1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: DYN (Position-Independent Executable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x8f200
Start of program headers: 64 (bytes into file)
Start of section headers: 2980936 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 14
Size of section headers: 64 (bytes)
Number of section headers: 29
Section header string table index: 28
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000000350 00000350
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.gnu.pr[...] NOTE 0000000000000370 00000370
0000000000000040 0000000000000000 A 0 0 8
[ 3] .note.gnu.bu[...] NOTE 00000000000003b0 000003b0
0000000000000024 0000000000000000 A 0 0 4
[ 4] .note.ABI-tag NOTE 00000000000003d4 000003d4
0000000000000020 0000000000000000 A 0 0 4
[ 5] .gnu.hash GNU_HASH 00000000000003f8 000003f8
000000000000a144 0000000000000000 A 6 0 8
[ 6] .dynsym DYNSYM 000000000000a540 0000a540
0000000000027a08 0000000000000018 A 7 1 8
[ 7] .dynstr STRTAB 0000000000031f48 00031f48
0000000000025812 0000000000000000 A 0 0 1
[ 8] .gnu.version VERSYM 000000000005775a 0005775a
00000000000034d6 0000000000000002 A 6 0 2
[ 9] .gnu.version_r VERNEED 000000000005ac30 0005ac30
00000000000002a0 0000000000000000 A 7 7 8
[10] .rela.dyn RELA 000000000005aed0 0005aed0
0000000000031188 0000000000000018 A 6 0 8
[11] .init PROGBITS 000000000008d000 0008d000
000000000000001b 0000000000000000 AX 0 0 4
[12] .text PROGBITS 000000000008d020 0008d020
0000000000174a71 0000000000000000 AX 0 0 16
[13] .fini PROGBITS 0000000000201a94 00201a94
000000000000000d 0000000000000000 AX 0 0 4
[14] .rodata PROGBITS 0000000000202000 00202000
0000000000032da6 0000000000000000 A 0 0 32
[15] .eh_frame_hdr PROGBITS 0000000000234da8 00234da8
000000000000da3c 0000000000000000 A 0 0 4
[16] .eh_frame PROGBITS 00000000002427e8 002427e8
000000000004a0e0 0000000000000000 A 0 0 8
[17] .gcc_except_table PROGBITS 000000000028c8c8 0028c8c8
0000000000000a23 0000000000000000 A 0 0 1
[18] .tbss NOBITS 000000000028ec88 0028dc88
0000000000000294 0000000000000000 WAT 0 0 8
[19] .init_array INIT_ARRAY 000000000028ec88 0028dc88
0000000000000010 0000000000000008 WA 0 0 8
[20] .fini_array FINI_ARRAY 000000000028ec98 0028dc98
0000000000000008 0000000000000008 WA 0 0 8
[21] .data.rel.ro PROGBITS 000000000028eca0 0028dca0
000000000001b060 0000000000000000 WA 0 0 32
[22] .dynamic DYNAMIC 00000000002a9d00 002a8d00
0000000000000240 0000000000000010 WA 7 0 8
[23] .got PROGBITS 00000000002a9f40 002a8f40
00000000000010b8 0000000000000008 WA 0 0 8
[24] .data PROGBITS 00000000002ab000 002aa000
000000000002daec 0000000000000000 WA 0 0 32
[25] .bss NOBITS 00000000002d8b00 002d7aec
000000000000b750 0000000000000000 WA 0 0 32
[26] .comment PROGBITS 0000000000000000 002d7aec
000000000000001b 0000000000000001 MS 0 0 1
[27] .gnu_debuglink PROGBITS 0000000000000000 002d7b08
0000000000000018 0000000000000000 0 0 4
[28] .shstrtab STRTAB 0000000000000000 002d7b20
0000000000000127 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
D (mbind), l (large), p (processor specific)
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000000040 0x0000000000000040
0x0000000000000310 0x0000000000000310 R 0x8
INTERP 0x0000000000000350 0x0000000000000350 0x0000000000000350
