A packed Virus for Elf64 binaries
This might trigger your anti-virus, which is normal. Use at your own risk!
# clone it
git clone https://github.com/grumbach/Famine.git && cd Famine
# build it and run it
make && ./famine
# remove installation files
cd .. && rm -rf Famine Infected program memory overview
================================
. .
| ... |
p_offset -> |========| PT_LOAD - relative_pt_load_address
| ... | ^
| ... | |
sh_offset -> |--------| |
| | ... | |
V | ... | |
offset_in_section - |>>>>>>>>| entry |- relative_entry_address
| ... | |^
|--------| ||
| ... | ||
| ... | ||
end_of_last_section -> |--------| - - - -- - - - - - -
@famine_entry -> |@@@@@@@@| | |
|@ @| | |
|@ @| | |
|@@@@@@@@| V |
packed @virus -> |~~~~~~~~| - relative_virus_addresss |
|########| | |
|########| | |
|########| | |
|########| V V
@_start (placeholder) -> |~~~~~~~~| - virus_size - payload_size
| ... |
| ... |
|========|
| ... |
. .