From 15230bbb9b1f69def9b0e1b41a097638c0fda734 Mon Sep 17 00:00:00 2001 From: johannst Date: Tue, 28 Apr 2020 09:11:18 +0000 Subject: deploy: fef4d6ff2ad9f48e6dccde0f061453e6a3ac624e --- binary/index.html | 220 ++++++++++++++++++++++++++++++++++++++++++++ binary/nm.html | 224 ++++++++++++++++++++++++++++++++++++++++++++ binary/objdump.html | 233 ++++++++++++++++++++++++++++++++++++++++++++++ binary/od.html | 260 ++++++++++++++++++++++++++++++++++++++++++++++++++++ binary/readelf.html | 230 ++++++++++++++++++++++++++++++++++++++++++++++ binary/xxd.html | 245 +++++++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 1412 insertions(+) create mode 100644 binary/index.html create mode 100644 binary/nm.html create mode 100644 binary/objdump.html create mode 100644 binary/od.html create mode 100644 binary/readelf.html create mode 100644 binary/xxd.html (limited to 'binary') diff --git a/binary/index.html b/binary/index.html new file mode 100644 index 0000000..2b47b26 --- /dev/null +++ b/binary/index.html @@ -0,0 +1,220 @@ + + + + + + Binary - Notes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + +
+
+

Binary

+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/binary/nm.html b/binary/nm.html new file mode 100644 index 0000000..fa3dab6 --- /dev/null +++ b/binary/nm.html @@ -0,0 +1,224 @@ + + + + + + nm - Notes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + +
+
+

nm(1)

+
  nm [opts] <elf>
+    -C          demangle
+    -u          undefined only
+
+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/binary/objdump.html b/binary/objdump.html new file mode 100644 index 0000000..60b7529 --- /dev/null +++ b/binary/objdump.html @@ -0,0 +1,233 @@ + + + + + + objdump - Notes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + +
+
+

objdump(1)

+
  objdump [opts] <elf>
+    -M intel                use intil syntax
+    -d                      disassemble text section
+    -D                      disassemble all sections
+    -S                      mix disassembly with source code
+    -C                      demangle
+    -j <section>            display info for section
+    --[no-]show-raw-insn    [dont] show object code next to disassembly
+
+

Disassemble section

+

For example .plt section:

+
  objdump -j .plt -d <elf>
+
+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/binary/od.html b/binary/od.html new file mode 100644 index 0000000..74599f1 --- /dev/null +++ b/binary/od.html @@ -0,0 +1,260 @@ + + + + + + od - Notes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + +
+
+

od(1)

+
  od [opts] <file>
+    -An         don't print addr info
+    -tx4        print hex in 4 byte chunks
+    -ta         print as named character
+    -tc         printable chars or backslash escape
+    -w4         print 4 bytes per line
+    -j <n>      skip <n> bytes from <file> (hex if start with 0x)
+    -N <n>      dump <n> bytes (hex of start with 0x)
+
+

ASCII to hex string

+
  echo -n AAAABBBB | od -An -w4 -tx4
+    >> 41414141
+    >> 42424242
+
+  echo -n '\x7fELF\n' | od -tx1 -ta -tc
+    >> 0000000  7f  45  4c  46  0a      # tx1
+    >>         del   E   L   F  nl      # ta
+    >>         177   E   L   F  \n      # tc
+
+

Extract parts of file

+

For example .rodata section from an elf file. We can use readelf to get the +offset into the file where the .rodata section starts.

+
  readelf -W -S foo
+    >> Section Headers:
+    >> [Nr] Name              Type            Address          Off    Size   ES Flg Lk Inf Al
+    >> ...
+    >> [15] .rodata           PROGBITS        00000000004009c0 0009c0 000030 00   A  0   0 16
+
+

With the offset of -j 0x0009c0 we can dump -N 0x30 bytes from the beginning of +the .rodata section as follows:

+
  od -j 0x0009c0 -N 0x30 -tx4 -w4 foo
+    >> 0004700 00020001
+    >> 0004704 00000000
+    >> *
+    >> 0004740 00000001
+    >> 0004744 00000002
+    >> 0004750 00000003
+    >> 0004754 00000004
+
+

Note: Numbers starting with 0x will be interpreted as hex by od.

+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/binary/readelf.html b/binary/readelf.html new file mode 100644 index 0000000..03a1049 --- /dev/null +++ b/binary/readelf.html @@ -0,0 +1,230 @@ + + + + + + readelf - Notes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + +
+
+

readelf(1)

+
  readelf [opts] <elf>
+    -W|--wide     wide output, dont break output at 80 chars
+    -h            print ELF header
+    -S            print section headers
+    -l            print program headers + segment mapping
+    -d            print .dynamic section (dynamic link information)
+    --syms        print symbol tables (.symtab .dynsym)
+    --dyn-syms    print dynamic symbol table (exported symbols for dynamic linker)
+    -r            print relocation sections (.rel.*, .rela.*)
+
+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/binary/xxd.html b/binary/xxd.html new file mode 100644 index 0000000..ac248b4 --- /dev/null +++ b/binary/xxd.html @@ -0,0 +1,245 @@ + + + + + + xxd - Notes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + +
+
+

xxd(1)

+
  xxd [opts]
+    -p          dump continuous hexdump
+    -r          convert hexdump into binary ('revert')
+    -e          dump as little endian mode
+    -i          output as C array
+
+

ASCII to hex stream

+
  echo -n 'aabb' | xxd -p
+    >> 61616262
+
+

Hex to binary stream

+
  echo -n '61616262' | xxd -p -r
+    >> aabb
+
+

ASCII to binary

+
  echo -n '\x7fELF' | xxd -p | xxd -p -r | file -p -
+    >> ELF
+
+

ASCII to C array (hex encoded)

+
  xxd -i <(echo -n '\x7fELF')
+    >> unsigned char _proc_self_fd_11[] = {
+    >>   0x7f, 0x45, 0x4c, 0x46
+    >> };
+    >> unsigned int _proc_self_fd_11_len = 4;
+
+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3