Name:
Anonymous
2015-12-08 1:24
#include <elf.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/mman.h>
// killgdb.c - prevent an elf from being loaded by gdb.
// Jeffrey Crowell <crowell [at] bu [dot] edu>
//
// $ objcopy --only-keep-debug program program.debug
// $ strip program
// $ objcopy --add-gnu-debuglink=program.debug program
// $ ./killgdb program
// $ gdb -q ./program
// Reading symbols from ./program...[1]
// 44513 segmentation fault (core dumped) gdb -q ./program
int filesize(int fd) { return (lseek(fd, 0, SEEK_END)); }
void print_section(Elf64_Shdr *shdr, char *strTab, int shNum,
uint8_t *data) {
int i;
for (i = 0; i < shNum; i++) {
size_t k;
if (!strcmp(".gnu_debuglink", &strTab[shdr[i].sh_name])) {
printf("%02d: %s Offset %lx\n", i, &strTab[shdr[i].sh_name],
shdr[i].sh_offset);
printf("Setting size to zero.\n");
shdr[i].sh_size = 0;
}
}
}
int main(int ac, char **av) {
void *data;
Elf64_Ehdr *elf;
Elf64_Shdr *shdr;
int fd;
char *strtab;
fd = open(av[1], O_RDWR);
data = mmap(NULL, filesize(fd), PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
elf = (Elf64_Ehdr *)data;
shdr = (Elf64_Shdr *)(data + elf->e_shoff);
strtab = (char *)(data + shdr[elf->e_shstrndx].sh_offset);
print_section(shdr, strtab, elf->e_shnum, (uint8_t*)data);
close(fd);
return 0;
}
Name:
Anonymous
2015-12-08 16:59
Is this "Reddit" thing a joke or are there really people here that lurk it?