Last active
December 4, 2018 22:15
-
-
Save hoeg/45cf2dbd10fe6be25796ff5b40571277 to your computer and use it in GitHub Desktop.
Patch a call instruction in a binary to call another function
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import struct | |
| filename = "" #change me | |
| #offset in the binary to the call instruction | |
| CALL_OFFSET = 0x00 #change me | |
| #offset in the binary to the destination function | |
| DESTINATION = 0x00 #change me | |
| def relativeAddr(dest, src): | |
| offset = dest - src | |
| if offset > 0: | |
| except Exception("Illegal call!") | |
| return offset + 0xffffffff - 4 | |
| data = open(filename, "rb").read() | |
| patched = data[:CALL_OFFSET] + "\xE8" + struct.pack("<I", relativeAddr(DESTINATION, CALL_OFFSET)) + data[CALL_OFFSET+4+1:] | |
| open("{}_patched".format(filename),"wb").write(patched) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment