1 /*
2 ** modremap.c for elfsh
3 **
4 ** Coded by spacewalker, grace day of 14th March 2003
5 **
6 ** THIS CODE IS EXPERIMENTAL !
7 **
8 ** It cannot remap some binaries because of existing false
9 ** positives in the ET_EXEC relocation code . Finally
10 ** merged in libelfsh/mapped.c
11 **
12 ** Last update Tue Jun  3 09:40:17 2003 mayhem
13 */
14 #include "elfsh.h"
15 
16 
17 #define		CMD_REMAP	"remap"
18 
19 
remap_cmd()20 int		remap_cmd()
21 {
22   elfshobj_t	*file;
23   elfshsect_t	*cur;
24   u_int		new_base;
25   u_int		real_base = 0xffffffff;
26   int		diff;
27   int		i;
28   int		cnt;
29   u_int		count_raw = 0;
30   u_int		count_pht = 0;
31   u_int		count_sht = 0;
32   u_int		count_ent = 0;
33 
34   /* Sanity checks */
35   i = sscanf(world.args.param[0], "0x%X", &new_base);
36   if (new_base == 0 || i != 1)
37     ELFSH_SETERROR("[elfsh] Invalid new base address\n", -1);
38   file = world.current;
39   if (elfsh_read_obj(file) < 0)
40     return (-1);
41   if (elfsh_get_symtab(file, NULL) < 0)
42     elfsh_error();
43 
44   /* Calculate delta */
45   real_base = elfsh_get_object_baseaddr(file);
46   if (real_base == 0xffffffff)
47     ELFSH_SETERROR("[elfsh:cmd_remap] Base address not found\n", -1);
48   if (new_base & 0xfff)
49     {
50       printf(" [*] Base address adapted to be congruent pagesize\n");
51       new_base &= 0xfffff000;
52     }
53   diff = new_base - real_base;
54   printf(" [*] Delta is %08X \n", diff);
55 
56   /* Update entry point */
57   if (file->hdr->e_entry > real_base)
58     {
59       file->hdr->e_entry += diff;
60       count_ent++;
61     }
62 
63   /* For all sections of the current object */
64   for (cur = file->sectlist; cur != NULL; cur = cur->next)
65     {
66       cnt = elfsh_relocate_section(cur, diff);
67       if (cnt < 0)
68 	{
69 	  printf(" [*] MODREMAP : Section %s wont be relocated\n", cur->name);
70 	  continue;
71 	}
72       count_raw += cnt;
73     }
74 
75   /* Fixup SHT */
76   count_sht += elfsh_reloc_sht(file, diff);
77 
78   /* Fixup PHT */
79   count_pht += elfsh_reloc_pht(file, diff);
80 
81   /* Print msg */
82   printf(" [*] Total number of modified references : %u \n"
83          "\t PHT relocation : %u \n"
84          "\t SHT relocation : %u \n"
85          "\t ENT relocation : %u \n"
86          "\t RAW relocation : %u \n",
87          count_pht + count_sht + count_ent + count_raw,
88          count_pht , count_sht , count_ent , count_raw);
89   printf(" [*] Remapping at base %08X -OK-\n\n", new_base);
90 
91   return (0);
92 }
93 
elfsh_init()94 void elfsh_init()
95 {
96   puts(" [*] ELFsh modremap init -OK- \n");
97   vm_addcmd(CMD_REMAP, remap_cmd, vm_getoption, 1);
98 }
99 
elfsh_fini()100 void elfsh_fini()
101 {
102   puts(" [*] ELFsh modremap fini -OK- \n");
103   vm_delcmd(CMD_REMAP);
104 }
105 
106