Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tried a linux elf ... #40

Open
stefancn opened this issue Mar 28, 2024 · 6 comments
Open

Tried a linux elf ... #40

stefancn opened this issue Mar 28, 2024 · 6 comments

Comments

@stefancn
Copy link

Great program ...

But when i load an Linux elf file, the sections shows garbage .... Shall be noted that I'm a Windows guy so my knowledge on linux structures is not as deep as it should, anyway ... can somebody out there guide me how to read the sections correctly with this great tool.

Regards
@horsicq
Copy link
Owner

horsicq commented Mar 28, 2024

Hello! Could you please share your screenshot?

@stefancn
Copy link
Author

Hi ! After further reading I think the file has some obfuscating going on, but interesting is that readelf shows:

Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .interp PROGBITS 08048400 000400 00001f 00 A 0 0 1
[ 2] .note.ABI-tag NOTE 08048420 000420 000020 00 A 0 0 4
[ 3] .hash HASH 08048440 000440 017628 04 A 4 0 4
[ 4] .dynsym DYNSYM 0805fa68 017a68 03d770 10 A 5 1 4
[ 5] .dynstr STRTAB 0809d1d8 0551d8 063e49 00 A 0 0 1
[ 6] .gnu.version VERSYM 08102000 0ba000 007aee 02 A 4 0 2
[ 7] .gnu.version_r VERNEED 08109af0 0c1af0 000050 00 A 5 2 4
[ 8] .rel.got REL 08109b40 0c1b40 000018 08 A 4 13 4
[ 9] .rel.bss REL 08109b58 0c1b58 000040 08 A 4 15 4
[10] .rel.plt REL 08109b98 0c1b98 0003f0 08 A 4 c 4
[11] .init PROGBITS 08109f88 0c1f88 00002e 00 AX 0 0 4
[12] .plt PROGBITS 08109fb8 0c1fb8 0007f0 04 AX 0 0 4
[13] .text PROGBITS 0810a7b0 0c27b0 3e8d48 00 AX 0 0 16
[14] .fini PROGBITS 084f34f8 4ab4f8 00001e 00 AX 0 0 4
[15] .rodata PROGBITS 084f3520 4ab520 045f00 00 A 0 0 32
[16] .data PROGBITS 0853a420 4f1420 0cc9fc 00 WA 0 0 32
[17] .ctors PROGBITS 08606e1c 5bde1c 000060 00 WA 0 0 4
[18] .dtors PROGBITS 08606e7c 5bde7c 000050 00 WA 0 0 4
[19] .got PROGBITS 08606ecc 5bdecc 000210 04 WA 0 0 4
[20] .dynamic DYNAMIC 086070dc 5be0dc 0000c0 08 WA 5 0 4
[21] .bss NOBITS 086071a0 5be1a0 00f758 00 WA 0 0 32
[22] .comment PROGBITS 00000000 5be1a0 00231c 00 0 0 1
[23] .note NOTE 00000000 5c04bc 0020d0 00 0 0 1
[24] .shstrtab STRTAB 00000000 5c258c 0000d3 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)

image

Btw, thanks for your extremely fast reply ...

Regards ...
/S

@horsicq
Copy link
Owner

horsicq commented Mar 28, 2024

Interesting. Could you please click on ELF_Ehdr and share the screenshot

@stefancn
Copy link
Author

Shure here it is ...

image

@horsicq
Copy link
Owner

horsicq commented Mar 28, 2024
edited

Is the file private? Could you share it? Or send me via Telegram @horsicq

@stefancn
Copy link
Author

I'll send it later in the evening....

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@horsicq @stefancn