Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-17 06:28:27 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/reversing-and-exploiting/linux-exploiting-basic-esp/elf-tricks.md

411 lines
25 KiB
Markdown
Raw Normal View History

Translated to Swahili
2024-02-11 02:13:58 +00:00
# Mbinu za ELF
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
<details>
Translated to Swahili
2024-02-11 02:13:58 +00:00
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
* Je, unafanya kazi katika **kampuni ya usalama wa mtandao**? Je, ungependa kuona **kampuni yako ikionekana katika HackTricks**? Au ungependa kupata ufikiaji wa **toleo jipya zaidi la PEASS au kupakua HackTricks kwa PDF**? Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* **Jiunge na** [**💬**](https://emojipedia.org/speech-balloon/) [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **nifuatilie** kwenye **Twitter** 🐦[**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**repo ya hacktricks**](https://github.com/carlospolop/hacktricks) **na** [**repo ya hacktricks-cloud**](https://github.com/carlospolop/hacktricks-cloud).
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
</details>
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Vichwa vya Programu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Vinaelezea jinsi ya kupakia ELF kwenye kumbukumbu:
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```bash
readelf -lW lnstat
Elf file type is DYN (Position-Independent Executable file)
Entry point 0x1c00
There are 9 program headers, starting at offset 64
Program Headers:
Translated to Swahili
2024-02-11 02:13:58 +00:00
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000040 0x0000000000000040 0x0000000000000040 0x0001f8 0x0001f8 R 0x8
INTERP 0x000238 0x0000000000000238 0x0000000000000238 0x00001b 0x00001b R 0x1
[Requesting program interpreter: /lib/ld-linux-aarch64.so.1]
LOAD 0x000000 0x0000000000000000 0x0000000000000000 0x003f7c 0x003f7c R E 0x10000
LOAD 0x00fc48 0x000000000001fc48 0x000000000001fc48 0x000528 0x001190 RW 0x10000
DYNAMIC 0x00fc58 0x000000000001fc58 0x000000000001fc58 0x000200 0x000200 RW 0x8
NOTE 0x000254 0x0000000000000254 0x0000000000000254 0x0000e0 0x0000e0 R 0x4
GNU_EH_FRAME 0x003610 0x0000000000003610 0x0000000000003610 0x0001b4 0x0001b4 R 0x4
GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10
GNU_RELRO 0x00fc48 0x000000000001fc48 0x000000000001fc48 0x0003b8 0x0003b8 R 0x1
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.gnu.build-id .note.ABI-tag .note.package .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame
03 .init_array .fini_array .dynamic .got .data .bss
04 .dynamic
05 .note.gnu.build-id .note.ABI-tag .note.package
06 .eh_frame_hdr
07
08 .init_array .fini_array .dynamic .got
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
Programu iliyotangulia ina **vichwa vya programu 9**, kisha, **ramani ya sehemu** inaonyesha katika kichwa cha programu (kutoka 00 hadi 08) **kila sehemu ilipo**.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### PHDR - Kichwa cha Programu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Ina meza za vichwa vya programu na metadata yenyewe.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### INTERP
Translated to Swahili
2024-02-11 02:13:58 +00:00
Inaonyesha njia ya mzigo ya kutumia kwa kusoma faili ya binary kwenye kumbukumbu.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### LOAD
Translated to Swahili
2024-02-11 02:13:58 +00:00
Vichwa hivi hutumiwa kuonyesha **jinsi ya kusoma faili ya binary kwenye kumbukumbu.**\
Kila kichwa cha **LOAD** kinaonyesha eneo la **kumbukumbu** (ukubwa, ruhusa, na usawazishaji) na inaonyesha herufi za ELF **binary zinazohitaji kuwekwa hapo**.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kwa mfano, cha pili kina ukubwa wa 0x1190, kinapaswa kuwa kwenye 0x1fc48 na ruhusa za kusoma na kuandika na kitajazwa na 0x528 kutoka kwenye offset 0xfc48 (hakijai kujaza nafasi yote iliyohifadhiwa). Kumbukumbu hii italeta sehemu `.init_array .fini_array .dynamic .got .data .bss`.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### DYNAMIC
