Diffrerence between position independent code and Relocatable code? eshwar_ind Programming 7 05-11-2004 01:40 AM
C code for killall function Linh Programming 3 08-01-2003 11:34 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 07:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration