Katana

Introduction

Katana is an ELF and DWARF manipulation shell, largely in the spirit of ERESI. It was originally developed as a hot-patching tool and work on it was continued for research into security implications of the DWARF debugging and exception-handling format. Much of its functionality is either for patching or for DWARF data manipulation, but it is designed underneath as a general-purpose ELF manipulation framework which can be extended as need be for other purposes

Katana aims to provide a hot-patching system for userland. Further it aims to work with existing toolchains and formats so as to be easy to use and to hopefully pave the way for incorporating patching as a standard part of the toolchain. Because of this aim, Katana operates at the object level rather than requiring any access to the source code itself. This has the added bonus of making it, in theory, language agnostic (although no work has been done to test it with anything besides programs written in C).

Documentation

You can read the (incomplete) Katana documentation in several formats:

Downloads

Downloads can be found here. The same files can also be found at Sourceforge.

Access to the development code can be obtained through git.
git clone git://git.savannah.nongnu.org/katana.git

Project Page

Savannah project page

Related

Research using Katana has been published and presented at conferences.

Authors and Contact

Katana is under development at Dartmouth College by James Oakley and Sergey Bratus. Ashwin Ramaswamy, Michael Locasto, and Sean Smith contributed to its design. James Oakley can be reached at electron100 [at] gmail.com or electron [at] cs.dartmouth.edu.

Licensing

The complete text of this license may be found in the file COPYING distributed with the Katana source code.

Katana is free software: you may redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. Regardless of which version is chose, the following stipulation also applies:

Any redistribution must include copyright notice attribution to Dartmouth College as well as the Warranty Disclaimer below, as well as this list of conditions in any related documentation and, if feasible, on the redistributed software; Any redistribution must include the acknowledgment, "This product includes software developed by Dartmouth College," in any related documentation and, if feasible, in the redistributed software; and The names "Dartmouth" and "Dartmouth College" may not be used to endorse or promote products derived from this software.

WARRANTY DISCLAIMER

PLEASE BE ADVISED THAT THERE IS NO WARRANTY PROVIDED WITH THIS SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING, DARTMOUTH COLLEGE, ANY OTHER COPYRIGHT HOLDERS, AND/OR OTHER PARTIES PROVIDING OR DISTRIBUTING THE SOFTWARE, DO SO ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE FALLS UPON THE USER OF THE SOFTWARE. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU (AS THE USER OR REDISTRIBUTOR) ASSUME ALL COSTS OF ALL NECESSARY SERVICING, REPAIR OR CORRECTIONS.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL DARTMOUTH COLLEGE OR ANY OTHER COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.