simonemainardi

Disassemble and Modify an Binary To Change a Function

In this gist I show how to disassemble and modify a Linux executable binary to change the body of a function. This will allow you to control how a binary behaves, even when you don't have access to the source code and you can't recompile it.

In my case, I was asked to try and bypass the protection mechanism implemented. The protection mechanism implemented was meant to only allow a binary to be run in presence of a valid license.

So basically my activity involved:

• Finding the function which performs the protection check
• Disassembling the binary

lizthegrey

default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'

Brainiarc7

Tuning Intel Skylake and beyond for optimal performance and feature level support on Linux:

Note that on Skylake, Kabylake (and the now cancelled "Broxton") SKUs, functionality such as power saving, GPU scheduling and HDMI audio have been moved onto binary-only firmware, and as such, the GuC and the HuC blobs must be loaded at run-time to access this functionality.

Enabling GuC and HuC on Skylake and above requires a few extra parameters be passed to the kernel before boot.

Instructions provided for both Fedora and Ubuntu (including Debian):

Note that the firmware for these GPUs is often packaged by your distributor, and as such, you can confirm the firmware blob's availability by running:

hydra1983

#!/bin/bash

readonly DB_FILE="$(pwd)/images.db"
readonly IMG_DIR="$(pwd)/images"

save-images() {
  echo "Create ${DB_FILE}"
  echo "$(docker images|grep -v 'IMAGE ID'|awk '{printf("%s %s %s\n", $1, $2, $3)}'|column -t)" > "${DB_FILE}"
  
  echo "Read ${DB_FILE}"