Modify the ELF header e_entry (ELF entrypoint offset) to point to the injected code.Fix offsets in the ELF header ( e_shoff, e_phoff, etc.).Fixup section headers' sh_offset's and program headers' p_offset's (move down sections and segments to make room for the payload and a small 'stager stub').Expand the last section (in the segment) section header's sh_size and program header's p_memsz/ p_filesz by the size of the user-supplied payload.Locate the last section in the executable segment by parsing section headers.Locate the first executable segment by parsing program headers.Map in the umodified target ELF executable and the user-supplied payload, a position-independent blob.Drow takes the following steps to create the new patched ELF: