Questions tagged [plt]
The plt tag has no usage guidance.
11
questions
3
votes
1
answer
421
views
What is the ELF .got section used for?
I'm trying to learn how GOT/PLT works in ELF binaries. The way I see it - there's three sections; .got, .plt and .got.plt.
When the program tries to call an imported function which is lazy binded, it ...
- 31
1
vote
0
answers
92
views
determine the PC of code gadgets in PLT section of ELF file
I am trying to parse an ELF file using custom code. With reference to the image below (output displayed is from objdump), I need to get the address of code gadget starting at , for example 401030 for ...
- 11
4
votes
1
answer
8k
views
Dumping the GOT with gdb at run time
I want to see how the plt stubs are being resolved at run time when lazy linking is used and how the GOT is changed along the way. How can I dump the GOT with gdb?
- 427
1
vote
1
answer
219
views
Questions regarding PLT/GOT and statically linking
I am looking at the assembly code of a heap-overflow challenge (heap3 in Protostar) which uses a vulnerability of an old version of dlmalloc to execute the exploit. Below is the assembler dump:
...
- 11
3
votes
1
answer
264
views
Enumerating (name, addresses) in PLT of an ELF file without elf.h
I want to show users imported symbols of a given ELF file like this(#1) in a disassembler project.(Android app)
1d21a: f7fa e8e8 blx 173ec ; __android_log_print@plt ...
Currently, I can only show ...
- 341
1
vote
1
answer
2k
views
How to find out all the locations that call an external function using ida pro?
I just want to find out all the locations that call the standard library function pthread_attr_getstack using ida pro. There is an entry in .plt:
.plt:00015894 ; =============== S U B R O U T I N E ...
- 139
0
votes
1
answer
401
views
How is the first jmp skipped in plt entry
Whenever there is a call to a function of a dynamically linked library (0x400586 in the example at the end), the call first leads to a few lines in the .plt section, which in turn starts with a jmp to ...
- 103
4
votes
1
answer
5k
views
ELF: How to make IDA show me the correct PLT (Procedure Linkage Table) content?
I would like to make IDA disassemble the .plt section of ELF files correctly, e.g. as objdump does:
objdump -D -M intel asdf | grep "Disassembly of section .plt" -A80
I don't know why but IDA gives ...
- 1,560
3
votes
3
answers
888
views
Patching PLT entries
I was reading this CTF write up and wanted to know more than the author cared to explain.
I actually just patched the PLT entries of getenv(), ptrace() and sleep(), as sleeps get pretty annoying ...
- 33
3
votes
1
answer
4k
views
ELF link_map when linked as RELRO
When linking a binary with -Wl,-z,relro,-z,now, all relocations are performed at start-up before passing control to the binary.
Because of this, there is no need for the .got.plt segment. Normally, ...
- 2,357
5
votes
1
answer
1k
views
Associating Symbol Names with .PLT Entries
Doing some messing around with ELF (of both the x86 and ARM varieties).
Associating symbol names with entries in the .got section is straightforward. Find the .got section, find the relocation ...
- 2,357