Using ELF relocations for executable encryption

A new approach to hiding the code of Linux executable files using a relocation table is proposed, which allows you to create a crypter without embedding the decryption code in the executable file. Various applications of this approach are evaluated and the respective crypter prototypes are implemented. The dangers of this approach for the reverse engineering tools IDA, Ghidra, angr, as well as for antivirus software are assessed.