def main():
a = p.parse_args()
if not a.offset.startswith('0x'):
a.offset = '0x' + a.offset
offset = int(a.offset, 16)
bytes = unhex(a.bytes)
elf = ELF(a.elf)
elf.write(offset, bytes)
sys.stdout.write(elf.get_data())
def main():
a = p.parse_args()
if not a.offset.startswith('0x'):
a.offset = '0x' + a.offset
offset = int(a.offset, 16)
bytes = unhex(a.bytes)
elf = ELF(a.elf)
elf.write(offset, bytes)
sys.stdout.write(elf.get_data())
def patch(f, implant_elf, implant):
e = ELF(f)
sections_base_addr = e.symbols["sections"]
implant_section_num = 3 # base 0
section_patch_addr = sections_base_addr + implant_section_num * 0x20
implant_prom_addr = 0x00220000
implant_prom_len = len(implant)
implant_load_addr = 0x42800000
implant_section_flags = 0 # Not Compressed
section_patch = pack(">IIII", implant_load_addr, implant_prom_addr,
implant_prom_len, implant_section_flags)
section_patch = section_patch + b".challenge"
# Patch in Implant
patch_file(implant, implant_prom_addr)
# Patch Sections
e.write(section_patch_addr, section_patch)
patch_file(section_patch, section_patch_addr)
# Patch Entry Point
e.write(e.symbols["_entry"], pack(">I", implant_load_addr))
patch_file(pack(">I", implant_load_addr), e.symbols["_entry"])
e.save(f + ".patched")
with open(implant_elf, "r+b") as f:
data = f.read()
#data = re.sub(b'\x42\x80', b'\x00,\x22', data)
#data = re.sub(b'\x42\x7f', b'\x00,\x21', data)
#data = re.sub(b'\x42\x81', b'\x00,\x23', data)
with open(implant_elf, 'wb') as f:
f.write(data[:0x18])
f.write(pack(">I", implant_prom_addr))
f.write(data[0x1c:0x3c])
f.write(pack(">II", 0x00210000, 0x00210000))
f.write(data[0x44:0x5c])
f.write(pack(">H", 0x0023))
f.write(data[0x5e:0x60])
f.write(pack(">H", 0x0023))
f.write(data[0x62:])
