anyone know of any interesting ELF binary patching tricks? like LD_PRELOAD but u got root access and wanna make things permanent
basically then everyone who links with mylib.so will also get mylib_original.so, but the name of the my_symbol we want to override is mangled, so it has to take the one we defined
note: I haven't tried this
@libc @SuricrasiaOnline if you fill ldconfig's cache with bogus data, you could probably create some wtf situations
i resorted to writing a script that basically did what i did in a hex editor to rename symbols. thanks binutils
@SuricrasiaOnline wow twitter absolutely blew this one off the site, i had to switch over to here to see it
@SuricrasiaOnline i've never dug into these kinds of stuff, but isn't there stuff for doing it? my system has patchelf and elfedit, and i thought there was some other binary patching stuff in some less standard package i can't otherwise recall?
@ze woah never heard of either of those, I'll take a look
@SuricrasiaOnline no guarantees that they're relevant, but good luck :)
@SuricrasiaOnline Nix uses patchelf extensively, mostly for setting the RPATH and interpreter of elf files to custom things. It also uses a patched version of ld iirc.
@SuricrasiaOnline tmp.0ut (https://tmpout.sh) has some stuff about something like this. you could try something like https://tmpout.sh/1/2.html but instead of changing the elf entry point, you just change the address for the symbol
@SuricrasiaOnline tl;dr, append your new code and change an unneeded program header to PT_LOAD to load the new code
@SuricrasiaOnline FreeBSD has elfctl(1) in base. it's for twiddling bits in a notes header that tell the kernel something about your binary.
a writup of what the bits do: https://github.com/golang/go/issues/48164
how it's twiddled: https://github.com/freebsd/freebsd-src/blob/main/usr.bin/elfctl/elfctl.c
@SuricrasiaOnline Not super interesting, but still useful: You can set a library lookup path within the ELFdynamic section in the "RUNPATH" string via -Wl,-rpath . It should also be possible to patch this in the header with medium effort.
my current "best idea" for replacing a symbol in a .so permanently is:
mv mylib.so mylib_original.so
sed -i 's/my_symbol/#y_symbol/' mylib_original.so
create a shared library that defines my_symbol and dynamically links with mylib_original.so, and name it mylib.so