Code Monkey home page Code Monkey logo

vmsaif / readingandinterpretingbinary Goto Github PK

View Code? Open in Web Editor NEW
2.0 1.0 0.0 8 KB

This program reads and interprets ELF formatted binary files, extracting and printing information such as the file's bitness, endianness, and ABI, as well as the entry point and program header table. It also prints segment and section types, virtual addresses, and sizes, as well as the first 32 bytes of actual segment and section data.

C 100.00%
binary-files abi bitness elf elf-header elf-parser endianness entrypoint operating-system virtual-address

readingandinterpretingbinary's Introduction

Reading and interpreting binary files (ELF)

One of the first things an operating system does when launching a new process is to read the program into memory. Some operating systems (including Linux) use ELF formatted binaries to represent compiled programs.

The ELF header contains important information about the compiled program. The program extracts and prints the following information from the ELF header:

What It Prints

ELF Header

  • The program's bitness (32-bit or 64-bit).
  • The endianness of the file.
  • The target operating system's ABI (Application Binary Interface).
  • The object file type.
  • The instruction set architecture.
  • The address of the entry point, which is where the process starts executing.
  • The address of the program header table in the file.
  • The size and number of entries in the program header table.
  • The size and number of entries in the section header table.
  • The entry in the section headers that is the string table.

Program Headers

For each program header, the program prints out:

  • The segment type.
  • The virtual address of the segment in memory.
  • The size in the file image of the program header.
  • The first (up to) 32 bytes of actual segment data, formatted as hexadecimal bytes.

Section Headers

For each section header, your program should print out:

  • The name of the section.
  • The ELF header specifies which section header is the string table section header
  • The section header type.
  • The virtual address of the section in memory.
  • The size in the file image of the section header.
  • The first (up to) 32 bytes of actual section data, formatted as hexadecimal bytes.

Compiling and Running

on the terminal, to compile,

    clang -o elf_reader elf_reader.c

To run write ./{filename} followed by {binary file}, e,g->

    ./elf_reader hello.out32

Note that, there are 2 sample binary files in the project repository.

32-bit binaries

You are able to compile 32-bit binaries using gcc and clang by passing the -m32 option:

clang -m32 hello.c -o hello.out32 # compile the 32-bit binary

Sample Output:

./elf_reader hello.out64
File: hello.out64

ELF header:
        * 64-bit
        * little endian
        * Compiled for 0x00 (operating system)
        * has type 0x02
        * Compiled for 0x3e (isa)
        * entry point address 0x401040
        * program header table starts at 0x40
        * There are 11 program headers, each is 56 bytes
        * There are 29 section headers, each is 64 bytes
        * the section header string table is 28

Program Headers

Program header: #4
    * segment type 0x00000001
    * virtual address of segment 0x402000
    * size in file 312 bytes
    * first up to 32 bytes starting at 0x2000
      01 00 02 00 48 65 6c 6c 6f 2c 20 77 6f 72 6c 64 
      21 0a 00 00 01 1b 03 3b 38 00 00 00 06 00 00 00

Section Headers

Section header: #2
    * section name .note.gnu.build-id
    * type 0x07
    * virtual address of segment 0x4002c4
    * size in file 36 bytes
    * first up to 32 bytes starting at 0x2c4
      04 00 00 00 14 00 00 00 03 00 00 00 47 4e 55 00 
      1c b9 d1 a6 25 3b cf 34 18 c3 78 cd d1 58 9b 5c

    .
    .
    .
    .
    .

    Program exited with following code: Success
    Program written by Saif Mahmud.

readingandinterpretingbinary's People

Contributors

vmsaif avatar

Stargazers

avatar avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.