libelfmaster

Secure ELF parsing library for loading and parsing ELF objects of any type.

Features

• Innovative API for user-friendly, secure, and creative access to ELF objects
• Forensically reconstructs section headers and symbol tables using state-of-the-art techniques
• Seamlessly loads 32bit and 64bit ELF objects without separate compilation for each architecture
• Loads binaries with corrupted section headers
• Supports various edge cases in Linux/UNIX binary forensics

Future Goals

1. Userland debugging (non-ptrace) API
2. ELF patching, injection, relocatable code injection, and function hijacking
3. Dwarf VM bytecode injection
4. Continuous advancement of forensically reconstructing broken binaries
5. Explicit support for FreeBSD, sparc, mips, arm, etc.
6. Regression test suite
7. Better Support for core-files, i.e., forensics reconstruction
8. API Documentation

Current Status

Work in progress. Not fully fuzzed or tested. Needs adept ELF hackers and reverse engineers with strong C skills.

Rules of Development

• Follow NetBSD coding style
• Submit a PR for review

API Documentation

The best documentation is to read the code in libelfmaster/examples. elfparse.c is a simple version of readelf, but does not utilize every API function. Make sure to look at all examples. This API needs someone to document it.

> Visit libelfmaster Website <