Notes - MCS
Reverse Engineering
Notes - MCS
Reverse Engineering
  • Reverse Engineering
  • Introduction to Reverse Engineering
    • What is Reverse Engineering (RE)
    • RE Concepts
    • When do we have RE activities?
    • Why RE is Relevant and Required
    • Limitations of RE
    • Legal Framework
    • What RE Recovers?
    • Software Reversing
    • Low-level languages
  • Files and Filetypes
    • Files
    • File extensions
    • File Signature
    • Content Type Obfuscation
  • Android – Static Analysis
    • Java Language
    • Application Entry Points
    • Application Structure
    • AndroidManifest.xml
    • Exercise 1
    • Exercise 2
    • Exercise 3
    • Exercise 4
    • Native Applications
    • Java Native Interface
    • Android Native Development Kit (NDK)
    • Android binary libraries
    • JNI Dynamic Linking
    • JNI Static Linking
    • Exercise 5 and 6
    • Web and Hybrid applications
  • Android – Dynamic Analysis
    • Dynamic Analysis
    • Logs
    • Network MiTM
    • Certificate Pinning
    • Dynamic Code Instrumentation
    • Dynamic Binary Instrumentation
    • FRIDA
  • Binary Analysis
    • Binary Objects
    • Executable Symbols
    • What is inside an Object File?
    • ELF Files
    • ELF Program Headers
    • Dynamic Linker
      • Example
    • Binary Analysis Process
    • Function detection
    • Calling Conventions
    • Common Logic Structures
    • C++ code
  • Emulation and Instrumentation
    • Dynamic Binary Analysis
    • Considerations
    • Processes
    • Dynamic Binary Instrumentation (DBI)
    • DBI with Qiling
  • Obfuscation Techniques
    • Obfuscation Techniques
    • Content Type Obfuscation
    • Code Obfuscation
  • Serial Communication
    • Comunicação paralelo
    • Comunicação série
    • Sincronização entre transmissor e recetor
    • Sincronização de relógio
    • Transmissão de dados
    • Topologias de comunicação série
    • Elementos de uma ligação série
  • A interface RS-232C
    • RS-232C
    • Estrutura da trama
    • Camada física
    • Taxa de transmissão (baudrate)
    • Receção de dados
    • Identificar parâmetros de comunicaçãoIdentificar parâmetros de comunicação
    • Encontrar a UART
    • Captura de sinais
  • Norma SPI
    • Introdução
    • Descrição geral
    • Operação
    • Simulação do master SPI
    • Arquiteturas de ligação
    • Tipos de transferências
    • Configuração de um master SPI
    • Procedimento para identificação dos sinais
    • Exemplo
  • Norma I2C
    • Introdução
    • Caraterísticas básicas
    • Exemplo de interligação num barramento I2C
    • Terminologia
    • Masters e Slaves
    • Sinalização
    • Endereçamento
    • Transferência de dados
    • Clock stretching
    • Múltiplos masters
    • Arbitragem
    • Endereços reservados
Powered by GitBook
On this page
  • LD_LIBRARY_PATH
  • LD_BIND_NOW
  • LD_DEBUG
  • LD_PRELOAD
  1. Binary Analysis

Dynamic Linker

Vital for the loading process, and can help reverse a program.

  • Provide information about the loaded libraries.

  • Help to debug the linking process.

  • Force linking with custom libraries.

  • And many others.

Communication is achieved through environmental variables.

  • In the format LD_*.

  • Setting a variable, or setting a variable with a specific value, activates Linker features.

LD_LIBRARY_PATH

A list of directories in which to search for ELF libraries at execution time.

  • The items in the list are separated by either colons or semicolons.

  • A zero-length directory name indicates the current working directory.

Activating: LD_LIBRARY_PATH=libs ./progname.

  • Linker will look into ./libs while loading libraries for the program.

  • Allows having a different set of libraries for the program (E.g., debug versions).

LD_BIND_NOW

This causes the dynamic linker to resolve all symbols at program startup instead of deferring function call resolution to the point when they are first referenced.

  • Especially useful for debugging as all symbols point to their correct location.

Activated by setting the variable: LD_BIND_NOW=1 progname.

LD_DEBUG

Output verbose debugging information about the dynamic linking.

  • Allows tracing the operation of the linker.

  • Debug where libraries are loading from.

  • Determine if libraries are being loaded and which symbols trigger the event.

  • Determine the search path used in looking for libraries.

The content of this variable is one of more of the following categories, separated by colons/commas, and spaces:

  • help, all, bindings, files, reloc, scopes, statistics, symbols, unused, version.

Use: LD_DEBUG=option programname

LD_PRELOAD

A list of additional, user-specified, ELF shared objects to be loaded before all others.

  • This feature can be used to selectively override functions in other shared objects.

  • Symbols present in the provided ELF Shared objects are used instead of the original.

  • Only the functions available in the shared object will be overwritten.

Use: LD_PRELOAD=./liboverride.so progname

  • Useful to provide custom implementations of any function in the program.

  • Custom implementation can call the original implementation through manual symbol loading.

Last updated 1 year ago

LD_BIND_NOT not set
LD_BIND_NOW is set