0x000000000000001c 0x000000000000001c R 0x1
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x000000000008c058 0x000000000008c058 R 0x1000
LOAD 0x000000000008d000 0x000000000008d000 0x000000000008d000
0x0000000000174aa1 0x0000000000174aa1 R E 0x1000
LOAD 0x0000000000202000 0x0000000000202000 0x0000000000202000
0x000000000008b2eb 0x000000000008b2eb R 0x1000
LOAD 0x000000000028dc88 0x000000000028ec88 0x000000000028ec88
0x0000000000049e64 0x00000000000555c8 RW 0x1000
DYNAMIC 0x00000000002a8d00 0x00000000002a9d00 0x00000000002a9d00
0x0000000000000240 0x0000000000000240 RW 0x8
NOTE 0x0000000000000370 0x0000000000000370 0x0000000000000370
0x0000000000000040 0x0000000000000040 R 0x8
NOTE 0x00000000000003b0 0x00000000000003b0 0x00000000000003b0
0x0000000000000044 0x0000000000000044 R 0x4
TLS 0x000000000028dc88 0x000000000028ec88 0x000000000028ec88
0x0000000000000000 0x0000000000000294 R 0x8
GNU_PROPERTY 0x0000000000000370 0x0000000000000370 0x0000000000000370
0x0000000000000040 0x0000000000000040 R 0x8
GNU_EH_FRAME 0x0000000000234da8 0x0000000000234da8 0x0000000000234da8
0x000000000000da3c 0x000000000000da3c R 0x4
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 0x10
GNU_RELRO 0x000000000028dc88 0x000000000028ec88 0x000000000028ec88
0x000000000001c378 0x000000000001c378 R 0x1
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.gnu.property .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn
03 .init .text .fini
04 .rodata .eh_frame_hdr .eh_frame .gcc_except_table
05 .init_array .fini_array .data.rel.ro .dynamic .got .data .bss
06 .dynamic
07 .note.gnu.property
08 .note.gnu.build-id .note.ABI-tag
09 .tbss
10 .note.gnu.property
11 .eh_frame_hdr
12
13 .init_array .fini_array .data.rel.ro .dynamic .got
Dynamic section at offset 0x2a8d00 contains 32 entries:
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libcapstone.so.4]
0x0000000000000001 (NEEDED) Shared library: [libdw.so.1]
0x0000000000000001 (NEEDED) Shared library: [libnuma.so.1]
0x0000000000000001 (NEEDED) Shared library: [liburing.so.2]
0x0000000000000001 (NEEDED) Shared library: [libglib-2.0.so.0]
0x0000000000000001 (NEEDED) Shared library: [libgmodule-2.0.so.0]
0x0000000000000001 (NEEDED) Shared library: [libgnutls.so.30]
0x0000000000000001 (NEEDED) Shared library: [libm.so.6]
0x0000000000000001 (NEEDED) Shared library: [libgcc_s.so.1]
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
0x000000000000000c (INIT) 0x8d000
0x000000000000000d (FINI) 0x201a94
0x0000000000000019 (INIT_ARRAY) 0x28ec88
0x000000000000001b (INIT_ARRAYSZ) 16 (bytes)
0x000000000000001a (FINI_ARRAY) 0x28ec98
0x000000000000001c (FINI_ARRAYSZ) 8 (bytes)
0x000000006ffffef5 (GNU_HASH) 0x3f8
0x0000000000000005 (STRTAB) 0x31f48
0x0000000000000006 (SYMTAB) 0xa540
0x000000000000000a (STRSZ) 153618 (bytes)
0x000000000000000b (SYMENT) 24 (bytes)
0x0000000000000015 (DEBUG) 0x0
0x0000000000000007 (RELA) 0x5aed0
0x0000000000000008 (RELASZ) 201096 (bytes)
0x0000000000000009 (RELAENT) 24 (bytes)
0x000000000000001e (FLAGS) BIND_NOW
0x000000006ffffffb (FLAGS_1) Flags: NOW PIE
0x000000006ffffffe (VERNEED) 0x5ac30
0x000000006fffffff (VERNEEDNUM) 7
0x000000006ffffff0 (VERSYM) 0x5775a
0x000000006ffffff9 (RELACOUNT) 7840
0x0000000000000000 (NULL) 0x0
