This is elftin, a possibly-growing selection of scripts/tools which do wonderful and strange things with ELF binaries. Currently there are the following scripts/tools: - custom-phdrs: lets you relink a binary to include a custom ELF program header, with whatever content you like. You could read my blog post. <https://humprog.org/~stephen/blog/2017/02/14#custom-elf-phdrs> - embed-file: extends custom-phdrs so that the added program header is accompanied by a binary blob that is inserted into the file, with the program header marking its extent - embed-loadable: extends embed-file to allow for the embedded binary blob to be itself an ELF file -- whose offset fields have been fixed up (by a utility program, included) such that they are relative to the loaded file. This allows the embedded file to be loaded from a file descriptor ponting at the beginning of the blob (its ELF header) within the larger file, even though it is not necessarily at the beginning of that file. This only works if you have a ld.so or libdl that exposes a "dlopen from file descriptor". Glibc's ld.so doesn't do that; ask me <srk31@srcf.ucam.org> how to make a hacked version that does. I believe FreeBSD's (and others') do expose this. - normrelocs: update an ELF file, in place, to prefer non-section symbols in any relocations that reference the symbol 'externally' (e.g. to call it) rather than internally (e.g. to reference a point within its code, e.g. from debugging information). This is sometimes useful after globalizing a symbol using objcopy, since the assembler may have chosen section-relative relocs against local symbols. - abs2und, sym2und: update an ELF file, in place, turning some symbols into UND symbols. This is part of a bigger recipe for symbol wrapping, which is documented on my blog. <https://www.humprog.org/%7Estephen/blog/2022/08/03#elf-symbol-wrapping-via-replacement> - sym2dyn: following use of 'objcopy' that updates the (static) symbol table, propagate changes to the dynamic symbol table. This requires librunt headers at build time. Currently it is very limited, e.g. cannot add new strings to dynstr (so renames must use a subsequence of an existing symbol name), cannot regenerate GNU symbol hash table (so input binaries must use only the SysV table). - xwrap-ldplugin: a linker plugin for the GNU bfd/gold linkers, doing extended wrapping ('xwrap'), overcoming some of the problems with the standard ld --wrap feature. The core technique is documented under the 'sym2und' link above, and the plugin specifically is documented in a separate blog post. <https://www.humprog.org/%7Estephen/blog/2022/10/06#elf-symbol-wrapping-plugin> - base-ldplugin: utility code used by xwrap-ldplugin, but usable by other GNU linker plugins. It includes features for enumerating input files and (by a hacky self-restart mechanism) modifying the linker command line.