Sorry guys. It's been a while. I'm near the end of Spring Semester with hectic things ahead.
In the mean time, I thought I would post something for us to chew.
Okay this post is about Self Modifying Code which I came across recently in my course work
where there was a line "The issues with Binary Translation (VMM) is Self Modifying Code".
Lets not look into VMM aspects, rather I shall restrict myself to the later.
What is Self Modifying Code?
Program that purposely alters its own instructions while executing.
Something like a chameleon :-)
If we write a code that improperly manipulates a buffer then its a self modifying code :-) leading to crash.
Questions arise as to why we need this kind of code for which I would suggest to read the wikipedia article for its usages.
Of-course one can use this to create viruses ! making life difficult for anti-virus programs / honeypots.
It is not the code that gets changed [ Of course it needs to :-) ] but the executable that needs to change while its running. This restricts us to OS specific.
Say suppose we have a program emitting some output. Now lets open the executable using
hex editor, modify the executable to emit a different one.
If we see windows updates, its evident that program which is in execution is closed, re-written and started again. Can't this be done while the program is in execution?
Consider a huge deployment where there is a small bug with respect to your component.
The fix is just adding a check or changing some macro.
Instead of rebuilding the entire component, is it possible to write a small piece of code ( a function ) which could tweak into image of running file and fixes the bug by altering it.
This would be of great help. isn't it ? :-)
So how do we do it? I'm also trying it.
In the mean time, you guys too can try.
Lets state our objective
a) We know the operating system where our "*.so || *.exe || *.sl" is running.
b) Our objective is to tweak this executable for a minor fix that was found in site deployment.
[Note : we are not supposed to restart the process]
Have fun while trying :)
In the mean time, I thought I would post something for us to chew.
Okay this post is about Self Modifying Code which I came across recently in my course work
where there was a line "The issues with Binary Translation (VMM) is Self Modifying Code".
Lets not look into VMM aspects, rather I shall restrict myself to the later.
What is Self Modifying Code?
Program that purposely alters its own instructions while executing.
Something like a chameleon :-)
If we write a code that improperly manipulates a buffer then its a self modifying code :-) leading to crash.
Questions arise as to why we need this kind of code for which I would suggest to read the wikipedia article for its usages.
Of-course one can use this to create viruses ! making life difficult for anti-virus programs / honeypots.
It is not the code that gets changed [ Of course it needs to :-) ] but the executable that needs to change while its running. This restricts us to OS specific.
Say suppose we have a program emitting some output. Now lets open the executable using
hex editor, modify the executable to emit a different one.
If we see windows updates, its evident that program which is in execution is closed, re-written and started again. Can't this be done while the program is in execution?
Consider a huge deployment where there is a small bug with respect to your component.
The fix is just adding a check or changing some macro.
Instead of rebuilding the entire component, is it possible to write a small piece of code ( a function ) which could tweak into image of running file and fixes the bug by altering it.
This would be of great help. isn't it ? :-)
So how do we do it? I'm also trying it.
In the mean time, you guys too can try.
Lets state our objective
a) We know the operating system where our "*.so || *.exe || *.sl" is running.
b) Our objective is to tweak this executable for a minor fix that was found in site deployment.
[Note : we are not supposed to restart the process]
Have fun while trying :)
