全部博文(127)
分类: LINUX
2009-11-12 10:24:56
|
>readelf -a test >1 >readelf -a test.orig >2 >cat 1 ELF 头: Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 Class: ELF32 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (可执行文件) Machine: Intel 80386 Version: 0x1 入口点地址: 0x8048350 程序头起点: 52 (bytes into file) Start of section headers: 2196 (bytes into file) 标志: 0x0 本头的大小: 52 (字节) 程序头大小: 32 (字节) 程序头数量: 8 节头大小: 40 (字节) 节头数量: 27 字符串表索引节头: 26 节头: [Nr] Name Type Addr Off Size ES Flg Lk Inf Al [ 0] NULL 00000000 000000 000000 00 0 0 0 [ 1] .interp PROGBITS 08048134 000134 000013 00 A 0 0 1 [ 2] .note.ABI-tag NOTE 08048148 000148 000020 00 A 0 0 4 [ 3] .note.SuSE NOTE 08048168 000168 000018 00 A 0 0 4 [ 4] .hash HASH 08048180 000180 000030 04 A 5 0 4 [ 5] .dynsym DYNSYM 080481b0 0001b0 000070 10 A 6 1 4 [ 6] .dynstr STRTAB 08048220 000220 000066 00 A 0 0 1 [ 7] .gnu.version VERSYM 08048286 000286 00000e 02 A 5 0 2 [ 8] .gnu.version_r VERNEED 08048294 000294 000020 00 A 6 1 4 [ 9] .rel.dyn REL 080482b4 0002b4 000008 08 A 5 0 4 [10] .rel.plt REL 080482bc 0002bc 000020 08 A 5 12 4 [11] .init PROGBITS 080482dc 0002dc 000017 00 AX 0 0 4 [12] .plt PROGBITS 080482f4 0002f4 000050 04 AX 0 0 4 [13] .text PROGBITS 08048350 000350 00021c 00 AX 0 0 16 [14] .fini PROGBITS 0804856c 00056c 00001c 00 AX 0 0 4 [15] .rodata PROGBITS 08048588 000588 000013 00 A 0 0 4 [16] .eh_frame PROGBITS 0804859c 00059c 000004 00 A 0 0 4 [17] .ctors PROGBITS 080495a0 0005a0 000008 00 WA 0 0 4 [18] .dtors PROGBITS 080495a8 0005a8 000008 00 WA 0 0 4 [19] .jcr PROGBITS 080495b0 0005b0 000004 00 WA 0 0 4 [20] .dynamic DYNAMIC 080495b4 0005b4 0000c8 08 WA 6 0 4 [21] .got PROGBITS 0804967c 00067c 000004 04 WA 0 0 4 [22] .got.plt PROGBITS 08049680 000680 00001c 04 WA 0 0 4 [23] .data PROGBITS 0804969c 00069c 00000c 00 WA 0 0 4 [24] .bss NOBITS 080496a8 0006a8 000004 00 WA 0 0 4 [25] .comment PROGBITS 00000000 0006a8 000117 00 0 0 1 [26] .shstrtab STRTAB 00000000 0007bf 0000d2 00 0 0 1 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings) I (info), L (link order), G (group), x (unknown) O (extra OS processing required) o (OS specific), p (processor specific) There are no section groups in this file. 程序头: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00100 0x00100 R E 0x4 INTERP 0x000134 0x08048134 0x08048134 0x00013 0x00013 R 0x1 [正在请求程序解释器:/lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x005a0 0x005a0 R E 0x1000 LOAD 0x0005a0 0x080495a0 0x080495a0 0x00108 0x0010c RW 0x1000 DYNAMIC 0x0005b4 0x080495b4 0x080495b4 0x000c8 0x000c8 RW 0x4 NOTE 0x000148 0x08048148 0x08048148 0x00020 0x00020 R 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00018 0x00018 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4 Section to Segment mapping: 段节... 00 01 .interp 02 .interp .note.ABI-tag .note.SuSE .hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame 03 .ctors .dtors .