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kichwa hiki husaidia kuunganisha programu na tegemezi zake za maktaba na kutekeleza marekebisho. Angalia sehemu ya **`.dynamic`**.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### NOTE
Translated to Swahili
2024-02-11 02:13:58 +00:00
Hifadhi habari za metadata za muuzaji kuhusu faili ya binary.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### GNU\_EH\_FRAME
Translated to Swahili
2024-02-11 02:13:58 +00:00
Inafafanua eneo la meza za kufungua vifurushi vya safu ya mizunguko ya stack, inayotumiwa na wachunguzi na kazi za kushughulikia-utendaji wa kipekee wa C++.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### GNU\_STACK
Translated to Swahili
2024-02-11 02:13:58 +00:00
Ina mazingira ya ulinzi wa kuzuia utekelezaji wa stack. Ikiwa imeamilishwa, faili ya binary haitaweza kutekeleza nambari kutoka kwenye stack.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### GNU\_RELRO
Translated to Swahili
2024-02-11 02:13:58 +00:00
Inaonyesha usanidi wa RELRO (Relocation Read-Only) wa faili ya binary. Ulinzi huu utaweka alama sehemu fulani za kumbukumbu kama kusoma tu (kama vile `GOT` au meza za `init` na `fini`) baada ya programu kusomwa na kabla haijaanza kukimbia.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Katika mfano uliotangulia, inaiga herufi 0x3b8 kwenye 0x1fc48 kama kusoma tu na kuathiri sehemu `.init_array .fini_array .dynamic .got .data .bss`.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Tafadhali kumbuka kuwa RELRO inaweza kuwa ya sehemu au kamili, toleo la sehemu halilindi sehemu ya **`.plt.got`**, ambayo hutumiwa kwa **kufunga kuchelewa** na inahitaji nafasi hii ya kumbukumbu kuwa na **ruhusa za kuandika** ili kuandika anwani za maktaba wakati wa kutafuta mahali pa kwanza.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
### TLS
Translated to Swahili
2024-02-11 02:13:58 +00:00
Inafafanua meza ya vitu vya TLS, ambavyo huhifadhi habari kuhusu pembejeo za mchakato wa ndani wa wateja.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Vichwa vya Sehemu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Vichwa vya sehemu hutoa mtazamo wa kina zaidi wa faili ya binary ya ELF
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
objdump lnstat -h
lnstat: file format elf64-littleaarch64
Sections:
Idx Name Size VMA LMA File off Algn
Translated to Swahili
2024-02-11 02:13:58 +00:00
0 .interp 0000001b 0000000000000238 0000000000000238 00000238 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
1 .note.gnu.build-id 00000024 0000000000000254 0000000000000254 00000254 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
2 .note.ABI-tag 00000020 0000000000000278 0000000000000278 00000278 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .note.package 0000009c 0000000000000298 0000000000000298 00000298 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .gnu.hash 0000001c 0000000000000338 0000000000000338 00000338 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .dynsym 00000498 0000000000000358 0000000000000358 00000358 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .dynstr 000001fe 00000000000007f0 00000000000007f0 000007f0 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
7 .gnu.version 00000062 00000000000009ee 00000000000009ee 000009ee 2**1
CONTENTS, ALLOC, LOAD, READONLY, DATA
8 .gnu.version_r 00000050 0000000000000a50 0000000000000a50 00000a50 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
9 .rela.dyn 00000228 0000000000000aa0 0000000000000aa0 00000aa0 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
10 .rela.plt 000003c0 0000000000000cc8 0000000000000cc8 00000cc8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
11 .init 00000018 0000000000001088 0000000000001088 00001088 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
12 .plt 000002a0 00000000000010a0 00000000000010a0 000010a0 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
13 .text 00001c34 0000000000001340 0000000000001340 00001340 2**6
