From: Datesfat Chicks on
"Jens Thoms Toerring" <jt(a)toerring.de> wrote in message
news:83u5naFjkhU1(a)mid.uni-berlin.de...
> Datesfat Chicks <datesfat.chicks(a)gmail.com> wrote:
>> "Moi" <root(a)invalid.address.org> wrote in message
>> news:e0d5c$4bd9aca7$5350c024$26915(a)cache120.multikabel.net...
>> > a very simple workaround: if you are able to locate the [f]printf()'s
>> > format string in the library, you could change it's first character to
>> > '\0'.
>
>> What tool would I use to modify a library file (.so or .a, can't
>> remember)
>> in that way?
>
> One possible tool is emacs - load the .a or .so file, switch
> to 'hexl-mode' (M-x hexl-mode) and then you can search in the
> file for the offending format string and replace the first of
> its characters by 0.

I'm actually an [unskilled] emacs-nox user. I didn't realize emacs could do
that.

I also didn't realize it would be so easy. I assumed there were checksums
and so on that would be violated if I did that, rendering the library
invalid.

Datesfat.

From: Kenny McCormack on
In article <6oadnWEFrOPVeUTWnZ2dnUVZ_oOdnZ2d(a)giganews.com>,
Datesfat Chicks <datesfat.chicks(a)gmail.com> wrote:
....
>I also didn't realize it would be so easy. I assumed there were checksums
>and so on that would be violated if I did that, rendering the library
>invalid.

There's no 'a priori' reason for it not to work. A paranoid library
writer might enforce something like that - do a checksum on itself to
see if it's been modified. You'll just have to try it and see.
I've certainly done this and have not had adverse results. However,
note that, on the Window platform, most EXE files these days are
compressed/encrypted, so you can't really do binary hacking anymore.
But that's unlikely to be the case on Unix.

BTW, you should Google for "binary editor"; there are several out there.
One pretty well known one is "beav".

--
> No, I haven't, that's why I'm asking questions. If you won't help me,
> why don't you just go find your lost manhood elsewhere.

CLC in a nutshell.

From: David Bernier on
Datesfat Chicks wrote:
> "Jens Thoms Toerring" <jt(a)toerring.de> wrote in message
> news:83u5naFjkhU1(a)mid.uni-berlin.de...
>> Datesfat Chicks <datesfat.chicks(a)gmail.com> wrote:
>>> "Moi" <root(a)invalid.address.org> wrote in message
>>> news:e0d5c$4bd9aca7$5350c024$26915(a)cache120.multikabel.net...
>>> > a very simple workaround: if you are able to locate the [f]printf()'s
>>> > format string in the library, you could change it's first character to
>>> > '\0'.
>>
>>> What tool would I use to modify a library file (.so or .a, can't
>>> remember)
>>> in that way?
>>
>> One possible tool is emacs - load the .a or .so file, switch
>> to 'hexl-mode' (M-x hexl-mode) and then you can search in the
>> file for the offending format string and replace the first of
>> its characters by 0.
>
> I'm actually an [unskilled] emacs-nox user. I didn't realize emacs
> could do that.
>
> I also didn't realize it would be so easy. I assumed there were
> checksums and so on that would be violated if I did that, rendering the
> library invalid.

I wouldn't expect a library file ( *.so for example ) to contain error control
characters. Rather, a hard disk has error control mechanisms (redundancy bits)
on the medium (the disk); but when reading a file from the disk, only
the "message bits" appear. For example, RAND's 1 million random digits
can be put inside a file of size 1,000,000 bytes (8,000,000 bits).
In the same way, 1,000,000 random hex digits (maybe even 2,000,000 hex digits?)
could fit in a file of size 1,000,000 bytes .

David Bernier


An exception might be image files *.iso for installing Linux, for example.