# remove ".got.plt" and ".plt" section
testFile.deleteSectionByName(".got.plt")
testFile.deleteSectionByName(".plt")
# copy section list to iterate on copied sections
tempList = list(testFile.sections)
# iterate over sections
for section in tempList:
# when ".text" section was found, create two new sections
# (".got.plt" and ".plt") with the same boundaries
# this means that ".text", ".got.plt" and ".plt" overlap which
# confuses analysis tools like IDA 6.1.x and gdb
if (section.sectionName == ".text"):
testFile.addNewSection(
".got.plt", SH_type.SHT_PROGBITS,
(SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC),
section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset,
section.elfN_shdr.sh_size, section.elfN_shdr.sh_link,
section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0)
testFile.addNewSection(
".plt", SH_type.SHT_PROGBITS,
(SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC),
section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset,
section.elfN_shdr.sh_size, section.elfN_shdr.sh_link,
section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0)
break
testFile.writeElf("test_ls")
print "written to %s" % ("test_ls")
size = allowedSections[inSection].elfN_shdr.sh_size
newStart = random.randint(0, size-1)
offset += newStart
addr += newStart
size -= newStart
# pick a random section name
sectionName = random.randint(0, len(allowedSections)-1)
newName = allowedSections[sectionName].sectionName
# pick a random section name
while True:
sectionName = random.randint(0, len(allowedSections)-1)
newName = allowedSections[sectionName].sectionName
# ignore this section names because they can generate errors
# with IDA 6.1.x
if (newName != ".got"
and newName != ".got.plt"
and newName != ".init"
and newName != ".plt"
and newName != ".fini"):
break
testFile.addNewSection(newName, SH_type.SHT_PROGBITS,
(SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC), addr, offset,
size, section.elfN_shdr.sh_link, section.elfN_shdr.sh_info,
section.elfN_shdr.sh_addralign, 0)
testFile.writeElf("test_ls")
# remove ".got.plt" and ".plt" section
testFile.deleteSectionByName(".got.plt")
testFile.deleteSectionByName(".plt")
# copy section list to iterate on copied sections
tempList = list(testFile.sections)
# iterate over sections
for section in tempList:
# when ".text" section was found, create two new sections
# (".got.plt" and ".plt") with the same boundaries
# this means that ".text", ".got.plt" and ".plt" overlap which
# confuses analysis tools like IDA 6.1.x and gdb
if (section.sectionName == ".text"):
testFile.addNewSection(".got.plt", SH_type.SHT_PROGBITS,
(SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC),
section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset,
section.elfN_shdr.sh_size, section.elfN_shdr.sh_link,
section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0)
testFile.addNewSection(".plt", SH_type.SHT_PROGBITS,
(SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC),
section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset,
section.elfN_shdr.sh_size, section.elfN_shdr.sh_link,
section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0)
break
testFile.writeElf("test_ls")
print "written to %s" % ("test_ls")
