{"id":2806,"date":"2021-02-19T15:40:54","date_gmt":"2021-02-19T14:40:54","guid":{"rendered":"https:\/\/andreas-klingler.de\/infosec\/?p=2806"},"modified":"2021-02-19T15:40:54","modified_gmt":"2021-02-19T14:40:54","slug":"binary-patching","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=2806","title":{"rendered":"Binary patching"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Overwrite functions with <span class=\"caps\">LD_PRELOAD<\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The <em><span class=\"caps\">LD_PRELOAD<\/span><\/em> envi\u00adron\u00adment vari\u00adable allows to inject a library which is loaded before the pro\u00adgram libraries. This means that it is pos\u00adsi\u00adble to redi\u00adrect the exe\u00adcu\u00adtion flow to an inject\u00aded func\u00adtion via an own library object.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over\u00adwrite func\u00adtions with <span class=\"caps\">LD_PRELOAD<\/span> The <span class=\"caps\">LD_PRELOAD<\/span> envi\u00adron\u00adment vari\u00adable allows to inject a library which is loaded before the pro\u00adgram libraries. This means that it is pos\u00adsi\u00adble to redi\u00adrect the exe\u00adcu\u00adtion flow to an inject\u00aded func\u00adtion via an own library object.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[355],"tags":[],"class_list":["post-2806","post","type-post","status-publish","format-standard","hentry","category-reverse-engineering"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/2806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2806"}],"version-history":[{"count":1,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/2806\/revisions"}],"predecessor-version":[{"id":2807,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/2806\/revisions\/2807"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}