CONTENTS, ALLOC, LOAD, READONLY, CODE
14 .fini 00000014 0000000000002f74 0000000000002f74 00002f74 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
15 .rodata 00000686 0000000000002f88 0000000000002f88 00002f88 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
16 .eh_frame_hdr 000001b4 0000000000003610 0000000000003610 00003610 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
17 .eh_frame 000007b4 00000000000037c8 00000000000037c8 000037c8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
18 .init_array 00000008 000000000001fc48 000000000001fc48 0000fc48 2**3
CONTENTS, ALLOC, LOAD, DATA
19 .fini_array 00000008 000000000001fc50 000000000001fc50 0000fc50 2**3
CONTENTS, ALLOC, LOAD, DATA
20 .dynamic 00000200 000000000001fc58 000000000001fc58 0000fc58 2**3
CONTENTS, ALLOC, LOAD, DATA
21 .got 000001a8 000000000001fe58 000000000001fe58 0000fe58 2**3
CONTENTS, ALLOC, LOAD, DATA
22 .data 00000170 0000000000020000 0000000000020000 00010000 2**3
CONTENTS, ALLOC, LOAD, DATA
23 .bss 00000c68 0000000000020170 0000000000020170 00010170 2**3
ALLOC
24 .gnu_debugaltlink 00000049 0000000000000000 0000000000000000 00010170 2**0
CONTENTS, READONLY
25 .gnu_debuglink 00000034 0000000000000000 0000000000000000 000101bc 2**2
CONTENTS, READONLY
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
Pia inaonyesha mahali, kisanduku, ruhusa lakini pia **aina ya data** sehemu inayo.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### Sehemu za Meta
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
* **Jedwali la herufi**: Ina zawadi zote zinazohitajika na faili ya ELF (lakini sio zile zinazotumiwa na programu). Kwa mfano, ina majina ya sehemu kama vile `.text` au `.data`. Na ikiwa `.text` iko kwenye kisanduku cha herufi kwenye kisanduku, itatumia nambari **45** kwenye uga wa **jina**.
* Ili kupata wapi kisanduku cha herufi kinapatikana, ELF ina kipanya kwa kisanduku cha herufi.
* **Jedwali la alama**: Ina habari kuhusu alama kama vile jina (kipanya kwenye kisanduku cha herufi), anwani, ukubwa na metadata zaidi kuhusu alama.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### Sehemu Kuu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
* **`.text`**: Maagizo ya programu ya kukimbia.
* **`.data`**: Visanduku vya kimataifa na thamani iliyowekwa katika programu.
* **`.bss`**: Visanduku vya kimataifa visivyo na thamani (au kuanzishwa kuwa sifuri). Visanduku hapa vinainishwa moja kwa moja kuwa sifuri hivyo kuzuia sifuri zisizo na maana kuongezwa kwenye faili ya binary.
* **`.rodata`**: Visanduku vya kimataifa vya kudumu (sehemu isiyoweza kusomwa).
* **`.tdata`** na **`.tbss`**: Kama .data na .bss wakati wa kutumia visanduku vya eneo la mada (`__thread_local` katika C++ au `__thread` katika C).
* **`.dynamic`**: Angalia hapa chini.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Alama
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Alama ni eneo lenye jina katika programu ambalo linaweza kuwa kazi, kitu cha data cha kimataifa, visanduku vya eneo la mada ...
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
readelf -s lnstat
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Symbol table '.dynsym' contains 49 entries:
Translated to Swahili
2024-02-11 02:13:58 +00:00
Num: Value Size Type Bind Vis Ndx Name
0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND
1: 0000000000001088 0 SECTION LOCAL DEFAULT 12 .init
2: 0000000000020000 0 SECTION LOCAL DEFAULT 23 .data
3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND strtok@GLIBC_2.17 (2)
4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND s[...]@GLIBC_2.17 (2)
5: 0000000000000000 0 FUNC GLOBAL DEFAULT UND strlen@GLIBC_2.17 (2)
6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fputs@GLIBC_2.17 (2)
7: 0000000000000000 0 FUNC GLOBAL DEFAULT UND exit@GLIBC_2.17 (2)
8: 0000000000000000 0 FUNC GLOBAL DEFAULT UND _[...]@GLIBC_2.34 (3)
9: 0000000000000000 0 FUNC GLOBAL DEFAULT UND perror@GLIBC_2.17 (2)
10: 0000000000000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterT[...]
