Reputation: 3709
Reverse Engineering an ELF Binary
I have a binary from a potential exploit that was found on a server. I am interested in reversing it to see exactly what this binary was designed to attempt to exploit. My only problem is OBJDump and other similar programs will all return errors indicating that the file cannot be read. Hex dump shows that an ELF header does exist in the file however I am not proficient enough to identify if the ELF is properly build based purely off the hex.
Upvotes: 3
Views: 10060
Answers (1)
Reputation: 25318
Try IDA (Interactive Disassembler). Demo versions can open ELF files. (I'm not sure if freeware can, and it's Windows only). We work hard on making it accept damaged/deliberately corrupted files, so if it can't be loaded by IDA but works in the actual OS, I'll be interested in a sample.
Disclaimer: I work for Hex-Rays.
Upvotes: 3
Related Questions
- Editing ELF binary call instruction
- Analyzing obfuscated ELF binary
- How to execute a disassembled ELF instruction by instruction?
- How to find (distinguish) library code in disassembled ELF executable?
- Replace code / text segment of ELF executable
- Decompile raw binary code to assembly
- Reverse engineered code seems to have no point
- ELF Relocation reverse engineering
- Removing assembly instructions from ELF
- Reverse engineering C-source code from assembly