如何将LC_LOAD_DYLIB命令插入Mach-O二进制文件(OSX) [英] How to insert a LC_LOAD_DYLIB command into a Mach-O binary (OSX)
问题描述
我正在寻找一些代码来修补一些废弃软件.
I'm looking to patch a piece of abandonware with some code.
该软件是基于碳的,所以我不能使用InputManager(至少,我认为我不能使用).我的想法是在dach头中添加一个dylib引用,并在调用初始化例程时启动一个新线程.
The software is carbon based, so I can not use an InputManager (at least, I do not think I can). My idea was to add a dylib reference to the mach-o header, and launch a new thread when the initialization routine is called.
我已经使用十六进制编辑器添加了适当的加载命令(LC_ LOAD_DYLIB)来处理mach-o标头.
I have mucked around with the mach-o header using a hexeditor to add the appropriate load command (LC_ LOAD_DYLIB).
otool报告了我希望看到的内容,因此我很确定文件格式正确.
otool reports what I expect to see, so I'm fairly confident that the file is correctly formatted.
Load command 63
cmd LC_LOAD_DYLIB
cmdsize 60
name @executable_path/libAltInput.dylib (offset 24)
time stamp 1183743291 Fri Jul 6 19:34:51 2007
current version 0.0.0
compatibility version 0.0.0
但是,启动二进制文件会给我以下错误
However, launching the binary gives me the following error
dyld: bad external relocation length
我只能猜测这意味着我需要修改LC_ SYMTAB或LC_ DYNSYMTAB部分...
All I can guess this means is that I need to modify the LC_ SYMTAB or LC_ DYNSYMTAB sections...
有人有什么主意吗?
推荐答案
我不确定您要完成的工作,但是最简单的方法可能是在完成后将线程注入到mach任务中开始.可以在此处找到有关此操作的大量信息(以及运行此操作的代码): http://rentzsch .com/mach_inject/.
I'm not entirely sure what you're trying to accomplish, but the easiest way to do this is probably to inject a thread into the mach task after it starts. A great source of information on doing this (as well as running code to do it) can be found here: http://rentzsch.com/mach_inject/.
您应该注意的一些警告:
Some caveats that you should be aware of:
- 获取任务的mach端口所需的mach task_for_pid()调用现在已获得特权,并且需要授权才能进行调用.这样做的原因是不言而喻的,但是如果您打算使用注入的代码发布某些内容,则应该意识到这一点.
- 您的代码将在与原始应用程序相同的进程空间中运行,但在单独的线程上运行.因此,您将拥有对该应用程序的完全访问权限,但是,如果该应用程序不是线程感知的,则应非常小心地使用和操作来自所注入代码之外的数据.显然,这里所有的多线程问题都会被放大,因为原始代码永远不会意识到您所添加的内容.
这篇关于如何将LC_LOAD_DYLIB命令插入Mach-O二进制文件(OSX)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