11: 0000000000000000 0 FUNC WEAK DEFAULT UND _[...]@GLIBC_2.17 (2)
12: 0000000000000000 0 FUNC GLOBAL DEFAULT UND putc@GLIBC_2.17 (2)
[...]
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kila kuingia kwa alama ina:
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
* **Jina**
* **Vipengele vya kufunga** (dhaifu, ndani au kubwa): Alama ya ndani inaweza kupatikana tu na programu yenyewe wakati alama kubwa zinashirikiwa nje ya programu. Kitu dhaifu ni kwa mfano kazi ambayo inaweza kubadilishwa na nyingine.
* **Aina**: NOTYPE (aina haikufafanuliwa), OBJECT (data ya kawaida ya ulimwengu), FUNC (kazi), SECTION (sehemu), FILE (faili ya msimbo wa chanzo kwa wachunguzi), TLS (variable ya ndani ya wateja), GNU\_IFUNC (kazi isiyo ya moja kwa moja kwa ajili ya uhamishaji)
* **Sehemu** ya index ambapo iko
* **Thamani** (anwani kwenye kumbukumbu)
* **Ukubwa**
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Sehemu ya Kudumu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
readelf -d lnstat
Dynamic section at offset 0xfc58 contains 28 entries:
Translated to Swahili
2024-02-11 02:13:58 +00:00
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
0x0000000000000001 (NEEDED) Shared library: [ld-linux-aarch64.so.1]
0x000000000000000c (INIT) 0x1088
0x000000000000000d (FINI) 0x2f74
0x0000000000000019 (INIT_ARRAY) 0x1fc48
0x000000000000001b (INIT_ARRAYSZ) 8 (bytes)
0x000000000000001a (FINI_ARRAY) 0x1fc50
0x000000000000001c (FINI_ARRAYSZ) 8 (bytes)
0x000000006ffffef5 (GNU_HASH) 0x338
0x0000000000000005 (STRTAB) 0x7f0
0x0000000000000006 (SYMTAB) 0x358
0x000000000000000a (STRSZ) 510 (bytes)
0x000000000000000b (SYMENT) 24 (bytes)
0x0000000000000015 (DEBUG) 0x0
0x0000000000000003 (PLTGOT) 0x1fe58
0x0000000000000002 (PLTRELSZ) 960 (bytes)
0x0000000000000014 (PLTREL) RELA
0x0000000000000017 (JMPREL) 0xcc8
0x0000000000000007 (RELA) 0xaa0
0x0000000000000008 (RELASZ) 552 (bytes)
0x0000000000000009 (RELAENT) 24 (bytes)
0x000000000000001e (FLAGS) BIND_NOW
0x000000006ffffffb (FLAGS_1) Flags: NOW PIE
0x000000006ffffffe (VERNEED) 0xa50
0x000000006fffffff (VERNEEDNUM) 2
0x000000006ffffff0 (VERSYM) 0x9ee
0x000000006ffffff9 (RELACOUNT) 15
0x0000000000000000 (NULL) 0x0
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
Directory ya NEEDED inaonyesha kuwa programu **inahitaji kupakia maktaba iliyotajwa** ili iendelee. Directory ya NEEDED inakamilika mara tu maktaba ya pamoja **inapokuwa tayari kwa matumizi na inafanya kazi vizuri**.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Uhamishaji
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Loader pia lazima uhamishe tegemezi baada ya kuyapakia. Uhamishaji huu unaonyeshwa katika jedwali la uhamishaji kwa muundo wa REL au RELA na idadi ya uhamishaji inatolewa katika sehemu za kudumu RELSZ au RELASZ.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```
readelf -r lnstat
Relocation section '.rela.dyn' at offset 0xaa0 contains 23 entries:
Translated to Swahili
2024-02-11 02:13:58 +00:00
Offset Info Type Sym. Value Sym. Name + Addend
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
00000001fc48 000000000403 R_AARCH64_RELATIV 1d10
