Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python3
- from keystone import *
- with open('copy_to_patch', 'rb+') as f:
- CODE = "call 0x570" # file offset of PLT entry of __cxa_finalize
- ks = Ks(KS_ARCH_X86, KS_MODE_64) # initialize keystone for x86-64 arch
- encoding, count = ks.asm(CODE, 0x6f1) # CALL to `detour_me` is made in main() at file offset 0x6f1
- print("encoding of 'call 0x570': %s\n" % bytearray(encoding).hex())
- f.seek(0x6f1) # seek to file offset of CALL
- f.write(bytearray(encoding))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement