1、判断文件类型
file
2、查看二进制文件(可查看链接文件或运行文件)
readelf -a
3、二进制解码
hexdump -C
4、反汇编
objdump -dS
例如:源文件
|
用 gcc -m32 -gc hello.c -o hello.o
gcc -m32 -g hello.c -o hello
用 readelf -a hello.o 输出结果
ELF Header: Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 Class: ELF32 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: REL (Relocatable file) Machine: Intel 80386 Version: 0x1 Entry point address: 0x0 Start of program headers: 0 (bytes into file) Start of section headers: 220 (bytes into file) Flags: 0x0 Size of this header: 52 (bytes) Size of program headers: 0 (bytes) Number of program headers: 0 Size of section headers: 40 (bytes) Number of section headers: 11 Section header string table index: 8 Section Headers: [Nr] Name Type Addr Off Size ES Flg Lk Inf Al [ 0] NULL 00000000 000000 000000 00 0 0 0 [ 1] .text PROGBITS 00000000 000034 00001c 00 AX 0 0 4 [ 2] .rel.text REL 00000000 000348 000010 08 9 1 4 [ 3] .data PROGBITS 00000000 000050 000000 00 WA 0 0 4 [ 4] .bss NOBITS 00000000 000050 000000 00 WA 0 0 4 [ 5] .rodata PROGBITS 00000000 000050 000015 00 A 0 0 1 [ 6] .comment PROGBITS 00000000 000065 000024 01 MS 0 0 1 [ 7] .note.GNU-stack PROGBITS 00000000 000089 000000 00 0 0 1 [ 8] .shstrtab STRTAB 00000000 000089 000051 00 0 0 1 [ 9] .symtab SYMTAB 00000000 000294 0000a0 10 10 8 4 [10] .strtab STRTAB 00000000 000334 000013 00 0 0 1 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings) I (info), L (link order), G (group), x (unknown) O (extra OS processing required) o (OS specific), p (processor specific) There are no section groups in this file. There are no program headers in this file. Relocation section '.rel.text' at offset 0x348 contains 2 entries: Offset Info Type Sym.Value Sym. Name 0000000c 00000501 R_386_32 00000000 .rodata 00000011 00000902 R_386_PC32 00000000 puts There are no unwind sections in this file. Symbol table '.symtab' contains 10 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 7 7: 00000000 0 SECTION LOCAL DEFAULT 6 8: 00000000 28 FUNC GLOBAL DEFAULT 1 main 9: 00000000 0 NOTYPE GLOBAL DEFAULT UND puts No version information found in this file. |