1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: DYN (Position-Independent Executable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x3a2a0
Start of program headers: 64 (bytes into file)
Start of section headers: 13351112 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 17
Size of section headers: 64 (bytes)
Number of section headers: 40
Section header string table index: 32
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .dynsym DYNSYM 00000000000005a8 000005a8
00000000000032d0 0000000000000018 A 38 1 8
[ 2] .gnu.version VERSYM 0000000000005606 00005606
000000000000043c 0000000000000002 A 1 0 2
[ 3] .gnu.version_r VERNEED 0000000000005a48 00005a48
00000000000001d0 0000000000000000 A 38 3 8
[ 4] .rela.dyn RELA 0000000000005c18 00005c18
000000000002d840 0000000000000018 A 1 0 8
[ 5] .rela.plt RELA 0000000000033458 00033458
0000000000002c58 0000000000000018 AI 1 18 8
[ 6] .init PROGBITS 0000000000037000 00037000
0000000000000017 0000000000000000 AX 0 0 4
[ 7] .plt PROGBITS 0000000000037020 00037020
0000000000001da0 0000000000000010 AX 0 0 16
[ 8] .plt.got PROGBITS 0000000000038dc0 00038dc0
0000000000000020 0000000000000008 AX 0 0 8
[ 9] .text PROGBITS 0000000000038de0 00038de0
000000000013550c 0000000000000000 AX 0 0 16
[10] .fini PROGBITS 000000000016e2ec 0016e2ec
0000000000000009 0000000000000000 AX 0 0 4
[11] .rodata PROGBITS 000000000016f000 0016f000
0000000000030ac6 0000000000000000 A 0 0 32
[12] .eh_frame_hdr PROGBITS 000000000019fac8 0019fac8
000000000000cd6c 0000000000000000 A 0 0 4
[13] .eh_frame PROGBITS 00000000001ac838 001ac838
00000000000458e0 0000000000000000 A 0 0 8
[14] .tbss NOBITS 00000000001f3000 001f3000
00000000000000d8 0000000000000000 WAT 0 0 8
[15] .init_array INIT_ARRAY 00000000001f3000 001f3000
00000000000000f8 0000000000000008 WA 0 0 8
[16] .fini_array FINI_ARRAY 00000000001f30f8 001f30f8
0000000000000008 0000000000000008 WA 0 0 8
[17] .data.rel.ro PROGBITS 00000000001f3100 001f3100
0000000000019cd0 0000000000000000 WA 0 0 32
[18] .got PROGBITS 000000000020d010 0020d010
0000000000000ff0 0000000000000008 WA 0 0 8
[19] .data PROGBITS 000000000020e000 0020e000
000000000002d970 0000000000000000 WA 0 0 32
[20] .bss NOBITS 000000000023b980 0023b970
000000000000b568 0000000000000000 WA 0 0 32
[21] .comment PROGBITS 0000000000000000 0023b970
000000000000001f 0000000000000001 MS 0 0 1
[22] .debug_aranges PROGBITS 0000000000000000 0023b990
0000000000002930 0000000000000000 0 0 16
[23] .debug_info PROGBITS 0000000000000000 0023e2c0
00000000004edebb 0000000000000000 0 0 1
[24] .debug_abbrev PROGBITS 0000000000000000 0072c17b
0000000000037657 0000000000000000 0 0 1
[25] .debug_line PROGBITS 0000000000000000 007637d2
000000000018b626 0000000000000000 0 0 1
[26] .debug_str PROGBITS 0000000000000000 008eedf8
000000000005594d 0000000000000001 MS 0 0 1
[27] .debug_line_str PROGBITS 0000000000000000 00944745
0000000000003002 0000000000000001 MS 0 0 1
[28] .debug_loclists PROGBITS 0000000000000000 00947747
00000000002aaf9f 0000000000000000 0 0 1
[29] .debug_rnglists PROGBITS 0000000000000000 00bf26e6
00000000000593d9 0000000000000000 0 0 1
[30] .symtab SYMTAB 0000000000000000 00c4bac0
000000000003ef10 0000000000000018 31 4238 8
[31] .strtab STRTAB 0000000000000000 00c8a9d0
0000000000030d5f 0000000000000000 0 0 1
[32] .shstrtab STRTAB 0000000000000000 00cbb72f
0000000000000194 0000000000000000 0 0 1
[33] .interp PROGBITS 0000000000cbd000 00cbd000
0000000000000017 0000000000000000 A 0 0 8
[34] .note.gnu.pr[...] NOTE 0000000000cbd018 00cbd018
0000000000000020 0000000000000000 A 0 0 8
[35] .note.gnu.bu[...] NOTE 0000000000cbd038 00cbd038
0000000000000024 0000000000000000 A 0 0 4
[36] .note.ABI-tag NOTE 0000000000cbd060 00cbd060
0000000000000020 0000000000000000 A 0 0 4
[37] .gnu.hash GNU_HASH 0000000000cbd080 00cbd080
00000000000001cc 0000000000000000 A 1 0 8
[38] .dynstr STRTAB 0000000000cbe000 00cbe000
0000000000001d8f 0000000000000000 A 0 0 8
[39] .dynamic DYNAMIC 0000000000cbfd90 00cbfd90
0000000000000250 0000000000000010 WA 38 0 8
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
D (mbind), l (large), p (processor specific)
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000000040 0x0000000000000040
0x00000000000003b8 0x00000000000003b8 R 0x8
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x00000000000360b0 0x00000000000360b0 R 0x1000
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 0x10
LOAD 0x0000000000037000 0x0000000000037000 0x0000000000037000
0x00000000001372f5 0x00000000001372f5 R E 0x1000
LOAD 0x000000000016f000 0x000000000016f000 0x000000000016f000
0x0000000000083118 0x0000000000083118 R 0x1000
GNU_EH_FRAME 0x000000000019fac8 0x000000000019fac8 0x000000000019fac8
0x000000000000cd6c 0x000000000000cd6c R 0x4
LOAD 0x00000000001f3000 0x00000000001f3000 0x00000000001f3000
0x0000000000048970 0x0000000000053ee8 RW 0x1000
TLS 0x00000000001f3000 0x00000000001f3000 0x00000000001f3000
0x0000000000000000 0x00000000000000d8 R 0x8
GNU_RELRO 0x00000000001f3000 0x00000000001f3000 0x00000000001f3000
0x000000000001b000 0x000000000001b000 R 0x1
INTERP 0x0000000000cbd000 0x0000000000cbd000 0x0000000000cbd000
0x0000000000000017 0x0000000000000017 R 0x1
[Requesting program interpreter: ./ld-linux-x86-64.so.2]
LOAD 0x0000000000cbd000 0x0000000000cbd000 0x0000000000cbd000
0x0000000000000250 0x0000000000000250 RW 0x1000
NOTE 0x0000000000cbd018 0x0000000000cbd018 0x0000000000cbd018
0x0000000000000020 0x0000000000000020 R 0x8
GNU_PROPERTY 0x0000000000cbd018 0x0000000000cbd018 0x0000000000cbd018
0x0000000000000020 0x0000000000000020 R 0x8
NOTE 0x0000000000cbd038 0x0000000000cbd038 0x0000000000cbd038
0x0000000000000024 0x0000000000000024 R 0x4
NOTE 0x0000000000cbd060 0x0000000000cbd060 0x0000000000cbd060
0x0000000000000020 0x0000000000000020 R 0x4
LOAD 0x0000000000cbe000 0x0000000000cbe000 0x0000000000cbe000
0x0000000000001fe0 0x0000000000001fe0 RW 0x1000
DYNAMIC 0x0000000000cbfd90 0x0000000000cbfd90 0x0000000000cbfd90
0x0000000000000250 0x0000000000000250 RW 0x8
Section to Segment mapping:
Segment Sections...
00
01 .dynsym .gnu.version .gnu.version_r .rela.dyn .rela.plt
02
03 .init .plt .plt.got .text .fini
04 .rodata .eh_frame_hdr .eh_frame
05 .eh_frame_hdr
06 .init_array .fini_array .data.rel.ro .got .data .bss
07 .tbss
08 .init_array .fini_array .data.rel.ro .got
09 .interp
10 .interp .note.gnu.property .note.gnu.build-id .note.ABI-tag .gnu.hash
11 .note.gnu.property
12 .note.gnu.property
13 .note.gnu.build-id
14 .note.ABI-tag
15 .dynstr .dynamic
16 .dynamic
Dynamic section at offset 0xcbfd90 contains 33 entries:
Tag Type Name/Value
0x000000000000001d (RUNPATH) Library runpath: [.]
0x0000000000000001 (NEEDED) Shared library: [libcapstone.so.4]
0x0000000000000001 (NEEDED) Shared library: [libffi.so.8]
0x0000000000000001 (NEEDED) Shared library: [libm.so.6]
0x0000000000000001 (NEEDED) Shared library: [libglib-2.0.so.0]
0x0000000000000001 (NEEDED) Shared library: [libgmodule-2.0.so.0]
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
0x000000000000000c (INIT) 0x37000
0x000000000000000d (FINI) 0x16e2ec
0x0000000000000019 (INIT_ARRAY) 0x1f3000
0x000000000000001b (INIT_ARRAYSZ) 248 (bytes)
0x000000000000001a (FINI_ARRAY) 0x1f30f8
0x000000000000001c (FINI_ARRAYSZ) 8 (bytes)
0x000000006ffffef5 (GNU_HASH) 0xcbd080
0x0000000000000005 (STRTAB) 0xcbe000
0x0000000000000006 (SYMTAB) 0x5a8
0x000000000000000a (STRSZ) 7567 (bytes)
0x000000000000000b (SYMENT) 24 (bytes)
0x0000000000000015 (DEBUG) 0x0
0x0000000000000003 (PLTGOT) 0x20d010
0x0000000000000002 (PLTRELSZ) 11352 (bytes)
0x0000000000000014 (PLTREL) RELA
0x0000000000000017 (JMPREL) 0x33458
0x0000000000000007 (RELA) 0x5c18
0x0000000000000008 (RELASZ) 186432 (bytes)
0x0000000000000009 (RELAENT) 24 (bytes)
0x000000000000001e (FLAGS) BIND_NOW
0x000000006ffffffb (FLAGS_1) Flags: NOW PIE
0x000000006ffffffe (VERNEED) 0x5a48
0x000000006fffffff (VERNEEDNUM) 3
0x000000006ffffff0 (VERSYM) 0x5606
0x000000006ffffff9 (RELACOUNT) 7741
0x0000000000000000 (NULL) 0x0