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag 06 .note.SuSE 07 Dynamic section at offset 0x5b4 contains 20 entries: 标记 类型 名称/值 0x00000001 (NEEDED) 共享库:[libc.so.6] 0x0000000c (INIT) 0x80482dc 0x0000000d (FINI) 0x804856c 0x00000004 (HASH) 0x8048180 0x00000005 (STRTAB) 0x8048220 0x00000006 (SYMTAB) 0x80481b0 0x0000000a (STRSZ) 102 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049680 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x80482bc 0x00000011 (REL) 0x80482b4 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x8048294 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x8048286 0x00000000 (NULL) 0x0 重定位节 “.rel.dyn” 位于偏移量 0x2b4 含有 1 个条目: Offset Info Type Sym.Value Sym. Name 0804967c 00000606 R_386_GLOB_DAT 00000000 __gmon_start__ 重定位节 “.rel.plt” 位于偏移量 0x2bc 含有 4 个条目: Offset Info Type Sym.Value Sym. Name 0804968c 00000107 R_386_JUMP_SLOT 00000000 scanf 08049690 00000207 R_386_JUMP_SLOT 00000000 __libc_start_main 08049694 00000307 R_386_JUMP_SLOT 00000000 printf 08049698 00000607 R_386_JUMP_SLOT 00000000 __gmon_start__ There are no unwind sections in this file. Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 65 FUNC GLOBAL DEFAULT UND scanf@GLIBC_2.0 (2) 2: 00000000 415 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2) 3: 00000000 57 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.0 (2) 4: 0804858c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 5: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 6: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ Histogram for bucket list length (total of 3 buckets): Length Number % of total Coverage 0 0 ( 0.0%) 1 0 ( 0.0%) 0.0% 2 3 (100.0%) 100.0% 版本符号节“.gnu.version”含有 7 个条目: 地址:0000000008048286 偏移量:0x000286 连接:5 (.dynsym) 000: 0 (*本地*) 2 (GLIBC_2.0) 2 (GLIBC_2.0) 2 (GLIBC_2.0) 004: 1 (*全局*) 0 (*本地*) 0 (*本地*) Version needs section '.gnu.version_r' contains 1 entries: 地址:0x0000000008048294 Offset: 0x000294 Link to section: 6 (.dynstr) 000000: Version: 1 文件:libc.so.6 计数:1 0x0010: Name: GLIBC_2.0 标志:无 版本:2 注释位于偏移量 0x00000148 长度为 0x00000020: 所有者 数据大小 描述 GNU 0x00000010 NT_VERSION (version) 注释位于偏移量 0x00000168 长度为 0x00000018: 所有者 数据大小 描述 SuSE 0x00000004 未知的注释类型:(0x45537553) >cat 2 ELF 头: Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 Class: ELF32 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (可执行文件) Machine: Intel 80386 Version: 0x1 入口点地址: 0x8048350 程序头起点: 52 (bytes into file) Start of section headers: 3392 (bytes into file) 标志: 0x0 本头的大小: 52 (字节) 程序头大小: 32 (字节) 程序头数量: 8 节头大小: 40 (字节) 节头数量: 35 字符串表索引节头: 32 节头: [Nr] Name Type Addr Off Size ES Flg Lk Inf Al [ 0] NULL 00000000 000000 000000 00 0 0 0 [ 1] .interp PROGBITS 08048134 000134 000013 00 A 0 0 1 [ 2] .note.ABI-tag NOTE 08048148 000148 000020 00 A 0 0 4 [ 3] .note.SuSE NOTE 08048168 000168 000018 00 A 0 0 4 [ 4] .hash HASH 08048180 000180 000030 04 A 5 0 4 [ 5] .dynsym DYNSYM 080481b0 0001b0 000070 10 A 6 1 4 [ 6] .dynstr STRTAB 08048220 000220 000066 00 A 0 0 1 [ 7] .gnu.version VERSYM 08048286 000286 00000e 02 A 5 0 2 [ 8] .gnu.version_r VERNEED 08048294 000294 000020 00 A 6 1 4 [ 9] .rel.dyn REL 080482b4 0002b4 000008 08 A 5 0 4 [10] .rel.plt REL 080482bc 0002bc 000020 08 A 5 12 