From 003e5cc3410e331513539a1b7e20224ae8da32de Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Mon, 8 Mar 2021 07:58:50 +0000 Subject: [PATCH] Update README.md --- README.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a5d2d96..bf5f52f 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,22 @@ both kernel and usermode projects. Since Theo inherits HMDM (highly modular driv Since Theo is a jit linker, unexported symbols can be jit linked. Resolving such symbols is open ended and allows the programmer of this framework to handle how they want to resolve symbols. More on this later (check out example projects). +# Linking - Dynamic And Static + +### What Is A Linker + +A linker is a program which takes object files produces by a compiler and generates a final executable native to the operating system. A linker interfaces with not only object files but also static libraries, "lib" files. What is a "lib" file? Well a lib file is just an archive of obj's. You can invision it as a zip/rar without any compression, just concatination of said object files. + +### Object Files + +If you define a c++ file called "main.cpp" the compiler will generate an object file by the name of "main.obj". When you refer to data or code defined in another c/c++ file, the linker uses a symbol table to resolve the address of said code/data. In this situation I am the linker and I resolve all of your symbols :). + +### Static Linking + +Static linking is when the linker links entire routines not created by you, into your code. Say `memcpy` (if its not inlined), will be staticlly linked with the CRT. Static linking also allows for your code to be more independant as all the code you need you bring with you. However, with Theo, you cannot link static libraries which are not compiled with `mcmodel=large`. Theo supports actual static linking, in other words, using multiple static libraries at the same time. + +### Dynamic Linking + # RIP Relative Addressing In order to allow for a routine to be scattered throughout a 64bit address space, RIP relative addressing must not be used. In order to facilitate this, a very special version @@ -139,4 +155,6 @@ pop gp pop gp exec routine instruction jmp next instruction -``` \ No newline at end of file +``` + +Again this is just a demo/POC on how you can inherit `obfuscate`. This also shows an example of how to use `asmjit`. \ No newline at end of file