From: Datesfat Chicks on 29 Apr 2010 15:55 "Jens Thoms Toerring" <jt(a)toerring.de> wrote in message news:83u5naFjkhU1(a)mid.uni-berlin.de... > Datesfat Chicks <datesfat.chicks(a)gmail.com> wrote: >> "Moi" <root(a)invalid.address.org> wrote in message >> news:e0d5c$4bd9aca7$5350c024$26915(a)cache120.multikabel.net... >> > a very simple workaround: if you are able to locate the [f]printf()'s >> > format string in the library, you could change it's first character to >> > '\0'. > >> What tool would I use to modify a library file (.so or .a, can't >> remember) >> in that way? > > One possible tool is emacs - load the .a or .so file, switch > to 'hexl-mode' (M-x hexl-mode) and then you can search in the > file for the offending format string and replace the first of > its characters by 0. I'm actually an [unskilled] emacs-nox user. I didn't realize emacs could do that. I also didn't realize it would be so easy. I assumed there were checksums and so on that would be violated if I did that, rendering the library invalid. Datesfat.
From: Kenny McCormack on 30 Apr 2010 10:46 In article <6oadnWEFrOPVeUTWnZ2dnUVZ_oOdnZ2d(a)giganews.com>, Datesfat Chicks <datesfat.chicks(a)gmail.com> wrote: .... >I also didn't realize it would be so easy. I assumed there were checksums >and so on that would be violated if I did that, rendering the library >invalid. There's no 'a priori' reason for it not to work. A paranoid library writer might enforce something like that - do a checksum on itself to see if it's been modified. You'll just have to try it and see. I've certainly done this and have not had adverse results. However, note that, on the Window platform, most EXE files these days are compressed/encrypted, so you can't really do binary hacking anymore. But that's unlikely to be the case on Unix. BTW, you should Google for "binary editor"; there are several out there. One pretty well known one is "beav". -- > No, I haven't, that's why I'm asking questions. If you won't help me, > why don't you just go find your lost manhood elsewhere. CLC in a nutshell.
From: David Bernier on 3 May 2010 12:14
Datesfat Chicks wrote: > "Jens Thoms Toerring" <jt(a)toerring.de> wrote in message > news:83u5naFjkhU1(a)mid.uni-berlin.de... >> Datesfat Chicks <datesfat.chicks(a)gmail.com> wrote: >>> "Moi" <root(a)invalid.address.org> wrote in message >>> news:e0d5c$4bd9aca7$5350c024$26915(a)cache120.multikabel.net... >>> > a very simple workaround: if you are able to locate the [f]printf()'s >>> > format string in the library, you could change it's first character to >>> > '\0'. >> >>> What tool would I use to modify a library file (.so or .a, can't >>> remember) >>> in that way? >> >> One possible tool is emacs - load the .a or .so file, switch >> to 'hexl-mode' (M-x hexl-mode) and then you can search in the >> file for the offending format string and replace the first of >> its characters by 0. > > I'm actually an [unskilled] emacs-nox user. I didn't realize emacs > could do that. > > I also didn't realize it would be so easy. I assumed there were > checksums and so on that would be violated if I did that, rendering the > library invalid. I wouldn't expect a library file ( *.so for example ) to contain error control characters. Rather, a hard disk has error control mechanisms (redundancy bits) on the medium (the disk); but when reading a file from the disk, only the "message bits" appear. For example, RAND's 1 million random digits can be put inside a file of size 1,000,000 bytes (8,000,000 bits). In the same way, 1,000,000 random hex digits (maybe even 2,000,000 hex digits?) could fit in a file of size 1,000,000 bytes . David Bernier An exception might be image files *.iso for installing Linux, for example. |