https://github.com/hackndo/elfreader

ELF reader PoC in C++
https://github.com/hackndo/elfreader

Last synced: 4 months ago
JSON representation

ELF reader PoC in C++

• Host: GitHub
• URL: https://github.com/hackndo/elfreader
• Owner: Hackndo
• Created: 2015-06-12T15:32:11.000Z (about 11 years ago)
• Default Branch: master
• Last Pushed: 2015-07-29T10:14:15.000Z (almost 11 years ago)
• Last Synced: 2024-12-30T21:42:04.116Z (over 1 year ago)
• Language: C++
• Homepage:
• Size: 160 KB
• Stars: 2
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# elfreader

Elf reader written in C++

Sample

```

$ ./reader -e binary

********************************************************************************

*                                ELF HEADER                                    *

********************************************************************************

Storage class	= 32-bit objects

Data format	= 2's complement, little endian

OS ABI		= UNIX System V ABI

Filetype 	= Executable

Machine		= INTEL x86 (0x3)

Entry point	= 0x08048320

ELF header size	= 0x00000034

Program Header	= 0x00000034

		  9 entries

		  32 bytes

Section Header	= 0x0000114c

		  30 entries

		  40 bytes

		  0x0000001b (string table offset)

File flags 	= 0x00000000

$ ./reader -p binary

********************************************************************************

*                                 SEGMENTS                                     *

********************************************************************************

+---+----------+----------+----------+----------+----------+----+---------+

|idx|offset    |vaddr     |paddr     |file size |mem size  |algn|name     |

+---+----------+----------+----------+----------+----------+----+---------+

 000 0x00000034 0x08048034 0x08048034 0x00000120 0x00000120    4 PT_PHDR	

 001 0x00000154 0x08048154 0x08048154 0x00000013 0x00000013    1 PT_INTERP	

 002 0x00000000 0x08048000 0x08048000 0x000005b4 0x000005b4 4096 PT_LOAD	

 003 0x00000f08 0x08049f08 0x08049f08 0x00000118 0x0000011c 4096 PT_LOAD	

 004 0x00000f14 0x08049f14 0x08049f14 0x000000e8 0x000000e8    4 PT_DYNAMIC	

 005 0x00000168 0x08048168 0x08048168 0x00000044 0x00000044    4 PT_NOTE	

 006 0x000004d8 0x080484d8 0x080484d8 0x0000002c 0x0000002c    4 UNKNOWN	

 007 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000   16 UNKNOWN	

 008 0x00000f08 0x08049f08 0x08049f08 0x000000f8 0x000000f8    1 UNKNOWN	

 

 $ ./reader -s binary

********************************************************************************

*                                 SECTIONS                                     *

********************************************************************************

+---+----------+----------+----------+----+----------+----------+--------------+

|idx|offset    |load-addr |size      |algn|flags     |type      |section       |

+---+----------+----------+----------+----+----------+----------+--------------+

 000 0x00000000 0x00000000 0x00000000    0 0x00000000 0x00000000 	

 001 0x00000154 0x08048154 0x00000013    1 0x00000002 0x00000001 .interp	

 002 0x00000168 0x08048168 0x00000020    4 0x00000002 0x00000007 .note.ABI-tag	

 003 0x00000188 0x08048188 0x00000024    4 0x00000002 0x00000007 .note.gnu.build-id	

 004 0x000001ac 0x080481ac 0x00000020    4 0x00000002 0x6ffffff6 .gnu.hash	

 005 0x000001cc 0x080481cc 0x00000050    4 0x00000002 0x0000000b .dynsym	

 006 0x0000021c 0x0804821c 0x0000004a    1 0x00000002 0x00000003 .dynstr	

 007 0x00000266 0x08048266 0x0000000a    2 0x00000002 0x6fffffff .gnu.version	

 008 0x00000270 0x08048270 0x00000020    4 0x00000002 0x6ffffffe .gnu.version_r	

 009 0x00000290 0x08048290 0x00000008    4 0x00000002 0x00000009 .rel.dyn	

 010 0x00000298 0x08048298 0x00000018    4 0x00000002 0x00000009 .rel.plt	

 011 0x000002b0 0x080482b0 0x00000023    4 0x00000006 0x00000001 .init	

 012 0x000002e0 0x080482e0 0x00000040   16 0x00000006 0x00000001 .plt	

 013 0x00000320 0x08048320 0x00000192   16 0x00000006 0x00000001 .text	

 014 0x000004b4 0x080484b4 0x00000014    4 0x00000006 0x00000001 .fini	

 015 0x000004c8 0x080484c8 0x0000000e    4 0x00000002 0x00000001 .rodata	

 016 0x000004d8 0x080484d8 0x0000002c    4 0x00000002 0x00000001 .eh_frame_hdr	

 017 0x00000504 0x08048504 0x000000b0    4 0x00000002 0x00000001 .eh_frame	

 018 0x00000f08 0x08049f08 0x00000004    4 0x00000003 0x0000000e .init_array	

 019 0x00000f0c 0x08049f0c 0x00000004    4 0x00000003 0x0000000f .fini_array	

 020 0x00000f10 0x08049f10 0x00000004    4 0x00000003 0x00000001 .jcr	

 021 0x00000f14 0x08049f14 0x000000e8    4 0x00000003 0x00000006 .dynamic	

 022 0x00000ffc 0x08049ffc 0x00000004    4 0x00000003 0x00000001 .got	

 023 0x00001000 0x0804a000 0x00000018    4 0x00000003 0x00000001 .got.plt	

 024 0x00001018 0x0804a018 0x00000008    4 0x00000003 0x00000001 .data	

 025 0x00001020 0x0804a020 0x00000004    1 0x00000003 0x00000008 .bss	

 026 0x00001020 0x00000000 0x00000024    1 0x00000030 0x00000001 .comment	

 027 0x00001044 0x00000000 0x00000106    1 0x00000000 0x00000003 .shstrtab	

 028 0x000015fc 0x00000000 0x00000430    4 0x00000000 0x00000002 .symtab	

 029 0x00001a2c 0x00000000 0x00000250    1 0x00000000 0x00000003 .strtab	

```