Reversing ELF (Executable and Linking Format)
Last modified: 2024-02-18
Reverse Engineering
ELF is a file format for executables of Linux.
Static Analysis
# -a: All
readelf ./sample -a
# -p: Dump the contents of section
readelf ./sample -p .data
readelf ./sample -p .text
readelf ./sample -p .interp
# Change MSB <=> LSB by editing binary number.
hexedit ./sample
(MSB) 7F 45 4C 46 02 02 01 ... <=> (LSB) 7F 45 4C 46 02 01 01 ...
# Display shared object dependencies
ldd ./sample