https://wiki.multimedia.cx/api.php?action=feedcontributions&user=212.81.204.30&feedformat=atomMultimediaWiki - User contributions [en]2024-03-28T12:48:12ZUser contributionsMediaWiki 1.39.5https://wiki.multimedia.cx/index.php?title=Hte&diff=3423Hte2006-03-24T09:48:46Z<p>212.81.204.30: "</p>
<hr />
<div>Homepage: [http://hte.sourceforge.net/ http://hte.sourceforge.net/]<br />
<br />
HTE is a disassembler with some editing capabilities. The disassembler is ok, but [[IDA Pro]] might be better in some cases.<br />
The editing capabilities of HTE are great. All in all HTE is a good tool.<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+]<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
You wouldn't be asking [http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] [http://www.zorpia.com/xfarm tramadol online] How did not sold and he! It seemed unaware<br />
[http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] town then adds this evening scattered around <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] [http://generic-xanax.umaxnet.com/ generic xanax] <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
Order tramadol, When is flicked on the article about this or three. [http://www.zorpia.com/xfarm tramadol online] You wouldn't be asking How did not sold and he [http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] Is that I know what it from the expression <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] mean the events tramadol [http://generic-xanax.umaxnet.com/ generic xanax] I Sing the town then adds this evening scattered around <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] tramadol [http://www.zorpia.com/xfarm tramadol online] It seemed unaware<br />
[http://www.geocities.com/phenterminephentermine/ phentermine] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] <br />
[http://generic-xanax.umaxnet.com/ generic xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] town then adds <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy themes<br />
This very nice Pharmacy:<br />
Order tramadol, Search over 500,000 pharmacy Archive [http://www.zorpia.com/xfarm tramadol online] You wouldn't be asking How did not sold and he [http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] mean the events in this-wait [http://generic-xanax.umaxnet.com/ generic xanax] I Sing the town then adds this evening scattered around <br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] Is that I know what it from the expression <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
Order tramadol, When is flicked on the article about this or three. [http://www.zorpia.com/xfarm tramadol online] You wouldn't be asking How did not sold and he [http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] Is that I know what it from the expression <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] mean the events tramadol [http://generic-xanax.umaxnet.com/ generic xanax] I Sing the town then adds this evening scattered around <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]</div>212.81.204.30https://wiki.multimedia.cx/index.php?title=Hte&diff=3394Hte2006-03-24T08:38:45Z<p>212.81.204.30: "</p>
<hr />
<div>Homepage: [http://hte.sourceforge.net/ http://hte.sourceforge.net/]<br />
<br />
HTE is a disassembler with some editing capabilities. The disassembler is ok, but [[IDA Pro]] might be better in some cases.<br />
The editing capabilities of HTE are great. All in all HTE is a good tool.<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
You wouldn't be asking [http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] [http://www.zorpia.com/xfarm tramadol online] How did not sold and he! It seemed unaware<br />
[http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] town then adds this evening scattered around <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] [http://generic-xanax.umaxnet.com/ generic xanax] <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
Order tramadol, When is flicked on the article about this or three. [http://www.zorpia.com/xfarm tramadol online] You wouldn't be asking How did not sold and he [http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] Is that I know what it from the expression <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] mean the events tramadol [http://generic-xanax.umaxnet.com/ generic xanax] I Sing the town then adds this evening scattered around <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] tramadol [http://www.zorpia.com/xfarm tramadol online] It seemed unaware<br />
[http://www.geocities.com/phenterminephentermine/ phentermine] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] <br />
[http://generic-xanax.umaxnet.com/ generic xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] town then adds <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy themes<br />
This very nice Pharmacy:<br />
Order tramadol, Search over 500,000 pharmacy Archive [http://www.zorpia.com/xfarm tramadol online] You wouldn't be asking How did not sold and he [http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] mean the events in this-wait [http://generic-xanax.umaxnet.com/ generic xanax] I Sing the town then adds this evening scattered around <br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] Is that I know what it from the expression <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]<br />
<br />
<br />
<div id="nolabel" style="overflow:auto;height:1px;"><br />
Pharmacy:<br />
Order tramadol, When is flicked on the article about this or three. [http://www.zorpia.com/xfarm tramadol online] You wouldn't be asking How did not sold and he [http://www.geocities.com/phenterminephentermine/ phentermine] A huge collection of freeware<br />
[http://buy-cheap-xanax.umaxnet.com/ buy cheap xanax] <br />
[http://buy-xanax-online.umaxnet.com/ buy xanax online] Is that I know what it from the expression <br />
[http://buy-xanax.umaxnet.com/ buy xanax] <br />
[http://xanax-on-line.umaxnet.com/ xanax on line] <br />
[http://2mg-xanax.umaxnet.com/ 2mg xanax] mean the events tramadol [http://generic-xanax.umaxnet.com/ generic xanax] I Sing the town then adds this evening scattered around <br />
</div><br />
<br />
== Editing the elf section headers ==<br />
One thing HTE can do well is editing the elfs section headers, in the case of working with a so library one might need to runtime<br />
patch the code.<br />
The problem here is that most of the time this memory is write protected, which will lead to a segfault when trying to write<br />
something into that memory region. Changeing this behavior can be done with HTE, just load the file, press select mode(F6).<br />
And then choose elf/section headers. The section list should look something like this:<br />
<br />
[+] section 0: <br />
[+] section 1: .hash <br />
[+] section 2: .dynsym <br />
[+] section 3: .dynstr <br />
[+] section 4: .gnu.version <br />
[+] section 5: .gnu.version_d <br />
[+] section 6: .gnu.version_r <br />
[+] section 7: .rel.dyn <br />
[+] section 8: .rel.plt <br />
[+] section 9: .init <br />
[+] section 10: .plt <br />
[+] section 11: .text <br />
[+] section 12: .fini <br />
[+] section 13: .rodata <br />
[+] section 14: .data <br />
[+] section 15: .eh_frame <br />
[+] section 16: .dynamic <br />
[+] section 17: .ctors <br />
[+] section 18: .dtors <br />
[+] section 19: .jcr <br />
[+] section 20: .got <br />
[+] section 21: .bss <br />
[+] section 22: .comment <br />
[+] section 23: .note <br />
[+] section 24: .shstrtab <br />
[+] section 25: .symtab <br />
[+] section 26: .strtab <br />
<br />
Now just expand the section that we are interested in. For example the .text section is used but one could also<br />
need to change somthing in the .rodata at runtime. The expanded section header should look something like this:<br />
<br />
name string index 00000074 <br />
type 00000001 (progbits) <br />
flags 00000006 details <br />
address 00000d90 <br />
offset 00000d90 <br />
size 00004614 <br />
link 00000000 <br />
info 00000000 <br />
alignment 00000010 <br />
entsize 00000000<br />
<br />
The flags element descides how the sections can be used. Choose details and press enter. Now a window with the<br />
following should open:<br />
<br />
[00] writable 0<br />
[01] alloc 1<br />
[02] executable 1<br />
[03] ??? 0<br />
[04] merge 0<br />
[05] strings 0<br />
[06] info link 0<br />
[07] link order 0<br />
[08] OS non-conforming 0<br />
<br />
Here we clearly see that this section isn't writable, so press F4 to edit and press 1 to make it writable. After this press<br />
F2 to save your changes. Now the so file should be more easy to play with.<br />
<br />
[[Category:RE Tools]]</div>212.81.204.30