# remove ".got.plt" and ".plt" section testFile.deleteSectionByName(".got.plt") testFile.deleteSectionByName(".plt") # copy section list to iterate on copied sections tempList = list(testFile.sections) # iterate over sections for section in tempList: # when ".text" section was found, create two new sections # (".got.plt" and ".plt") with the same boundaries # this means that ".text", ".got.plt" and ".plt" overlap which # confuses analysis tools like IDA 6.1.x and gdb if (section.sectionName == ".text"): testFile.addNewSection( ".got.plt", SH_type.SHT_PROGBITS, (SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC), section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset, section.elfN_shdr.sh_size, section.elfN_shdr.sh_link, section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0) testFile.addNewSection( ".plt", SH_type.SHT_PROGBITS, (SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC), section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset, section.elfN_shdr.sh_size, section.elfN_shdr.sh_link, section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0) break testFile.writeElf("test_ls") print "written to %s" % ("test_ls")
size = allowedSections[inSection].elfN_shdr.sh_size newStart = random.randint(0, size-1) offset += newStart addr += newStart size -= newStart # pick a random section name sectionName = random.randint(0, len(allowedSections)-1) newName = allowedSections[sectionName].sectionName # pick a random section name while True: sectionName = random.randint(0, len(allowedSections)-1) newName = allowedSections[sectionName].sectionName # ignore this section names because they can generate errors # with IDA 6.1.x if (newName != ".got" and newName != ".got.plt" and newName != ".init" and newName != ".plt" and newName != ".fini"): break testFile.addNewSection(newName, SH_type.SHT_PROGBITS, (SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC), addr, offset, size, section.elfN_shdr.sh_link, section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0) testFile.writeElf("test_ls")
# remove ".got.plt" and ".plt" section testFile.deleteSectionByName(".got.plt") testFile.deleteSectionByName(".plt") # copy section list to iterate on copied sections tempList = list(testFile.sections) # iterate over sections for section in tempList: # when ".text" section was found, create two new sections # (".got.plt" and ".plt") with the same boundaries # this means that ".text", ".got.plt" and ".plt" overlap which # confuses analysis tools like IDA 6.1.x and gdb if (section.sectionName == ".text"): testFile.addNewSection(".got.plt", SH_type.SHT_PROGBITS, (SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC), section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset, section.elfN_shdr.sh_size, section.elfN_shdr.sh_link, section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0) testFile.addNewSection(".plt", SH_type.SHT_PROGBITS, (SH_flags.SHF_EXECINSTR | SH_flags.SHF_ALLOC), section.elfN_shdr.sh_addr, section.elfN_shdr.sh_offset, section.elfN_shdr.sh_size, section.elfN_shdr.sh_link, section.elfN_shdr.sh_info, section.elfN_shdr.sh_addralign, 0) break testFile.writeElf("test_ls") print "written to %s" % ("test_ls")