00000001fc50 000000000403 R_AARCH64_RELATIV 1cc0
00000001fff0 000000000403 R_AARCH64_RELATIV 1340
000000020008 000000000403 R_AARCH64_RELATIV 20008
000000020010 000000000403 R_AARCH64_RELATIV 3330
000000020030 000000000403 R_AARCH64_RELATIV 3338
000000020050 000000000403 R_AARCH64_RELATIV 3340
000000020070 000000000403 R_AARCH64_RELATIV 3348
000000020090 000000000403 R_AARCH64_RELATIV 3350
0000000200b0 000000000403 R_AARCH64_RELATIV 3358
0000000200d0 000000000403 R_AARCH64_RELATIV 3360
0000000200f0 000000000403 R_AARCH64_RELATIV 3370
000000020110 000000000403 R_AARCH64_RELATIV 3378
000000020130 000000000403 R_AARCH64_RELATIV 3380
000000020150 000000000403 R_AARCH64_RELATIV 3388
00000001ffb8 000a00000401 R_AARCH64_GLOB_DA 0000000000000000 _ITM_deregisterTM[...] + 0
00000001ffc0 000b00000401 R_AARCH64_GLOB_DA 0000000000000000 __cxa_finalize@GLIBC_2.17 + 0
00000001ffc8 000f00000401 R_AARCH64_GLOB_DA 0000000000000000 stderr@GLIBC_2.17 + 0
00000001ffd0 001000000401 R_AARCH64_GLOB_DA 0000000000000000 optarg@GLIBC_2.17 + 0
00000001ffd8 001400000401 R_AARCH64_GLOB_DA 0000000000000000 stdout@GLIBC_2.17 + 0
00000001ffe0 001e00000401 R_AARCH64_GLOB_DA 0000000000000000 __gmon_start__ + 0
00000001ffe8 001f00000401 R_AARCH64_GLOB_DA 0000000000000000 __stack_chk_guard@GLIBC_2.17 + 0
00000001fff8 002e00000401 R_AARCH64_GLOB_DA 0000000000000000 _ITM_registerTMCl[...] + 0
Relocation section '.rela.plt' at offset 0xcc8 contains 40 entries:
Translated to Swahili
2024-02-11 02:13:58 +00:00
Offset Info Type Sym. Value Sym. Name + Addend
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
00000001fe70 000300000402 R_AARCH64_JUMP_SL 0000000000000000 strtok@GLIBC_2.17 + 0
00000001fe78 000400000402 R_AARCH64_JUMP_SL 0000000000000000 strtoul@GLIBC_2.17 + 0
00000001fe80 000500000402 R_AARCH64_JUMP_SL 0000000000000000 strlen@GLIBC_2.17 + 0
00000001fe88 000600000402 R_AARCH64_JUMP_SL 0000000000000000 fputs@GLIBC_2.17 + 0
00000001fe90 000700000402 R_AARCH64_JUMP_SL 0000000000000000 exit@GLIBC_2.17 + 0
00000001fe98 000800000402 R_AARCH64_JUMP_SL 0000000000000000 __libc_start_main@GLIBC_2.34 + 0
00000001fea0 000900000402 R_AARCH64_JUMP_SL 0000000000000000 perror@GLIBC_2.17 + 0
00000001fea8 000b00000402 R_AARCH64_JUMP_SL 0000000000000000 __cxa_finalize@GLIBC_2.17 + 0
00000001feb0 000c00000402 R_AARCH64_JUMP_SL 0000000000000000 putc@GLIBC_2.17 + 0
00000001feb8 000d00000402 R_AARCH64_JUMP_SL 0000000000000000 opendir@GLIBC_2.17 + 0
00000001fec0 000e00000402 R_AARCH64_JUMP_SL 0000000000000000 fputc@GLIBC_2.17 + 0
00000001fec8 001100000402 R_AARCH64_JUMP_SL 0000000000000000 snprintf@GLIBC_2.17 + 0
00000001fed0 001200000402 R_AARCH64_JUMP_SL 0000000000000000 __snprintf_chk@GLIBC_2.17 + 0
00000001fed8 001300000402 R_AARCH64_JUMP_SL 0000000000000000 malloc@GLIBC_2.17 + 0
00000001fee0 001500000402 R_AARCH64_JUMP_SL 0000000000000000 gettimeofday@GLIBC_2.17 + 0
00000001fee8 001600000402 R_AARCH64_JUMP_SL 0000000000000000 sleep@GLIBC_2.17 + 0
00000001fef0 001700000402 R_AARCH64_JUMP_SL 0000000000000000 __vfprintf_chk@GLIBC_2.17 + 0
