The ELF shell 0.51b3 review
DownloadThe ELF shell is an interactive, modular and scriptable ELF (Executable & Linking Format) machine designed for executable files, shar
|
|
The ELF shell is an interactive, modular and scriptable ELF (Executable & Linking Format) machine designed for executable files, shared libraries and relocatable ELF objects manipulation.
It is useful for embedded plain C code injection, on-the-fly patching, execution flow redirection, fuzzy testing, and common binary analysis tasks in the life of reverse engineers, security auditing or intrusion detection fanatics.
ELFsh is composed of libelfsh & libasm and does provide a modular interface, so that the full API is usable in external projects. The software is compatible with kernel hardening patches and it can perform fully operational modifications on non-executable stack and heap based systems.
Here are some key features of "The ELF shell":
Analysis on nearly all types of sections
Cool disasm/resolving engine with libelfsh and libasm
Raw read/write capability into ELF32 objects
Modify ELF header, PHT, SHT, GOT, CTORS, DTORS, .dynamic, PAX bits
Modify symbol table, dynamic symbol table and relocation tables
Remove or reconstruct SHT
Real interactive and scripting modes
Many kind of section injection [even working in non-exec environments]
ELFsh Module support and ELFsh internal API
Quiet output [for tiny screens and shellcript friendship ;]
Experimental ET_EXEC relocation and remapping feature (INTEL)
Full ET_REL injection into ET_EXEC (INTEL / SPARC)
PLT infection (INTEL and SPARC)
ALTPLT technique (INTEL and SPARC)
Control flow graphs with graphviz output (i386)
The ELF shell 0.51b3 keywords