Skip to main content
Reverse Engineering

Questions tagged [got]

Ask Question

The tag has no usage guidance.

9 questions
Newest Active Bountied Unanswered
3 votes
1 answer
421 views

What is the ELF .got section used for?

I'm trying to learn how GOT/PLT works in ELF binaries. The way I see it - there's three sections; .got, .plt and .got.plt. When the program tries to call an imported function which is lazy binded, it ...
synack's user avatar
synack
  • 31
2 votes
0 answers
211 views

Overwriting the Global Offset Table + format string vulnerability

I am trying to understand how to overwrite the Global Offset Table. On the book "Hacking: The Art of Exploitation". Following the example I get: objdump -R ./fmt ...
LianoQ's user avatar
LianoQ
  • 31
4 votes
1 answer
8k views

Dumping the GOT with gdb at run time

I want to see how the plt stubs are being resolved at run time when lazy linking is used and how the GOT is changed along the way. How can I dump the GOT with gdb?
Trey's user avatar
Trey
  • 427
1 vote
1 answer
2k views

How to find out all the locations that call an external function using ida pro?

I just want to find out all the locations that call the standard library function pthread_attr_getstack using ida pro. There is an entry in .plt: .plt:00015894 ; =============== S U B R O U T I N E ...
cong's user avatar
cong
  • 139
0 votes
1 answer
401 views

How is the first jmp skipped in plt entry

Whenever there is a call to a function of a dynamically linked library (0x400586 in the example at the end), the call first leads to a few lines in the .plt section, which in turn starts with a jmp to ...
bayer's user avatar
bayer
  • 103
0 votes
1 answer
143 views

how Can I use a linux so file from a program other than the program it was developed for?

I wish to use the codecs that come with realplayer but without needing realplayer. The codecs I want to use are all in .so format, but I don't know how to separate the codecs from the rest of ...
user17881's user avatar
user17881
  • 3
3 votes
3 answers
888 views

Patching PLT entries

I was reading this CTF write up and wanted to know more than the author cared to explain. I actually just patched the PLT entries of getenv(), ptrace() and sleep(), as sleeps get pretty annoying ...
movecx's user avatar
movecx
  • 33
3 votes
1 answer
4k views

ELF link_map when linked as RELRO

When linking a binary with -Wl,-z,relro,-z,now, all relocations are performed at start-up before passing control to the binary. Because of this, there is no need for the .got.plt segment. Normally, ...
Zach Riggle's user avatar
Zach Riggle
  • 2,357
5 votes
1 answer
1k views

Associating Symbol Names with .PLT Entries

Doing some messing around with ELF (of both the x86 and ARM varieties). Associating symbol names with entries in the .got section is straightforward. Find the .got section, find the relocation ...
Zach Riggle's user avatar
Zach Riggle
  • 2,357