00000001fef8 001800000402 R_AARCH64_JUMP_SL 0000000000000000 calloc@GLIBC_2.17 + 0
00000001ff00 001900000402 R_AARCH64_JUMP_SL 0000000000000000 rewind@GLIBC_2.17 + 0
00000001ff08 001a00000402 R_AARCH64_JUMP_SL 0000000000000000 strdup@GLIBC_2.17 + 0
00000001ff10 001b00000402 R_AARCH64_JUMP_SL 0000000000000000 closedir@GLIBC_2.17 + 0
00000001ff18 001c00000402 R_AARCH64_JUMP_SL 0000000000000000 __stack_chk_fail@GLIBC_2.17 + 0
00000001ff20 001d00000402 R_AARCH64_JUMP_SL 0000000000000000 strrchr@GLIBC_2.17 + 0
00000001ff28 001e00000402 R_AARCH64_JUMP_SL 0000000000000000 __gmon_start__ + 0
00000001ff30 002000000402 R_AARCH64_JUMP_SL 0000000000000000 abort@GLIBC_2.17 + 0
00000001ff38 002100000402 R_AARCH64_JUMP_SL 0000000000000000 feof@GLIBC_2.17 + 0
00000001ff40 002200000402 R_AARCH64_JUMP_SL 0000000000000000 getopt_long@GLIBC_2.17 + 0
00000001ff48 002300000402 R_AARCH64_JUMP_SL 0000000000000000 __fprintf_chk@GLIBC_2.17 + 0
00000001ff50 002400000402 R_AARCH64_JUMP_SL 0000000000000000 strcmp@GLIBC_2.17 + 0
00000001ff58 002500000402 R_AARCH64_JUMP_SL 0000000000000000 free@GLIBC_2.17 + 0
00000001ff60 002600000402 R_AARCH64_JUMP_SL 0000000000000000 readdir64@GLIBC_2.17 + 0
00000001ff68 002700000402 R_AARCH64_JUMP_SL 0000000000000000 strndup@GLIBC_2.17 + 0
00000001ff70 002800000402 R_AARCH64_JUMP_SL 0000000000000000 strchr@GLIBC_2.17 + 0
00000001ff78 002900000402 R_AARCH64_JUMP_SL 0000000000000000 fwrite@GLIBC_2.17 + 0
00000001ff80 002a00000402 R_AARCH64_JUMP_SL 0000000000000000 fflush@GLIBC_2.17 + 0
00000001ff88 002b00000402 R_AARCH64_JUMP_SL 0000000000000000 fopen64@GLIBC_2.17 + 0
00000001ff90 002c00000402 R_AARCH64_JUMP_SL 0000000000000000 __isoc99_sscanf@GLIBC_2.17 + 0
00000001ff98 002d00000402 R_AARCH64_JUMP_SL 0000000000000000 strncpy@GLIBC_2.17 + 0
00000001ffa0 002f00000402 R_AARCH64_JUMP_SL 0000000000000000 __assert_fail@GLIBC_2.17 + 0
00000001ffa8 003000000402 R_AARCH64_JUMP_SL 0000000000000000 fgets@GLIBC_2.17 + 0
Translated to Swahili
2024-02-11 02:13:58 +00:00
```swahili
00000001ff80 002a00000402 R_AARCH64_JUMP_SL 0000000000000000 fflush@GLIBC_2.17 + 0
00000001ff88 002b00000402 R_AARCH64_JUMP_SL 0000000000000000 fopen64@GLIBC_2.17 + 0
00000001ff90 002c00000402 R_AARCH64_JUMP_SL 0000000000000000 __isoc99_sscanf@GLIBC_2.17 + 0
00000001ff98 002d00000402 R_AARCH64_JUMP_SL 0000000000000000 strncpy@GLIBC_2.17 + 0
00000001ffa0 002f00000402 R_AARCH64_JUMP_SL 0000000000000000 __assert_fail@GLIBC_2.17 + 0
00000001ffa8 003000000402 R_AARCH64_JUMP_SL 0000000000000000 fgets@GLIBC_2.17 + 0
```
### Uhamisho wa Stati
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Ikiwa **programu imepakia mahali tofauti** na anwani iliyopendelewa (kawaida 0x400000) kwa sababu anwani hiyo tayari inatumika au kwa sababu ya **ASLR** au sababu nyingine yoyote, uhamisho wa stati **unasahihisha viashiria** ambavyo vilikuwa na thamani inayotarajia binary ipakuliwe katika anwani iliyopendelewa.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kwa mfano, sehemu yoyote ya aina `R_AARCH64_RELATIV` inapaswa kubadilisha anwani kwenye kigeuzi cha uhamisho pamoja na thamani ya kuongeza.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### Uhamisho wa Kudumu na GOT
