PatchELF: Simple utility for modifying existing ELF executables and libraries

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • patchelf

    A small utility to modify the dynamic linker and RPATH of ELF executables

  • mithril

    In Soviet Russia, Mithril forges ELF. (by jbangert)

    I built a (research) library a few years ago to rewrite ELF binaries; our research projects ran into a lot of limitations with doing incremental patches to a binary (ELF has a lot of redundant representations of the same data). For us, parsing the binary into a normalized representation, modifying that, and re-serializing worked — we could make more intrusive changes to the binary, and (almost? I don’t recall anything breaking) everything in the Debian repos still ran after the binaries has been rewritten.

    I expect the library is now woefully out of date, and documentation is mostly in the form of conference talk slides:

    https://github.com/jbangert/mithril

    there’s also https://github.com/aclements/libelfin (parsing only, supports dwarf); https://github.com/bx/elf-bf-tools (Turing machine inside elf relocations) and of course the “olg guard” of ELF reversing tools ERESI/elfsh (website seems down; GitHub mirror on https://github.com/thorkill/eresi).

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • libelfin

    C++11 ELF/DWARF parser

    I built a (research) library a few years ago to rewrite ELF binaries; our research projects ran into a lot of limitations with doing incremental patches to a binary (ELF has a lot of redundant representations of the same data). For us, parsing the binary into a normalized representation, modifying that, and re-serializing worked — we could make more intrusive changes to the binary, and (almost? I don’t recall anything breaking) everything in the Debian repos still ran after the binaries has been rewritten.

    I expect the library is now woefully out of date, and documentation is mostly in the form of conference talk slides:

    https://github.com/jbangert/mithril

    there’s also https://github.com/aclements/libelfin (parsing only, supports dwarf); https://github.com/bx/elf-bf-tools (Turing machine inside elf relocations) and of course the “olg guard” of ELF reversing tools ERESI/elfsh (website seems down; GitHub mirror on https://github.com/thorkill/eresi).

  • elf-bf-tools

    I built a (research) library a few years ago to rewrite ELF binaries; our research projects ran into a lot of limitations with doing incremental patches to a binary (ELF has a lot of redundant representations of the same data). For us, parsing the binary into a normalized representation, modifying that, and re-serializing worked — we could make more intrusive changes to the binary, and (almost? I don’t recall anything breaking) everything in the Debian repos still ran after the binaries has been rewritten.

    I expect the library is now woefully out of date, and documentation is mostly in the form of conference talk slides:

    https://github.com/jbangert/mithril

    there’s also https://github.com/aclements/libelfin (parsing only, supports dwarf); https://github.com/bx/elf-bf-tools (Turing machine inside elf relocations) and of course the “olg guard” of ELF reversing tools ERESI/elfsh (website seems down; GitHub mirror on https://github.com/thorkill/eresi).

  • eresi

    The ERESI Reverse Engineering Software Interface

    I built a (research) library a few years ago to rewrite ELF binaries; our research projects ran into a lot of limitations with doing incremental patches to a binary (ELF has a lot of redundant representations of the same data). For us, parsing the binary into a normalized representation, modifying that, and re-serializing worked — we could make more intrusive changes to the binary, and (almost? I don’t recall anything breaking) everything in the Debian repos still ran after the binaries has been rewritten.

    I expect the library is now woefully out of date, and documentation is mostly in the form of conference talk slides:

    https://github.com/jbangert/mithril

    there’s also https://github.com/aclements/libelfin (parsing only, supports dwarf); https://github.com/bx/elf-bf-tools (Turing machine inside elf relocations) and of course the “olg guard” of ELF reversing tools ERESI/elfsh (website seems down; GitHub mirror on https://github.com/thorkill/eresi).

  • vscode-remote-release

    Visual Studio Code Remote Development: Open any folder in WSL, in a Docker container, or on a remote machine using SSH and take advantage of VS Code's full feature set.

    Probably one or two years ago I randomly met this wonderful tool amidst dealing with a VSCode Remote SSH problem via search. The story begins with using VSCode remote SSH on a HPC that is running CentOS 6. VSCode Remote SSH ship with a Node binary that is dynamically linked to a glibc that is not supported on older OSes such as CentOS 6 https://code.visualstudio.com/docs/remote/linux . I am not the system manager on the HPC and could not update the system myself, and VSCode team is too arrogant to support those old OSes. Alhough I have a homebrew environment and has a new glibc built there, the Node VSCode does not recognize that from environment variable. Manually update string in the node binary’s strings does provide me with solution at least: https://github.com/microsoft/vscode-remote-release/issues/10...

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts