Questions tagged [elf]
the Executable and Linkable Format is the main executable and object format for Linux, Solaris, *BSD, and many other OSes...
254
questions
7
votes
3
answers
6k
views
No dynamic symbol table but resolution of method from shared libraries is working
I want to find how can I identify calls to shared libraries in GDB only. On a stripped binary, I cannot found the dynamic symbol table:
$> objdump -tT crackme-01
crackme-01: file format elf32-...
- 173
28
votes
1
answer
112k
views
Reversing ELF 64-bit LSB executable, x86-64 ,gdb
I'm a newbie and just got into RE.
I got a ELF 64-bit LSB executable, x86-64. I'm trying to reverse it.
First I tried to set a break point on line 1 using
gdb ./filename
break 1
The gdb says
No ...
- 433
2
votes
0
answers
555
views
Patch ELF (arm): remove constructor segment
I got an ELF shared library with a constructor function that is executed every time the library is loaded:
.init_array:00005E5C ; =====================================================================
...
- 191
5
votes
2
answers
16k
views
Decoding the UPX ELF header file
Still on my way to understand how to prevent the usage of the -d (decompress) option of UPX (see this question), I try to identify the header file of UPX in ELF executable files.
Looking at the code, ...
- 19.2k
5
votes
1
answer
3k
views
Merging elf shared-objects
Let say I have libA.so and libB.so, is there any way for me to combine them into a single shared library libC.so that contains all exported symbols of both libA.so and libB.so?
- 191
6
votes
3
answers
12k
views
Packers/Protectors for Linux
I was wondering if anyone had come across a packer/protector which could be used for ELF binaries. There seem to be quite a few articles on writing packers and protectors for the PE format -- however, ...
user1743
3
votes
1
answer
1k
views
Known publicly available modified UPX ELF packer [closed]
Anyone know of any publicly available modified versions of UPX for ELF? I.e. one that is not able to be unpacked using upx -d. The unpacking stub in the binary is slightly obfuscated. I am looking to ...
- 131
4
votes
1
answer
876
views
Changing parameter of function call in ELF executable
I want to alter a ELF executable function call and replace one of it's parameters.
The executable calls dlopen() function and passes RTLD_NOW as the flag parameter.
I want to change it to RTLD_LAZY.
...
- 4,825
29
votes
1
answer
27k
views
What symbol tables stay after a strip In ELF format?
I am currently looking at the ELF format, and especially at stripped ELF executable program files.
I know that, when stripped, the symbol table is removed, but some information are always needed to ...
- 19.2k
20
votes
2
answers
6k
views
Why are GOT and PLT still present in Linux static stripped binaries?
I am looking at statically linked linux x86 stripped binary. I noticed that there are .got and .plt sections.
I wonder what does a statically linked binary need got and plt sections for ? Anyone ?
- 603
12
votes
1
answer
5k
views
How are stripped shared libraries linked against?
Lately I've been reversing the Android framework for the Nexus S mobile phone.
99% of the source code is of course open, but there are few propriety shared libraries which needs to be downloaded in ...
- 4,825
143
votes
2
answers
131k
views
What is PLT/GOT?
From time to time, when disassembling x86 binaries, I stumble on
reference to PLT and GOT, especially when calling procedures from a
dynamic library.
For example, when running a program in gdb:
(gdb)...
- 19.2k
11
votes
3
answers
7k
views
What are the available libraries to statically modify ELF executables?
I would like to be able to rewrite or reorganize an ELF binary program directly from the executable format (not at compile-time).
The only library I know to do this is elfesteem (used in Miasm). But,...
- 19.2k
10
votes
2
answers
3k
views
Fixing the checksum of a modified Android ELF
I've hex-edited a string in an Android ELF binary.
Now, it won't run, and gives the error message CANNOT LINK EXECUTABLE, presumably due to a bad checksum.
Does anybody have a tool to fix the ...
- 181