| Linux寄生程序加载动态库的研究与实现 |
| |
| 引用本文: | 夏宏,刘立宇.Linux寄生程序加载动态库的研究与实现[J].计算机工程,2008,34(3):113-115. |
| |
| 作者姓名: | 夏宏 刘立宇 |
| |
| 作者单位: | 华北电力大学计算机系,北京,102206 |
| |
| 摘 要: | 寄生程序是指注入到可执行文件中的程序代码,被广泛地应用在二进制文件加解密、版权保护等领域。病毒也是寄生程序的一种。Linux下的寄生程序很难利用宿主没有加载的动态连接库,使其功能受到很大限制。该文通过对ELF动态连接机制的研究,采用了一种寄生程序通过proc文件系统进行加载和利用动态库的方法,并对这种方法进行了实现。
|
| 关 键 词: | 寄生程序 可执行可连接文件格式 动态连接 |
| 文章编号: | 1000-3428(2008)03-0113-03 |
| 收稿时间: | 2007-03-23 |
| 修稿时间: | 2007年3月23日 |
Research and Implementation of Linux Parasite Access to Dynamic Library |
| |
| XIA Hong,LIU Li-yu.Research and Implementation of Linux Parasite Access to Dynamic Library[J].Computer Engineering,2008,34(3):113-115. |
| |
| Authors: | XIA Hong LIU Li-yu |
| |
| Affiliation: | (Department of Computer, North China Electric Power University, Beijing 102206) |
| |
| Abstract: | A parasite is defined as code that is injected into a host executable. There are many potential uses for parasite code: binary decryption, unpacking and copyright protection, to name a few. And the most common form of parasite is the virus. Development of feature rich Linux parasites is severely limited by the inability to reliably access functions external to the host file. This paper explores the dynamic linking mechanisms of the Executable and Linkable Format(ELF), and brings up a methodology that allows parasite code access to shared objects. The implementation of this methodology is presented. |
| |
| Keywords: | parasite Executable and Linkable Format(ELF) dynamic linking |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