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Uhamisho pia unaweza kurejelea ishara ya nje (kama kazi kutoka kwa tegemezi). Kama vile kazi ya malloc kutoka libC. Kisha, wakati mzigo wa libC katika anwani inayochunguza wapi kazi ya malloc imepakuliwa, itaandika anwani hii kwenye jedwali la GOT (Global Offset Table) (inayoonyeshwa katika jedwali la uhamisho) ambapo anwani ya malloc inapaswa kutajwa.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### Jedwali la Uhusiano wa Taratibu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Sehemu ya PLT inaruhusu kufanya uunganishaji wa uvivu, ambao unamaanisha kwamba ufumbuzi wa eneo la kazi utafanywa mara ya kwanza unapofikiwa.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kwa hivyo, wakati programu inaita malloc, kimsingi inaita eneo husika la `malloc` katika PLT (`malloc@plt`). Mara ya kwanza inaitwa, inatatua anwani ya `malloc` na kuihifadhi ili wakati ujao `malloc` inaitwa, anwani hiyo itatumika badala ya msimbo wa PLT.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Uzinduzi wa Programu
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Baada ya programu kupakiwa, ni wakati wake wa kukimbia. Walakini, msimbo wa kwanza unaoruka **siyo daima `main`**. Hii ni kwa sababu, kwa mfano, katika C++ ikiwa **kivinjari cha kawaida ni kitu cha darasa**, kivinjari hiki lazima kiwe **kimezinduliwa kabla** ya kukimbia kwa `main`, kama vile:
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```cpp
#include <stdio.h>
// g++ autoinit.cpp -o autoinit
class AutoInit {
Translated to Swahili
2024-02-11 02:13:58 +00:00
public:
AutoInit() {
printf("Hello AutoInit!\n");
}
~AutoInit() {
printf("Goodbye AutoInit!\n");
}
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
};
AutoInit autoInit;
int main() {
Translated to Swahili
2024-02-11 02:13:58 +00:00
printf("Main\n");
return 0;
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
}
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
Tafadhali kumbuka kuwa hizi ni variables za kawaida zilizopo katika `.data` au `.bss` lakini katika orodha `__CTOR_LIST__` na `__DTOR_LIST__` vitu vya kuanzisha na kuharibu vimehifadhiwa ili kufuatilia vitu hivyo.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kutoka kwenye msimbo wa C, ni rahisi kupata matokeo sawa kwa kutumia GNU extensions:
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
```c
__attributte__((constructor)) //Add a constructor to execute before
__attributte__((destructor)) //Add to the destructor list
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kutoka kwa mtazamo wa compiler, ili kutekeleza hatua hizi kabla na baada ya kazi ya kazi ya `main`, ni muhimu kuunda kazi ya `init` na kazi ya `fini` ambazo zitarejelewa katika sehemu ya kazi ya kazi ya ELF kama **`INIT`** na **`FIN`**. na zinawekwa katika sehemu za `init` na `fini` za ELF.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Chaguo lingine, kama ilivyotajwa, ni kurejelea orodha za **`__CTOR_LIST__`** na **`__DTOR_LIST__`** katika vitu vya **`INIT_ARRAY`** na **`FINI_ARRAY`** katika sehemu ya kuingizwa kwa harakati na urefu wa hizi unatajwa na **`INIT_ARRAYSZ`** na **`FINI_ARRAYSZ`**. Kila kuingizwa ni ishara ya kazi ambayo itaitwa bila hoja.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Zaidi ya hayo, ni muhimu pia kuwa na **`PREINIT_ARRAY`** na **pointers** ambazo zitatekelezwa **kabla** ya **pointers** za **`INIT_ARRAY`**.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### Mpangilio wa Utekelezaji
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
1. Programu inapakia kumbukani, pembejeo za kawaida za kikoa zinaanzishwa katika **`.data`** na zisizo na pembejeo zinafutwa katika **`.bss`**.
2. **Dependencies** zote za programu au maktaba zinaanzishwa na kutekelezwa kwa kiungo cha harakati.
3. Kazi za **`PREINIT_ARRAY`** zinatekelezwa.
4. Kazi za **`INIT_ARRAY`** zinatekelezwa.
5. Ikiwa kuna kuingizwa la **`INIT`**, linaitwa.
6. Ikiwa ni maktaba, dlopen inaishia hapa, ikiwa ni programu, ni wakati wa kuita **sehemu ya kuingia halisi** (kazi ya `main`).
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Uhifadhi wa Muhula (TLS)
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Hii inatumiwa kwa kutumia neno la msimbo **`__thread_local`** katika C++ au ugani wa GNU **`__thread`**.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kila mfuatano utahifadhi eneo la kipekee kwa pembejeo hii ili pembejeo iweze kupata pembejeo yake.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Wakati huu unapotumiwa, sehemu za **`.tdata`** na **`.tbss`** hutumiwa katika ELF. Ambazo ni kama `.data` (zimeanzishwa) na `.bss` (hazijaanzishwa) lakini kwa TLS.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Kila pembejeo itakuwa na kuingizwa katika kichwa cha TLS kinachotaja ukubwa na kizingiti cha TLS, ambacho ni kizingiti kitakachotumiwa katika eneo la data la kipekee la mfuatano.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
`__TLS_MODULE_BASE` ni ishara inayotumiwa kurejelea anwani ya msingi ya uhifadhi wa kipekee wa mfuatano na inaelekeza kwenye eneo kumbukumbu ambalo lina data zote za kipekee za mfuatano wa kikoa.
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
<details>
Translated to Swahili
2024-02-11 02:13:58 +00:00
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
* Je, unafanya kazi katika **kampuni ya usalama wa mtandao**? Je, ungependa kuona **kampuni yako ikionekana katika HackTricks**? Au ungependa kupata upatikanaji wa **toleo jipya zaidi la PEASS au kupakua HackTricks kwa PDF**? Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* **Jiunge na** [**💬**](https://emojipedia.org/speech-balloon/) [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au **kikundi cha telegram**](https://t.me/peass) au **nifuate** kwenye **Twitter** 🐦[**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa** [**repo ya hacktricks**](https://github.com/carlospolop/hacktricks) **na** [**repo ya hacktricks-cloud**](https://github.com/carlospolop/hacktricks-cloud).
GITBOOK-4230: change request with no subject merged in GitBook
2024-01-10 00:59:55 +00:00
</details>
Reference in a new issue Copy permalink