Dynamic patching of executable on BSD/Unix

Question

I'm facing quite a big problem. I need to patch an executable to modify its behaviour. The program is written in C and until now I've been using IDA to edit it, but that way I couldn't for example replace whole functions etc. It seems for me that the easiest way to do that is to create a kind of loader that will load the program and patch it before it runs. It would save me a lot time and all the editing would be much easier.

The problem is that I can't find any article about how to do it. Could any of you explain how I should handle this process? The loader would be written in C/C++.

Answer 1

It is utterly aconventional to try that process.

• Why aren't you just recompiling with the changes?
  • Source not available is the usual reason.
• Is it a closed source program?
  • If so, you are likely breaking the licence terms by trying.
• Is the source lost?
  • What happened to the backups and version control?
• Is it built with the key code in shared libraries?
  • If so, you can look to replace the shared libraries with the new functionality?
• Can you use LD_PRELOAD to achieve your aims?

Because of the 'source is available' philosophy of UNIX, there aren't many tools to help with the patching of binaries - classically, the tool of choice was a program called adb - a debugger (the 7th Edition UNIX manual said 'adb - debugger'). It allowed you to edit the binary.

However, people seldom make major changes as it sounds like you want to do, primarily because it is very hard work and it is much simpler and more reliable to do it by recompiling the original source.