Create an ELF from scratch #213
Comments
|
Hi! |
|
@romainthomas How do you think about the Necessity of this? While review, there is not a good way to create a ELF if not exist (Because we need to known the type and keep the API). switch(this->header().file_type()) {
case E_TYPE::ET_EXEC:
{
return this->add_segment<E_TYPE::ET_EXEC>(segment, new_base);
break;
}
case E_TYPE::ET_DYN:
{
return this->add_segment<E_TYPE::ET_DYN>(segment, new_base);
break;
}
default:
{
throw not_implemented(std::string("Adding segment for ") + to_string(this->header().file_type()) + " is not implemented");
}
} |
They idea would to create an empty ELF and specifying arch and type (e.g ELF64 - x86_64 - EXEC) and then to have an api to add segment and section. |
I think it could be a solution. Furthermore, a problem is how to process it when the file existed. |
|
Will this issue be solved/implemented? |
|
Posted in #659 and copied to track the use-case: Hello, Thanks for your reply. I think there are two issues, which could be discussed separately:
For the second issue, it can be helpful that I describe my use-case more precisely. In my work, I am often encountering firmware in exotic formats. For example a few years ago, I encountered the firmware used by HP iLO 4 Baseboard Management Controller. This firmware defined for each process their sections, named in a way similar as in an ELF file ( Back to the present, I saw your blog post titled "New ELF Builder" and I thought that LIEF now enabled building ELF from scratch. However it requires "a minimum layout" which does not seem to be documented (and the fact that LIEF supports creating PE files from scratch also gave me false hope, https://lief-project.github.io/doc/latest/tutorials/02_pe_from_scratch.html). What do you think of a feature which would enable building an ELF file from scratch, using defined sections which are for example extracted from a firmware? If I understand correctly, the approach of building a bare ELF and adding the sections one by one is hard to support, because the ELF program header could need to be moved around. Nevertheless if LIEF provided a way to create an ELF directly with given sections (and if it was then possible to define symbols), it would be great :) Originally posted by @niooss-ledger in #659 (comment) |
Yes I completely agree and I removed the ELF Binary constructor as it actually does not
It was a similar request feature that @wisk had. He worked on it a while ago and his experimentation are here. They are based on the old ELF builder but they are worth reading.
Yes the title is a bit confusing but it was more about the performances.
I thought about that for a while and my approach would be to initialize a Binary from a predefined set of section (or segments). It would be something like: import lief
section1 = lief.ELF.Section(".test1")
...
section2 = lief.ELF.Section(".test2")
crafted = lief.ELF.Binary.create("test", lief.ELF.ELF_CLASS.CLASS64
[section1, section2], symbol_table=True)
if crafted is None:
print("Crafting failed")
return
# ... continue the modificationI'll try to make a new PoC to get a better picture of this feature with the new ELF builder 😊 Currently I'm focus on cleaning the code base of LIEF to prepare the next release Originally posted by @romainthomas in #659 (comment) |
|
Curious if any changes happened here. |
After reading the tutorial "02 - Create a PE from scratch", I am wondering is it possible to create an ELF from scratch. I tried
However, if I try to add a section, it shows
And if I try to
binary.write('test')or exit the ipython, it will show "abort (core dumped)".It seems that the binary created in this way will not set any headers, not even the magic number and the class specified in the constructor.
Is this the expected behavior?
The text was updated successfully, but these errors were encountered: