Hellf
Just a bad joke between ELF and Hell 😩
switch @h2g2 - 12 Décembre 2020
switch @swuitch
🐳 sentry whale
🖤 python & ELF
0xswitch.fr
Why dev Hellf and what is Hellf
a python library , from Hellf import *, to dissect and patch ELF files
(x86 and x86-64 for the moment)
TL DR; ELF files
TL DR; ELF files
Program Headers [Phdr]
Describes how data is organized (mapped) in memory
- permissions (RWX), addresses, sizes
- segments
- used by the loader
$ readelf --segments poc
Section Headers [Shdr]
Describes how data is organized on disk
- .text, .data, .bss, .comment ..
- offset on disk, sizes on disk
- used by the linker and not needed for execution
$ readelf --sections poc
TL DR; ELF files
0x400000
0x401000
0x402000
On file system
On file system
$ ./poc
Virtual Memory (RAM)
GDB : $ vmmap and $ info file and $ xinfo <addr>
Virtual Memory (RAM)
TL DR; Hellf
(! TL DR;) demo
Inspecting
Patching
Unstripping
Going further
github.com/0xswitch/Hellf
github.com/magnussen7/Embuche
https://kaitai.io/
https://excalidraw.com/