if i could get the hex code of a function in one machine
how would i relink it and execute on another machine
i.e,
if i get the functions hex code from a disassembler
and the function called a windows API
void newfunc()
{
call some_API;
}
for running on another machine i would have to relink it to call that machines API address.
given the machine runs windows with same hardware architecture..
p.s:regards to a distributed systems programming
more explanation:
thus i have the hex code of newfunc() which includes the call assembly to some_API in machine A… i want to run this hex on a similar architecture and OS but a different machine B
so i would have to relink it so that call to some_API goes to the destination machine B’s some_API…how would i do that?
thnx in advance
To do what you have described under Windows would require duplicating the PE Loader functionality.
Under Windows, what usually happens is:
in the RDATA section of the PE:
You can’t just copy text and RDATA because DLL’s can be loaded in different places due to ASLR (Address Space Layout Randomization) which aims to prevent exactly what you are trying to do:
ASSUMING you had a good way of identifying all the data that your function needs (which may not be easy), you could avoid this DLL problem by going directly to the Windows “syscall” interface.
For example, see: http://www.nynaeve.net/?p=48 and http://www.symantec.com/connect/articles/windows-syscall-shellcode will serve as starting points. Note the cautions in the second article that the system call interface changes between versions of the OS! Assuming your distributed system is similar, you will be fine.
The typical solution for the problem of packaging code for remote execution, is to put the code in a DLL.
Then, when the DLL is loaded on each machine (eg, LoadLibrary), the PE loader will fix up the proper addresses.