Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- import sys, os, zlib, io
- from struct import pack, unpack
- def read_ntstr(f):
- bytes = 1
- str = ""
- chr = f.read(1)
- while ord(chr):
- str += chr
- bytes += 1
- chr = f.read(1)
- return (str, bytes)
- if len(sys.argv) < 2:
- print "Wrong"
- exit(1)
- file = sys.argv[1]
- name = sys.argv[2]
- size = int(sys.argv[3])
- f = open(file, "r+b")
- print "Opening %s" % file
- if tuple(unpack("<cccc",f.read(4))) == ('\x7f', 'E', 'L', 'F'):
- f.seek(40,0)
- shoff = (unpack("<Q",f.read(8)))[0]
- f.seek(10,1)
- shsize = (unpack("<H",f.read(2)))[0]
- shnum = (unpack("<H",f.read(2)))[0]
- shidx = (unpack("<H",f.read(2)))[0]
- print "SH Offset: %s, SH Num: %s, SH Size: %s, SH Index: %s" % (shoff, shnum, shsize, shidx)
- f.seek(shoff+(shidx * shsize),0)
- shtextoff = unpack("<IIQQQQIIQQ",f.read(shsize))[4]
- f.seek(shoff,0)
- for i in range(shnum):
- sh = unpack("<IIQQQQIIQQ",f.read(shsize))
- curpos = f.tell()
- f.seek(shtextoff+sh[0])
- realname = read_ntstr(f)[0]
- if realname == name:
- print "Name %s, offset: %s, size: %s" % (realname,sh[4], sh[5])
- # BEFORE
- f.seek(curpos-shsize,0)
- sh = unpack("<IIQQQQIIQQ",f.read(shsize))
- print "NAME: %s, TYPE: %s, FLAGS: %s, ADDR: %s, OFFSET: %s, SIZE: %s, LINK: %s, INFO: %s, ALIGN: %s, SIZE: %s" % (sh[0], sh[1], sh[2], sh[3], sh[4], sh[5], sh[6], sh[7], sh[8], sh[9])
- #
- print "Writing new size: %s at %s" % (size,f.tell())
- f.seek(curpos-shsize+4+4+8+8+8,0)
- f.write(pack('<Q', size))
- # AFTER
- f.seek(curpos-shsize,0)
- sh = unpack("<IIQQQQIIQQ",f.read(shsize))
- print "NAME: %s, TYPE: %s, FLAGS: %s, ADDR: %s, OFFSET: %s, SIZE: %s, LINK: %s, INFO: %s, ALIGN: %s, SIZE: %s" % (sh[0], sh[1], sh[2], sh[3], sh[4], sh[5], sh[6], sh[7], sh[8], sh[9])
- #
- break
- f.seek(curpos,0)
- else:
- print "Not valid ELF file"
- f.close()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement