elf

I have an ELF file that I would like to decompile into C code, and make simple changes to the resulting C code and rebuild it into an ELF. The decompiled C code need not be fully human readable. Eg, if variables and function names come out obfuscated, it is okay. Which tools can I use to accomplish this on Linux? PS: If decompiling to C is not possible or is not easy, I'm willing to consider decompiling to assembly language, though tweaking the assembly source will be very difficult for me. UPDATE: You may assume that I'm using the following C program to get my a.out ELF. Now, assume further

I want to know how does Linux operating systems execute files. So from my searches across the web I understood that every file which has the runnable bit set on can be executed. But then I learned that there is an ELF called format which is the Linux standard for executables. So what I want to know is what is necessary to a file which has permission to run (runnable bit is on), in order to execute code in the system? Can I just create a new file with hex editor and write 90 inside (NOP opcode) and expect it to be executed? Or does Linux requires some kind of standard format, like ELF format or

All the standard shared libraries on my Linux system (Fedora 9) specify ELFOSABI_NONE (0) as their OSABI. This is fine - however I've received a shared library from a supplier where the OSABI given in the ELF header is ELFOSABI_LINUX (3). This doesn't sound like an unreasonable value for a shared library intended for a Linux system, however it is a different value to that of all my other libraries - and so when I try to open this library, with dlopen(), from one of my other libraries this fails with the error "ELF file OS ABI invalid". I compiled up the FreeBSD utility brandelf.c and used it

I am searching for a way to make existing proprietary ELF-binaries, which are linked against specific versions of system libraries, portable. With portable I mean making the executable work on every system with the same processor architecture and a compatible system kernel, without necessarily having the source code of the libraries (if there is no way without having the source code, it'll be fine too). So far I thought of two possibilities, but I don't know if they are at all possible and if yes, which to choose: Searching all linked libraries and their dependencies and include them in a

I compiled a C++ HelloWorld on an Odroid-XU3 with gcc/g++ version 4.8.2 and clang version 3.5. I also wrote a C HelloWorld for comparison. g++ -static -o HelloWorld hello.cc readelf -h HelloWorld shows the following entry point addresses: HelloWorld: 0x8be5 HelloClang: 0x8c45 HelloC: 0x88b5 These are odd addresses. Thumb has odd addresses, so has this something to do with Thumb? Additionally, objdump -lSd HelloWorld shows the _start Symbol at 0x8be4 , which looks like the "right" address. Why show these two tools different addresses? Yes addresses are odd because they are Thumb functions,

I have static linked binary (ELF file) it doesn't have dynamic segment, .dymsym sections and it doesn't perform LD_PRELOAD command and etc. How could i create fake dummy dynamic segment to activate dynamic loader and perform LD_PRELOAD command? How could i create fake dummy dynamic segment to activate dynamic loader and perform LD_PRELOAD command? You can't. Even if you could, getting LD_PRELOAD to preload something would still be useless: usually you want to interpose some symbols in your LD_PRELOAD ed library, but that requires these symbols to be unresolved in the main binary, or at least

I'm trying to use dladdr. It correctly locates the library, but it does not find the function name. I can call objdump, do a little math, and get the address of the function that I pass dladdr. If objdump can see it, why can't dladdr? Here is my function: const char *FuncName(const void *pFunc) { Dl_info DlInfo; int nRet; // Lookup the name of the function given the function pointer if ((nRet = dladdr(pFunc, &DlInfo)) != 0) return DlInfo.dli_sname; return NULL; } Here is a gdb transcript showing what I get. Program received signal SIGINT, Interrupt. [Switching to Thread 0xf7f4c6c0 (LWP 28365)]

This question already has an answer here: How can I make GCC compile the .text section as writable in an ELF binary? 4 answers I need to make .text segment of an executable ELF writable. The program i need to modify is written in C and i can compile it. Any ideas? Thanks A lot. For the answer below, I'm going to use this test program: #include <stdio.h> #include <stdlib.h> int main (int argc, char **argv) { printf ("Hello world\n"); void *m = main; *((char *) m) = 0; exit (0); } Compile with: $ gcc -g -o test test.c As expected: $ gdb test ... (gdb) run Starting program: /home/amb/so/test