查看二进制文件命令

2806阅读 0评论2010-08-22 bailiangcn
分类:LINUX

详细帮助请看man文件
1、判断文件类型
file
2、查看二进制文件(可查看链接文件或运行文件)
readelf -a
3、二进制解码
hexdump -C
4、反汇编
objdump -dS

例如:源文件
 

#include <stdio.h>
int main(int argc, char **argv)
{
    printf("Hello, Linux World! \n");
    return 0;
}


用 gcc -m32 -gc hello.c -o hello.o
gcc -m32 -g hello.c -o hello

用 readelf -a hello.o 输出结果
ELF Header:
  Magic:   7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF32
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              REL (Relocatable file)
  Machine:                           Intel 80386
  Version:                           0x1
  Entry point address:               0x0
  Start of program headers:          0 (bytes into file)
  Start of section headers:          220 (bytes into file)
  Flags:                             0x0
  Size of this header:               52 (bytes)
  Size of program headers:           0 (bytes)
  Number of program headers:         0
  Size of section headers:           40 (bytes)
  Number of section headers:         11
  Section header string table index: 8

Section Headers:
  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
  [ 0]                   NULL            00000000 000000 000000 00      0   0  0
  [ 1] .text             PROGBITS        00000000 000034 00001c 00  AX  0   0  4
  [ 2] .rel.text         REL             00000000 000348 000010 08      9   1  4
  [ 3] .data             PROGBITS        00000000 000050 000000 00  WA  0   0  4
  [ 4] .bss              NOBITS          00000000 000050 000000 00  WA  0   0  4
  [ 5] .rodata           PROGBITS        00000000 000050 000015 00   A  0   0  1
  [ 6] .comment          PROGBITS        00000000 000065 000024 01  MS  0   0  1
  [ 7] .note.GNU-stack   PROGBITS        00000000 000089 000000 00      0   0  1
  [ 8] .shstrtab         STRTAB          00000000 000089 000051 00      0   0  1
  [ 9] .symtab           SYMTAB          00000000 000294 0000a0 10     10   8  4
  [10] .strtab           STRTAB          00000000 000334 000013 00      0   0  1
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings)
  I (info), L (link order), G (group), x (unknown)
  O (extra OS processing required) o (OS specific), p (processor specific)

There are no section groups in this file.

There are no program headers in this file.

Relocation section '.rel.text' at offset 0x348 contains 2 entries:
 Offset     Info    Type            Sym.Value  Sym. Name
0000000c  00000501 R_386_32          00000000   .rodata
00000011  00000902 R_386_PC32        00000000   puts

There are no unwind sections in this file.

Symbol table '.symtab' contains 10 entries:
   Num:    Value  Size Type    Bind   Vis      Ndx Name
     0: 00000000     0 NOTYPE  LOCAL  DEFAULT  UND
     1: 00000000     0 FILE    LOCAL  DEFAULT  ABS hello.c
     2: 00000000     0 SECTION LOCAL  DEFAULT    1
     3: 00000000     0 SECTION LOCAL  DEFAULT    3
     4: 00000000     0 SECTION LOCAL  DEFAULT    4
     5: 00000000     0 SECTION LOCAL  DEFAULT    5
     6: 00000000     0 SECTION LOCAL  DEFAULT    7
     7: 00000000     0 SECTION LOCAL  DEFAULT    6
     8: 00000000    28 FUNC    GLOBAL DEFAULT    1 main
     9: 00000000     0 NOTYPE  GLOBAL DEFAULT  UND puts

No version information found in this file.

上一篇:64位linux上编译生成32位代码
下一篇:最牛B的Linux Shell命令 系列连载(一)