#binary-file #yaml-config #byte #input-file #ida #signatures #patch

app fabricbin

Patch binary file using IDA signatures and defined replacement bytes in YAML

1 unstable release

0.1.0 Mar 4, 2024

#2418 in Parser implementations

MIT license

8KB
134 lines

fabricbin

Patch binary file using IDA signatures and defined replacement bytes in YAML.

Install:

cargo install --git https://github.com/makindotcc/fabricbin

Usage:

  1. Modify config.yaml (any filename)
  2. fabricbin config.yaml (any filename, by default "config.yaml" is used)
  3. Input file will be replaced with

Example configuration:

# input file
input_file: './chrome/118.0.5993.71/chrome.dll'
# Optional output file path. If not defined then input file is used and
# backup file (of input file) with suffix ".bak" is created.
output_file: './chrome/118.0.5993.71/chrome.dll'
# Apply following patches to input file
patch:
  # Following patch will replace FIRST occurrence of "sig".
  # Example data before:
  # Before: 53 48 83 EC 00 48 8B 22 33 44 55...
  # After:  48 C7 C0 00 00 00 00 C3 33 44 55...
  - name: 'blink::Navigator::webdriver' # optional, exists for "docs"/debugging purposes (when signature is not found)
    # IDA style signature to be replaced with bytes from field 'with'
    sig: '53 48 83 EC ? 48 8B ? ? ? ? ? 48 ? ? 48 ? ? ? 28 B3 01 80 3D ? ? ? ? 00 74 ? 48 8b ? ? ?'
    # New byte list that will replace the bytes in the signature
    with:
      - '48 c7 c0 00 00 00 00' # mov rax, 0x00
      - 'c3'                   # ret
    # optional offset relative to first signature byte
    # In this example our "with" (48 c7...) will be replaced at index of sig first byte (0x53 0x48 0x83...)
    with_offset: 0

Dependencies

~4–6MB
~114K SLoC