This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: develop a 'customized ld'





From: Nick Clifton <nickc@redhat.com>
To: sean yang <seanatpurdue@hotmail.com>
CC: ramaseshan.ravi@gmail.com, binutils@sourceware.org
Subject: Re: develop a 'customized ld'
Date: Fri, 30 Sep 2005 12:02:45 +0100

Hi Sean,

I would like to collect the information of call to some libc functions.

Why not use the "--wrap <func-name>" linker command line switch ? That way you can intercept calls to specific libc functions, add your own wrapper code to collect the information you require and then call the normal libc version.


I want to have the code obfuscated at link time also, say, insert some junk(nop) to prevent others understanding it easily.

This is a separate issue. As a general principle I would argue against obfuscation, it should never really be needed. If you must do it, then just inserting junk instructions is not really going to help. They can easily be detected and ignored by a determined examiner. Your best bet would be to encrypt the binary and hope that you can keep your keys safe so that an unauthorized viewer cannot decode the executable.
~~~~~~~~~~~~~~~~~~~~~
I totally agree with you that obfuscation can never prevent a determinated reverse engineer. But
my goal was to deter an automatic binary analyzer(please see my previous post for the example how objdump fails in some cases).




Getting back to your original question:


Could someone give me some hint where should I start? Can any expert
> assess the difficulty of achieving such functionality?

Conceptually intercepting certain instructions and modifying them is very similar to relaxation, so I would suggest that you look at the linker's support for this feature. Have a look at the various *_relax_section() functions in the bfd/ directory for examples of this.

As for difficulty - well this is not really something I would ask a binutils newbie to do. You have the potential to corrupt the binaries you are producing in quite nasty and/or subtle ways. Good luck though!

Cheers
  Nick


_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]