Jump to content
OpenSecurity.global
  • Recently Browsing   0 members

    No registered users viewing this page.

Yuu Chan

Binary Golf

Recommended Posts

I suppose I'll share some fun stuff I've been playing with for a bit.

ELF files are a lot of fun to mess with, and late last year I had figured out some techniques that led to the smallest possible 64 bit ELF, which is 84 bits. Since then I've been playing with it when I have time. I did a few write ups:

https://medium.com/@dmxinajeansuit/elf-binary-mangling-part-1-concepts-e00cb1352301

https://medium.com/@dmxinajeansuit/elf-binary-mangling-pt-2-golfin-7e5c82bb482c

https://medium.com/@dmxinajeansuit/elf-binary-mangling-part-3-weaponization-6e11971108b3

I did my best to spell out the thought process behind messing with binaries, all the way up to what appears to be a hypervisor level vuln that corrupts the VMCS in Xen. Affects AWS and a bunch of other platforms.

I also collected some of the source files I've made here: https://github.com/netspooky/golfclub

I am going to expand more in the future, but I try to make each source file as verbose as possible, to explain what purpose each individual byte serves. I'm really trying to encourage more people to play with this stuff, because it leads to some interesting results. Un-debuggable binaries that can break the tools that are attempting to parse them.

If anyone has any questions feel free to get in touch!

  • Like 2

Share this post


Link to post

this is absolutely excellent content especially as someone who has mainly only dealt with PE files. I used to do the same thing with z80 assembly on calculators to shave down size, glad to see the spirit is still alive 🙂

 

thanks for sharing and remember to chat hard and join #hardchats 🙂

-Ethan

Share this post


Link to post

  • Members online now

    No members to show

×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy