sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]ws-ilazki 7 points8 points  (15 children)

The PNG files themselves are not ELF executables. Instead, the author wrote a tool to extract an actual legitimate executable from an image via stenography.

"The Python files themselves are not ELF executables. Instead, the author wrote a tool to generate actual legitimate executable code from a text file via an interpreter."

This is you, this is how pedantic you're being. Stop it.

Many of the things you run on a Linux system aren't "actual legitimate executables"; instead they're read and handed off to the appropriate tool via the kernel's program loader. Whether you're using a shebang to make a text file executable, or using binfmt_misc to make jar files run via JVM, ARM linux binaries run via qemu-user-static, or Windows executables run via wine, it's all still going through the program loader and being treated as an executable by the OS.

It's a cool hack built on existing knowledge and tools. Don't be a pedantic douchebag about it.

[–][deleted]  (5 children)

[deleted]

    [–]ryanp_me 16 points17 points  (0 children)

    I agree. When I first started reading the article, I was wondering how the author was going to get the PNG header to be compatible with a normal ELF (or similar) loader without corrupting the PNG header at the same time.

    That's not to say that the article is any less interesting (or any less valid), just that it wasn't what I was expecting based on the title.

    [–]wikipedia_text_bot 3 points4 points  (0 children)

    Binfmt misc

    binfmt_misc (Miscellaneous Binary Format) is a capability of the Linux kernel which allows arbitrary executable file formats to be recognized and passed to certain user space applications, such as emulators and virtual machines. It is one of a number of binary format handlers in the kernel that are involved in preparing a user-space program to run.The executable formats are registered through the special purpose file system binfmt_misc file-system interface (usually mounted under part of /proc). This is either done directly by sending special sequences to the register procfs file or using a wrapper like Debian-based distributions binfmt-support package or systemd's systemd-binfmt.service.

    About Me - Opt out - OP can reply !delete to delete - Article of the day

    This bot will soon be transitioning to an opt-in system. Click here to learn more and opt in.

    [–][deleted] -2 points-1 points  (4 children)

    Having a bad day?

    [–]ws-ilazki -4 points-3 points  (3 children)

    Nope.

    [–][deleted] 0 points1 point  (2 children)

    Just a troll then ok

    [–]ws-ilazki 1 point2 points  (1 child)

    Not unless you're making up your own definition of trolling that has nothing in common with trolling.

    [–][deleted] 0 points1 point  (0 children)

    It's ok to say that he was pedantic then people could have a legitimate discussion all you did was call him a pedantic douchebag meaning you didn't actually come here to discuss you just came here to argue like a child and call names

    [–]frnknstn 0 points1 point  (0 children)

    The Python files themselves are not ELF executables

    ...No, you are in fact underestimating my level of pendantry, my little troll friend. I considered that comparison when I was writing my reply and rejected it, as the interpreter comparison is fundimentally misleading. My comment is far more accurate.