我如何从方案上查明ELF双手是否被篡改或破碎?
例如, 如果我删除ELF双手(或图书馆共用物体)的后半部分,并抄录随机案文,这将腐败,以后不会奏效。 我想弄清Iix ELF 32 binary 或UNIX 共有的C图书馆物体是否受到这种影响。
感谢。
我不肯定你的想法是什么,但验证ELF双亲的“正确方式”是使用像SHA-1、MD5等的讲卫生运动。
当你创建ELF档案时,你还使用这种HLM算法,即MD5, 并验证结果,创建“签字档案”。
例如,关于太阳系,你可以使用指挥系统制作1台MD5、SHA1、SHA256消化器。
# digest -a [algorithm] [/path/to/file] {-v}
So, to validate the "/bin/sh" to prevent modifcations, you should make
# digest -v -a md5 /bin/sh
md5 (/bin/sh) = f4ad35f5246f817d68f4895463d79b09
# digest -v -a sha1 /bin/sh
sha1 (/bin/sh) = aa3843a19f2225458d7e3e765f44e229a09c0ad0
# digest -v -a sha256 /bin/sh
sha256 (/bin/sh) = a5e1a0062bb6600f06e029ce58f500169e966400b173b7fba504d5cd4635f291
http://sparcki.blogspot.com/ donde-esta-md5-en-solaris.html 太阳能和如何使用MD5
If hashing is not the solution, you can use (on Solaris) commands to verify the ELF as elfdump and ldd
您可使用ldd-iv来核实共享图书馆的初始化
itily@openzooey:~/hello.world$ ldd -iv hello
find object=libc.so.1; required by hello
libc.so.1 => /lib/libc.so.1
find version=libc.so.1
libc.so.1 (SYSVABI_1.3) => /lib/libc.so.1
libc.so.1 (SUNWprivate_1.1) => /lib/libc.so.1
object=/lib/libc.so.1; filter for /usr/lib/ld.so.1
object=/lib/libc.so.1; filter for libm.so.2
find object=libm.so.2; required by /lib/libc.so.1
libm.so.2 => /lib/libm.so.2
find object=libc.so.1; required by /lib/libm.so.2
find version=libc.so.1
libc.so.1 (SUNW_1.1) => /lib/libc.so.1
libc.so.1 (SUNWprivate_1.1) => /lib/libc.so.1
init object=/lib/libc.so.1
• 制作电子轨道的核对表,可使用-k。
itily@openzooey:~/hello.world$ elfdump -k hello
elf checksum: 0x8922
但我想,如果你没有
我希望这是你所期待的,
Urko,
What is the pre requisite to be able to use Unix s rlogin command? Regards Chaitanya
I would like to know how to generate assembler code from a C program using Unix. I tried the gcc: gcc -c file.c I also used firstly cpp and then try as but I m getting errors. I m trying to build an ...
I am creating scripts which will store the contents of pipe delimited file. Each column is stored in a separate array. I then read the information from the arrays and process it. There are 20 pipe ...
This program supposed to find command line arguments entered on Unix which ends with “.exe”. For some reason it doesn t work. Here is the code: int main( int argc, char* argv[] ) { for ( int ...
So I created a symlink: ln -s /location/to/link linkname Now I want to change the location that the symlink links to. How do I do that? is there a way to do it without deleting it first?
I run a large data warehouse plant where we have a lot of nightly jobs running concerruently however many have dependencies on a extract or data load process before they start. Currently we use an ...
I ll write a program for Interactive UNIX (http://en.wikipedia.org/wiki/INTERACTIVE_UNIX). But in a year it will be ported to Windows. I ll write it in ANSI C and/or SH-script. When it runs on Windows ...
What are your recommendations for setting up a development environment in Windows, especially when not using an IDE. I am attempting to familiarize myself with Windows, and I feel a bit lost. What ...