4 [11] .init PROGBITS 080482dc 0002dc 000017 00 AX 0 0 4 [12] .plt PROGBITS 080482f4 0002f4 000050 04 AX 0 0 4 [13] .text PROGBITS 08048350 000350 00021c 00 AX 0 0 16 [14] .fini PROGBITS 0804856c 00056c 00001c 00 AX 0 0 4 [15] .rodata PROGBITS 08048588 000588 000013 00 A 0 0 4 [16] .eh_frame PROGBITS 0804859c 00059c 000004 00 A 0 0 4 [17] .ctors PROGBITS 080495a0 0005a0 000008 00 WA 0 0 4 [18] .dtors PROGBITS 080495a8 0005a8 000008 00 WA 0 0 4 [19] .jcr PROGBITS 080495b0 0005b0 000004 00 WA 0 0 4 [20] .dynamic DYNAMIC 080495b4 0005b4 0000c8 08 WA 6 0 4 [21] .got PROGBITS 0804967c 00067c 000004 04 WA 0 0 4 [22] .got.plt PROGBITS 08049680 000680 00001c 04 WA 0 0 4 [23] .data PROGBITS 0804969c 00069c 00000c 00 WA 0 0 4 [24] .bss NOBITS 080496a8 0006a8 000004 00 WA 0 0 4 [25] .comment PROGBITS 00000000 0006a8 000117 00 0 0 1 [26] .debug_aranges PROGBITS 00000000 0007c0 000058 00 0 0 8 [27] .debug_pubnames PROGBITS 00000000 000818 000025 00 0 0 1 [28] .debug_info PROGBITS 00000000 00083d 000191 00 0 0 1 [29] .debug_abbrev PROGBITS 00000000 0009ce 000062 00 0 0 1 [30] .debug_line PROGBITS 00000000 000a30 000137 00 0 0 1 [31] .debug_str PROGBITS 00000000 000b67 0000a5 01 MS 0 0 1 [32] .shstrtab STRTAB 00000000 000c0c 000132 00 0 0 1 [33] .symtab SYMTAB 00000000 0012b8 000570 10 34 65 4 [34] .strtab STRTAB 00000000 001828 0002d9 00 0 0 1 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings) I (info), L (link order), G (group), x (unknown) O (extra OS processing required) o (OS specific), p (processor specific) There are no section groups in this file. 程序头: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00100 0x00100 R E 0x4 INTERP 0x000134 0x08048134 0x08048134 0x00013 0x00013 R 0x1 [正在请求程序解释器:/lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x005a0 0x005a0 R E 0x1000 LOAD 0x0005a0 0x080495a0 0x080495a0 0x00108 0x0010c RW 0x1000 DYNAMIC 0x0005b4 0x080495b4 0x080495b4 0x000c8 0x000c8 RW 0x4 NOTE 0x000148 0x08048148 0x08048148 0x00020 0x00020 R 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00018 0x00018 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4 Section to Segment mapping: 段节... 00 01 .interp 02 .interp .note.ABI-tag .note.SuSE .hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame 03 .ctors .dtors .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag 06 .note.SuSE 07 Dynamic section at offset 0x5b4 contains 20 entries: 标记 类型 名称/值 0x00000001 (NEEDED) 共享库:[libc.so.6] 0x0000000c (INIT) 0x80482dc 0x0000000d (FINI) 0x804856c 0x00000004 (HASH) 0x8048180 0x00000005 (STRTAB) 0x8048220 0x00000006 (SYMTAB) 0x80481b0 0x0000000a (STRSZ) 102 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049680 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x80482bc 0x00000011 (REL) 0x80482b4 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x8048294 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x8048286 0x00000000 (NULL) 0x0 重定位节 “.rel.dyn” 位于偏移量 0x2b4 含有 1 个条目: Offset Info Type Sym.Value Sym. Name 0804967c 00000606 R_386_GLOB_DAT 00000000 __gmon_start__ |
