Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I examine contents of a data section of an ELF file on Linux?

Tags:

linux

object-code

elf

objdump

I've been using objdump to look at assembly code in Linux ELF binaries.

Sometimes there is an indirect jump through a jump table that is stored in the rodata (read-only data) section.

How to get objdump or any other tool to show me the contents of this data section?

I could execute the program and examine the relevant addresses in the debugger, but I don't want to do that because it has to be done interactively.

The ideal answer will identify a tool that will not only show me the contents but will let me control the display format, much as od does.

like image 246
Norman Ramsey Avatar asked Nov 06 '09 04:11

Norman Ramsey

People also ask

How do I read the contents of an ELF file?

you can use readelf and objdump to read parts of an elf file. You can also use 'hexdump filename' to get a hexdump of the contents of a binary file (this is likely only useful if you like reading machine code or you are writing an assembler).

What are the contents of ELF file?

An executable file using the ELF file format consists of an ELF header, followed by a program header table or a section header table, or both. particularities of the file. As you can see from the description above, an ELF file consists of two sections – an ELF header, and file data.

What command do we use to view the symbols in an ELF file?

Trace32 command to read symbol contents from ELF file.

How do I open an ELF file?

How to open an ELF file. On PCs, you can open an ELF file and launch the game or other application it contains using Dolphin, a cross-platform Nintendo Wii emulator. On a Nintendo Wii, you can open an ELF file by transferring the file to your Wii using an SD card and then opening the file via the Homebrew Channel.

2 Answers

objdump -s -j .rodata exefile

gives a side-by-side hex/printable ASCII dump of the contents of the rodata section like:

Contents of section .rodata:  0000 67452301 efcdab89 67452301 efcdab89  gE#.....gE#.....  0010 64636261 68676665 64636261 68676665  dcbahgfedcbahgfe

It doesn't look like there's anything in there to control formatting, but it's a start. You could always undump the hex and feed it to od, I suppose :)

like image 168
hobbs Avatar answered Sep 22 '22 22:09

hobbs

 
readelf -x .rodata hello_world.o

gives:

Hex dump of section '.rodata':   0x00000000 48656c6c 6f20776f 726c6421 0a       Hello world!.

You should prefer readelf when possible since objdump simply does not show some sections like .symtab: Why does objdump not show .bss, .shstratab, .symtab and .strtab sections?

You can also extract the raw bytes with the techniques mentioned at: How do you extract only the contents of an ELF section and as mentioned by ysdx.

like image 43
Ciro Santilli 新疆再教育营六四事件法轮功郝海东 Avatar answered Sep 26 '22 22:09

Ciro Santilli 新疆再教育营六四事件法轮功郝海东
Sign in to Comment

Related questions

Delete the first five characters on any line of a text file in Linux with sed
How can I configure a systemd service to restart periodically?
How to execute a remote command over ssh with arguments?
fcntl substitute on Windows
How to find the real user home directory using python?
Linux: where are environment variables stored?
How to monitor a complete directory tree for changes in Linux?
How can I tell which Unix shell I am using? [duplicate]
unix - count of columns in file
Using Rsync include and exclude options to include directory and file by pattern
Connection refused to MongoDB errno 111
JAVA_HOME directory in Linux
How to get MAC address of your machine using a C program?
How to post raw body data with curl?
Where are include files stored - Ubuntu Linux, GCC
How many socket connections possible?
Selecting a Linux I/O Scheduler
How to cut first n and last n columns?
What package includes AB the Apache Server Benchmarking Tool in Ubuntu [closed]
What are good Linux/Unix books for an advancing user? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!