Highest scored 'elf' questions - Reverse Engineering Stack Exchange

143 votes

2 answers

131k views

What is PLT/GOT?

From time to time, when disassembling x86 binaries, I stumble on reference to PLT and GOT, especially when calling procedures from a dynamic library. For example, when running a program in gdb: (gdb)...

perror

19.2k

asked May 3, 2013 at 8:39

62 votes

7 answers

17k views

Visualizing ELF binaries

I recently saw an older talk by Sergey Bratus and Greg Conti by the name of Voyage of the Reverser: A Visual Study of Binary Species. Are there any opensource/free tools that one could use to see ...

user1743

asked Aug 2, 2014 at 7:59

31 votes

4 answers

44k views

Cross debugging for ARM / MIPS ELF with QEMU/toolchain

as i'm new about cross-debugging and cross-compilation i need some help because i feel so confused. I have a MIPS elf file, [myelf][1] .You can see bellow the output of file myelf: myelf: ELF 32-bit ...

creuchmeuch

485

asked May 6, 2015 at 17:31

29 votes

1 answer

27k views

What symbol tables stay after a strip In ELF format?

I am currently looking at the ELF format, and especially at stripped ELF executable program files. I know that, when stripped, the symbol table is removed, but some information are always needed to ...

perror

19.2k

asked Jul 26, 2013 at 17:24

28 votes

1 answer

112k views

Reversing ELF 64-bit LSB executable, x86-64 ,gdb

I'm a newbie and just got into RE. I got a ELF 64-bit LSB executable, x86-64. I'm trying to reverse it. First I tried to set a break point on line 1 using gdb ./filename break 1 The gdb says No ...

nkg

433

asked Mar 7, 2014 at 6:55

20 votes

4 answers

27k views

Set a breakpoint on GDB entry point for stripped PIE binaries without disabling ASLR

Given a position-independent, statically-linked, stripped binary, there does not appear to be a way in GDB to set a breakpoint at the entry point without disabling ASLR. break start and similar ...

Zach Riggle

2,357

asked Apr 18, 2015 at 20:04

20 votes

2 answers

6k views

Why are GOT and PLT still present in Linux static stripped binaries?

I am looking at statically linked linux x86 stripped binary. I noticed that there are .got and .plt sections. I wonder what does a statically linked binary need got and plt sections for ? Anyone ?

daehee

603

asked Jun 2, 2013 at 13:57

18 votes

4 answers

16k views

How to generate the call graph of a binary file?

I have a non-stripped ELF binary for which I want to create a call graph as a dot file. Is there such a tool which generates the call graph? EDIT: Is there away in addition to the conventional call ...

0x90

677

asked Aug 13, 2017 at 2:58

13 votes

1 answer

3k views

Extracting strings from Go binaries

Is there an easy way to extract all of the strings from Go binaries that will work cross architecture? The problem with Go is that strings are stored without a null terminator, so you can't use the &...

Drxxd

231

asked May 13, 2020 at 9:37

12 votes

2 answers

14k views

Why I can not directly get the content of `.bss` section?

Test is on Linux 32bit. I use this command to get the context of .text .rodata and .data section: objdump -s -j .text elf_binary objdump -s -j .rodata elf_binary objdump -s -j .data elf_binary But ...

lllllllllllll

2,485

asked May 1, 2014 at 21:50

12 votes

1 answer

5k views

How are stripped shared libraries linked against?

Lately I've been reversing the Android framework for the Nexus S mobile phone. 99% of the source code is of course open, but there are few propriety shared libraries which needs to be downloaded in ...

Mellowcandle

4,825

asked May 11, 2013 at 10:09

11 votes

4 answers

8k views

How can I generate a call graph from an unstripped x86 Linux ELF?

There's a piece of software, for which I only have the binary, not the source code. It's: unobfuscated (so, not polymorphic or anything. It is optimized a bit, though) unstripped x86 32 bit ...

Parthian Shot

281

asked Jun 10, 2015 at 20:51

11 votes

3 answers

7k views

What are the available libraries to statically modify ELF executables?

I would like to be able to rewrite or reorganize an ELF binary program directly from the executable format (not at compile-time). The only library I know to do this is elfesteem (used in Miasm). But,...

perror

19.2k

asked Apr 18, 2013 at 9:43

11 votes

2 answers

16k views

Which python library for parsing Linux ELF files?

I want to be able to parse 32 and 64 bit ELF files - but not create or modify them (e.g. as discussed in this thread). The ELF binaries may possibly come from embedded Linux systems, that is, the ...

langlauf.io

1,560

asked May 6, 2015 at 11:14

10 votes

2 answers

3k views

Fixing the checksum of a modified Android ELF

I've hex-edited a string in an Android ELF binary. Now, it won't run, and gives the error message CANNOT LINK EXECUTABLE, presumably due to a bad checksum. Does anybody have a tool to fix the ...

user1636717

181

asked Apr 10, 2013 at 17:38

Stack Exchange Network

Questions tagged [elf]

What is PLT/GOT?

Visualizing ELF binaries

Cross debugging for ARM / MIPS ELF with QEMU/toolchain

What symbol tables stay after a strip In ELF format?

Reversing ELF 64-bit LSB executable, x86-64 ,gdb

Set a breakpoint on GDB entry point for stripped PIE binaries without disabling ASLR

Why are GOT and PLT still present in Linux static stripped binaries?

How to generate the call graph of a binary file?

Extracting strings from Go binaries

Why I can not directly get the content of `.bss` section?

How are stripped shared libraries linked against?

How can I generate a call graph from an unstripped x86 Linux ELF?

What are the available libraries to statically modify ELF executables?

Which python library for parsing Linux ELF files?

Fixing the checksum of a modified Android ELF

Hot Network Questions

Questions tagged [elf]

Related Tags