The document discusses reverse engineering binaries to reconstruct missing symbol and section header information. It provides an overview of the ELF file format and issues with stripped binaries. It then describes heuristics and techniques for rebuilding symbol tables and section headers to allow analysis with standard tools like objdump and gdb. Examples are given of finding function labels like main() and global constructors/destructors. The goal is to refactor binaries as little as possible to make them usable again without affecting execution.
1 of 30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
More Related Content
Reverse Engineering for exploit writers
1. Reverse Engineering for exploit writers Jonathan Brossard, iViZ Research Team Clubhack 2008 Pune, India
2. Who Am I ? (and why am I writing this ??) We are recruting ! Send me your CVs at : [email_address]