Skip to content

thinkycx/elfguard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
docs
docs
 
 
lib
lib
 
 
samples
samples
 
 
shellcode
shellcode
 
 
tests
tests
 
 
README.md
README.md
 
 
elf.h
elf.h
 
 
elfguard.py
elfguard.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

ELFGuard

ELFGuard is a simple tool which helps you to guard your ELF binary.
You could insert the shellcode into the ELF binary to do anything you want, such as

  1. use a SECCOMP shellcode to restrict syscalls
  2. use a reverse shell shellcode to leave a backdoor
  3. more in future...

Only support amd64 arch now. Wish you enjoy it and don't be evil ;)

menu

Prerequisites

Modules

Storage Module

Find proper space to store the shellcode and return the file's offset to write shellcode.

  • expand a segment
  • add a segment
  • .eh_frame

Shellcode Module

Generate specified shellcode to use:

  • SECCOMP
  • reverse shell

Controller Module

control the flow control:

  • entry point hjack
  • PLT HOOK

TODO

  • OOP
  • i386 arch supported
  • more shellcode

About

a simple tool to guard your ELF binary

Topics

shellcode elf seccomp protector

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages