C/C++知识点之elf文件解析
小标 2019-05-31 来源 : 阅读 1443 评论 0

摘要:本文主要向大家介绍了C/C++知识点之elf文件解析,通过具体的内容向大家展示,希望对大家学习C/C++知识点有所帮助。

本文主要向大家介绍了C/C++知识点之elf文件解析,通过具体的内容向大家展示,希望对大家学习C/C++知识点有所帮助。

C/C++知识点之elf文件解析

#!/usr/bin/env python#coding:utf-8import sys
import binascii'''
# 节区类型定义
/* sh_type */
#define SHT_NULL    0
#define SHT_PROGBITS    1
#define SHT_SYMTAB  2
#define SHT_STRTAB  3
#define SHT_RELA    4
#define SHT_HASH    5
#define SHT_DYNAMIC 6
#define SHT_NOTE    7
#define SHT_NOBITS  8
#define SHT_REL 9
#define SHT_SHLIB   10
#define SHT_DYNSYM  11
#define SHT_NUM 12
#define SHT_LOPROC  0x70000000
#define SHT_HIPROC  0x7fffffff
#define SHT_LOUSER  0x80000000
#define SHT_HIUSER  0xffffffff
#define SHT_MIPS_LIST   0x70000000
#define SHT_MIPS_CONFLICT   0x70000002
#define SHT_MIPS_GPTAB  0x70000003
#define SHT_MIPS_UCODE  0x70000004
'''SH_TYPE_MAP_LIST = {0:'SHT_NULL',                    1:'SHT_PROGBITS',                    2:'SHT_SYMTAB',                    3:'SHT_STRTAB',                    4:'SHT_RELA',                    5:'SHT_HASH',                    6:'SHT_DYNAMIC',                    7:'SHT_NOTE',                    8:'SHT_NOBITS',                    9:'SHT_REL',                    10:'SHT_SHLIB',                    11:'SHT_DYNSYM',                    # 0x60000000:'SHT_LOOS',                    # 0x6fffffff:'SHT_HIOS',                    0x70000000:'SHT_LOPROC',                    0x7FFFFFFF:'SHT_HIPROC',                    0x80000000:'SHT_LOUSER',                    0x8FFFFFFF:'SHT_HIUSER',                    0x70000000:'SHT_MIPS_LIST',                    0x70000002:'SHT_MIPS_CONFLICT',                    0x70000003:'SHT_MIPS_GPTAB',                    0x70000004:'SHT_MIPS_UCODE',
                    }

PT_TYPE_MAP_LIST = {    0:'NULL',    1:'LOAD',    2:'DYNAMIC',    3:'INTERP',    4:'NOTE',    5:'SHLIB',    6:'PHDR',    7:'TLS',    0x70000000:'LOPROC',    0x70000001:'HIPROC',    0x6474E551:'GNU_STACK',    0x6474E552:'GNU_RELRO',
}'''
Elf32_Dyn.d_tag
'''DYNAMIC_TYPE = {    0: 'NULL',    1: 'NEEDED',    2: 'PLTRELSZ',    3: 'PLTGOT',    4: 'HASH',    5: 'STRTAB',    6: 'SYMTAB',    7: 'RELA',    8: 'RELASZ',    9: 'RELAENT',    10: 'STRSZ',    11: 'SYMENT',    12: 'INIT',    13: 'FINIT',    14: 'SONAME',    15: 'RPATH',    16: 'SYMBOLIC',    17: 'REL',    18: 'RELSZ',    19: 'RELENT',    20: 'PLTREL',    21: 'DEBUG',    22: 'TEXTREL',    23: 'JMPREL',    26: 'FINIT_ARRAY',    28: 'FINIT_ARRAYSZ',    25: 'INIT_ARRAY',    27: 'INIT_ARRAYSZ',    30: 'FLAGS',    0x6FFFFFFA: 'RELCOUNT',    0x6FFFFFFB: 'FLAGS_1',    0x70000000: 'LOPROC',    0x7fffffff: 'HIPROC',    0x70000001: 'MIPS_RLD_VERSION',    0x70000002: 'MIPS_TIME_STAMP',    0x70000003: 'MIPS_ICHECKSUM',    0x70000004: 'MIPS_IVERSION',    0x70000005: 'MIPS_FLAGS',    0x70000006: 'MIPS_BASE_ADDRESS',    0x70000008: 'MIPS_CONFLICT',    0x70000009: 'MIPS_LIBLIST',    0x7000000a: 'MIPS_LOCAL_GOTNO',    0x7000000b: 'MIPS_CONFLICTNO',    0x70000010: 'MIPS_LIBLISTNO',    0x70000011: 'MIPS_SYMTABNO',    0x70000012: 'MIPS_UNREFEXTNO',    0x70000013: 'MIPS_GOTSYM',    0x70000014: 'MIPS_HIPAGENO',    0x70000016: 'MIPS_RLD_MAP',

}'''
typedef struct elf32_hdr{
  unsigned char e_ident[EI_NIDENT];
  Elf32_Half    e_type;
  Elf32_Half    e_machine;
  Elf32_Word    e_version;
  Elf32_Addr    e_entry;  /* Entry point */
  Elf32_Off e_phoff;
  Elf32_Off e_shoff;
  Elf32_Word    e_flags;
  Elf32_Half    e_ehsize;
  Elf32_Half    e_phentsize;
  Elf32_Half    e_phnum;
  Elf32_Half    e_shentsize;
  Elf32_Half    e_shnum;
  Elf32_Half    e_shstrndx;
} Elf32_Ehdr;
'''class Elf32_Ehdr(object):    """"""docstring for Elf32_Ehdr""""""    def __init__(self):        super(Elf32_Ehdr, self).__init__()        self.e_ident = None        self.e_type = None        self.e_machine = None        self.e_version = None        self.e_entry = None        self.e_phoff = None        self.e_shoff = None        self.e_flags = None        self.e_ehsize = None        self.e_phentsize = None        self.e_phnum = None        self.e_shentsize = None        self.e_shnum = None        self.e_shstrndx = Noneclass e_ident(object):    """"""docstring for e_ident""""""    def __init__(self):        super(e_ident, self).__init__()        self.file_identification = None        self.ei_class = None        self.ei_data = None        self.ei_version = None        self.ei_osabi = None        self.ei_abiversion = None        self.ei_pad = None        self.ei_nident = None    def __str__(self):        return 'e_ident=[file_identification=%s, ei_class=%d, ei_data=%d, ei_version=%d, ei_osabi=%d, ei_abiversion=%d, ei_pad=%s, ei_nident=%d]' % (        self.file_identification, self.ei_class, self.ei_data, self.ei_version, self.ei_osabi, self.ei_abiversion, self.ei_pad, self.ei_nident)class Elf32_Shdr(object):    """"""docstring for Elf32_Shdr""""""    def __init__(self):        super(Elf32_Shdr, self).__init__()        '''
        typedef struct Elf32_Shdr {
          Elf32_Word    sh_name;
          Elf32_Word    sh_type;
          Elf32_Word    sh_flags;
          Elf32_Addr    sh_addr;
          Elf32_Off sh_offset;
          Elf32_Word    sh_size;
          Elf32_Word    sh_link;
          Elf32_Word    sh_info;
          Elf32_Word    sh_addralign;
          Elf32_Word    sh_entsize;
        } Elf32_Shdr;
        '''        self.sh_name = None        self.sh_type = None        self.sh_flags = None        self.sh_addr = None        self.sh_offset = None        self.size = None        self.sh_link = None        self.sh_addralign = None        self.sh_entsize = None        self.section_name = None    def __str__(self):        return 'Elf32_Shdr=[sh_name=%s, sh_type=%d, sh_flags=%d, sh_addr=%s, sh_sh_offset=%s, sh_size=%d, sh_link=%d, sh_info=%d, sh_addralign=%d, sh_entsize=%d]' % \
               (hex(self.sh_name), self.sh_type, self.sh_flags, hex(self.sh_addr), hex(self.sh_offset), self.sh_size, self.sh_link, self.sh_info, self.sh_addralign, self.sh_entsize)class Elf32_Sym(object):    """"""docstring for Elf32_Sym""""""    def __init__(self):        super(Elf32_Sym, self).__init__()        '''
        typedef struct elf32_sym{
          Elf32_Word    st_name;
          Elf32_Addr    st_value;
          Elf32_Word    st_size;
          unsigned char st_info;
          unsigned char st_other;
          Elf32_Half    st_shndx;
        } Elf32_Sym;
        '''        self.st_name = None        self.st_value = None        self.st_size = None        self.st_info = None        self.st_other = None        self.st_shndx = None        self.symbol_name = None    def __str__(self):        return 'Elf32_Dyn=[st_name=%s, st_value=%d, st_size=%d, st_info=%d, st_other=%d, st_shndx=%d] #%s' % \
               (self.st_name, self.st_value, self.st_size, self.st_info, self.st_other, self.st_shndx, self.symbol_name)class Elf32_Phdr(object):    """"""docstring for Elf32_Phdr""""""    def __init__(self):        super(Elf32_Phdr, self).__init__()        '''
            /* 32-bit ELF base types. */
            typedef uint32_t Elf32_Addr;
            typedef uint16_t Elf32_Half;
            typedef uint32_t Elf32_Off;
            typedef int32_t  Elf32_Sword;
            typedef uint32_t Elf32_Word;
        '''        self.p_type = None # Elf32_Word        self.p_offset = None # Elf32_Off        self.p_vaddr = None # Elf32_Addr        self.p_paddr = None # Elf32_Addr        self.p_filesz = None # Elf32_word        self.p_memsz = None # Elf32_Word        self.p_flags = None # Elf32_Word        self.p_align = None # Elf32_Wordclass Elf32_Dyn(object):    """"""docstring for Elf32_dyn""""""    def __init__(self):        super(Elf32_Dyn, self).__init__()        '''
        typedef struct dynamic{
          Elf32_Sword d_tag;
          union{
            Elf32_Sword d_val;
            Elf32_Addr  d_ptr;
          } d_un;
        } Elf32_Dyn;
        '''        self.d_tag = None        self.d_un = None    def __str__(self):        return 'Elf32_Dyn=[d_tag=%d, d_un=%d]' % \
               (self.d_tag, self.d_un)class ELF(object):    """"""docstring for ELF""""""    def __init__(self, filepath):        super(ELF, self).__init__()        self.filepath = filepath        self.elf32_Ehdr = Elf32_Ehdr()        # section header table        self.sectionHeaderTable = []        # section name table        self.sectionNameTable = None        # program header table        self.programHeaderTable = []        # dynamic symbol table        self.symbolTable = []  # .dynsym        self.dynstrTable = None # .dynstr        # dynamic link table        self.dynamicLinkTable = [] # .dynamic        self.initELFHeader()        self.initSectionHeader()        self.initProgramHeader()        self.initSymbolTalbe()        self.initDynamicLinkTable()    def initELFHeader(self):
        f = open(self.filepath, ""rb"")        self.f = f        # unsigned char e_ident[EI_NIDENT];
        f.seek(0, 0)        self.elf32_Ehdr.e_ident = e_ident()        self.elf32_Ehdr.e_ident.file_identification = f.read(4)        self.elf32_Ehdr.e_ident.ei_class = int(binascii.b2a_hex(f.read(1)), 16)        self.elf32_Ehdr.e_ident.ei_data = int(binascii.b2a_hex(f.read(1)), 16)        self.elf32_Ehdr.e_ident.ei_version = int(binascii.b2a_hex(f.read(1)), 16)        self.elf32_Ehdr.e_ident.ei_osabi = int(binascii.b2a_hex(f.read(1)), 16)        self.elf32_Ehdr.e_ident.ei_abiversion = int(binascii.b2a_hex(f.read(1)), 16)        self.elf32_Ehdr.e_ident.ei_pad = binascii.b2a_hex(f.read(6))        self.elf32_Ehdr.e_ident.ei_nident = int(binascii.b2a_hex(f.read(1)), 16)        # Elf32_Half    e_type;
        f.seek(16, 0)        self.elf32_Ehdr.e_type = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_machine;
        f.seek(18, 0)        self.elf32_Ehdr.e_machine = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Word    e_version;
        f.seek(20, 0)        self.elf32_Ehdr.e_version = int(binascii.b2a_hex(f.read(4)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Addr    e_entry;
        f.seek(24, 0)        self.elf32_Ehdr.e_entry = int(binascii.b2a_hex(f.read(4)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Off e_phoff;
        f.seek(28, 0)        self.elf32_Ehdr.e_phoff = int(binascii.b2a_hex(f.read(4)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Off e_shoff;
        f.seek(32, 0)        self.elf32_Ehdr.e_shoff = int(binascii.b2a_hex(f.read(4)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Word    e_flags;
        f.seek(36, 0)        self.elf32_Ehdr.e_flags = int(binascii.b2a_hex(f.read(4)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_ehsize;
        f.seek(40, 0)        self.elf32_Ehdr.e_ehsize = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_phentsize;
        f.seek(42, 0)        self.elf32_Ehdr.e_phentsize = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_phnum;
        f.seek(44, 0)        self.elf32_Ehdr.e_phnum = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_shentsize;
        f.seek(46, 0)        self.elf32_Ehdr.e_shentsize = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_shnum;
        f.seek(48, 0)        self.elf32_Ehdr.e_shnum = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), 16)        # Elf32_Half    e_shstrndx;
        f.seek(50, 0)        self.elf32_Ehdr.e_shstrndx = int(binascii.b2a_hex(f.read(2)).decode('hex')[::-1].encode('hex'), <sp"

本文由职坐标整理并发布,希望对同学们有所帮助。了解更多详情请关注职坐标编程语言C/C+频道!

本文由 @小标 发布于职坐标。未经许可,禁止转载。
喜欢 | 0 不喜欢 | 0
看完这篇文章有何感觉?已经有0人表态,0%的人喜欢 快给朋友分享吧~
评论(0)
后参与评论

您输入的评论内容中包含违禁敏感词

我知道了

助您圆梦职场 匹配合适岗位
验证码手机号,获得海同独家IT培训资料
选择就业方向:
人工智能物联网
大数据开发/分析
人工智能Python
Java全栈开发
WEB前端+H5

请输入正确的手机号码

请输入正确的验证码

获取验证码

您今天的短信下发次数太多了,明天再试试吧!

提交

我们会在第一时间安排职业规划师联系您!

您也可以联系我们的职业规划师咨询:

小职老师的微信号:z_zhizuobiao
小职老师的微信号:z_zhizuobiao

版权所有 职坐标-一站式IT培训就业服务领导者 沪ICP备13042190号-4
上海海同信息科技有限公司 Copyright ©2015 www.zhizuobiao.com,All Rights Reserved.
 沪公网安备 31011502005948号    

©2015 www.zhizuobiao.com All Rights Reserved

208小时内训课程