pie&pic
……
分类 linux 中的文章
GOT&PLT
gdb调试overbuffer objdump readelf string symbol table GOT PLT……
linux环境和相关工具
工具列表 GDB objdump objcopy strace system call trace ltrace library trace ftrace function trace readelf 有用的设备和文件 /proc/<pid>/maps ls /proc/1234/maps /proc/kcore /boot/System.map /proc/kallsyms /proc/iomem ECFS Extended core file snapshotECFS 环境变量 LD_PRELOAD LD_SHOW_AUXV……
ELF格式
elf格式 Elf64_Ehdr文件头 man elf 查看ELF header (Ehdr),The ELF header is described by the type Elf32_Ehdr or Elf64_Ehdr : #define EI_NIDENT 16 typedef struct { unsigned char e_ident[EI_NIDENT]; uint16_t e_type; uint16_t e_machine; uint32_t e_version; ElfN_Addr e_entry; ElfN_Off e_phoff; ElfN_Off e_shoff; uint32_t e_flags; uint16_t e_ehsize; uint16_t e_phentsize; uint16_t e_phnum; uint16_t e_shentsize; uint16_t e_shnum; uint16_t e_shstrndx; } ElfN_Ehdr; $ readelf -h vuln ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: DYN (Position-Independent Executable file) Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address:……
GDB及扩展
gdb gdbinit配置 可以从网上或自己编写 .gdbinit 配置文件, 从网上找到一份配置 config one 地址 https://github.com/gdbinit/Gdbinit 安装: git clone git@github.com:gdbinit/Gdbinit.git cp Gdbinit/gdbinit ~/.gdbinit config two wget https://raw.githubusercontent.com/gdbinit/Gdbinit/master/gdbinit cp gdbinit ~/.gdbinit gef gef A few of GEF features include: 1、One single GDB script Entirely OS Agnostic, NO dependencies: GEF is battery-included and is installable instantly Fast limiting the number of dependencies and optimizing code to make the commands as fast as possible 2、Provides a great variety of commands to drastically change your experience in GDB. Easily extensible to create other commands by providing more comprehensible layout to GDB Python API. 3、……