ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked (uses shared libs), stripped
但是当我尝试反汇编文件时,我得到的是:
mipsel-unknown-linux-gnu-objdump: myelf: File format not recognized
我想运行或调试时遇到相同的错误。但是,如果我在MIPS汇编中编写了一个小程序(使用编辑器和mipsel-unknown-linux-gnu-as作为汇编器,使用mipsel-unknown-linux-gnu-ld作为链接器),我可以运行它并对其进行调试,因此确保问题来自myelf文件。实际上,我可以使用IDA分解myelf,但是我想在linux下使用gdb跟踪执行。
然后我做了一个readelf,这是mipsel-unknown-linux--u-readelf -a的输出myelf:
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: MIPS R3000
Version: 0x1
Entry point address: 0x400670
Start of program headers: 52 (bytes into file)
Start of section headers: 4132 (bytes into file)
Flags: 0x1007, noreorder, pic, cpic, o32, mips1
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 9
Size of section headers: 40 (bytes)
Number of section headers: 30
Section header string table index: 29
readelf: Error: Unable to read in 0x69737265 bytes of string table
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] <no-name> LOUSER+6f0fbdbf bdbfefbd bdbfef3b f286821 bfef4abd WAXxMSLOTxxxxxxxxop 1992146927 4022190063 3220159935
readelf: Warning: section 0: sh_link value of 1992146927 is larger than the number of sections
[ 1] <no-name> 09bdbfef: <unkn bfefbdbf bfef58bd ef3d6ebd ef5d6e20 WAXxSILOGTxxxxxxxop 3220159935 3220134333 1483756221
readelf: Warning: section 1: sh_link value of 3220159935 is larger than the number of sections
[ 2] <no-name> LOUSER+3dbfefbd bfef1257 ef1e67bd bfefbdbf efbdbfef WAXIOGTxxxxxxxxop 3183472573 1589493743 3183472479
readelf: Warning: section 2: sh_link value of 3183472573 is larger than the number of sections
[ 3] <no-name> LOUSER+3fefbdbf bfef35bd bfef51bd bfef07bd bdbfef38 WXxMSLOGxxxxxxop 4017489853 1393212863 498974703
readelf: Warning: section 3: sh_link value of 4017489853 is larger than the number of sections
[ 4] <no-name> LOUSER+3dbfef7c 25bdbfef 44bdbfef efbdbfef efbdbfef WAXOGTxxxxxxxxop 4013997503 4014390719 1532607935
readelf: Warning: section 4: sh_link value of 4013997503 is larger than the number of sections
[ 5] <no-name> LOUSER+6f17bdbf bfef1fbd ef3d6dbd 2b4ebdbf ef3a332c WAXxMSLOTxxxxxxxxop 700301295 3183472475 3183472441
readelf: Warning: section 5: sh_link value of 700301295 is larger than the number of sections
[ 6] <no-name> LOUSER+6f15bdbf ef0f15bd bfefbdbf bdbfefbd bfef4e90 WAXxMSLOTxxxxxxxxop 3220132880 3220113853 3661197501
readelf: Warning: section 6: sh_link value of 3220132880 is larger than the number of sections
[ 7] <no-name> LOUSER+6f1c2e62 64bdbfef 4a3d369 ef603c51 ef40bdbf WAXxMSLOTxxxxxxop 1366867391 700301295 4011659522
readelf: Warning: section 7: sh_link value of 1366867391 is larger than the number of sections
[ 8] <no-name> 4c2cbdbf: <unkn bdbfefbd bfef3c4f ef476cbd ef1d10bd AXMSIOGTxxxxxxop 386514367 3183472428 3220142970
readelf: Warning: section 8: sh_link value of 386514367 is larger than the number of sections
[ 9] <no-name> LOUSER+24c2bdbf 42781f57 efb4a5e5 bfefbdbf 716bdbf WAXxSILOGTxxxxxxxop 3183472573 4012516894 4016422335
readelf: Warning: section 9: sh_link value of 3183472573 is larger than the number of sections
[10] <no-name> LOUSER+3fefbdbf 476e0abd 18bdbfef bdbfef32 4bdbfef WXxMSLGxxxxxxop 3183472447 4022190063 525516223
readelf: Warning: section 10: sh_link value of 3183472447 is larger than the number of sections
[11] <no-name> LOUSER+3dbfef0f bdbfef35 ef5a2137 5415bdbf efbdbfef AMIOGTxxxxxxxxop 3220117023 3183472573 3183472496
readelf: Warning: section 11: sh_link value of 3220117023 is larger than the number of sections
[12] <no-name> LOUSER+3dbfefbd 80dc78ae efbdbfef bfefbdbf bdbfefbd AXxTxxxop 3220115133 4015879101 3220159935
readelf: Warning: section 12: sh_link value of 3220115133 is larger than the number of sections
[13] <no-name> LOUSER+3dbfef4a cf6622bd bdbfef89 77bdbfef ef714abd WASIOTxxxxxop 3220122624 3220140989 3220129981
readelf: Warning: section 13: sh_link value of 3220122624 is larger than the number of sections
[14] <no-name> LOUSER+6f202b35 5b1a78bd efbdbfef bfefbdbf ef37bdbf WAXxMSLOTxxxxxxxxop 3183472573 3183472489 4022190063
readelf: Warning: section 14: sh_link value of 3183472573 is larger than the number of sections
[15] <no-name> 2a0e3fbd: <unkn efbdbfef ef3abdbf ef15bdbf bfefbdbf WxOGTxxxxxxxxop 4013014463 4012883391 4014063039
readelf: Warning: section 15: sh_link value of 4013014463 is larger than the number of sections
[16] <no-name> LOUSER+6fbdbfef bfefbdbf bdbfefbd 3fbdbfef ef0961bd WAXxMSLOTxxxxxxop 1899399115 3183472494 3220112411
readelf: Warning: section 16: sh_link value of 1899399115 is larger than the number of sections
[17] <no-name> 185a7404: <unkn 0038bdbf 4abdbfef bdbfef09 9631ebd WAXxMSOGxxxxop 985513967 4010489125 3220159935
readelf: Warning: section 17: sh_link value of 985513967 is larger than the number of sections
[18] <no-name> LOUSER+6fa4db38 00bdbfef 000000 000000 bfef0000 WAXxMSLOTxxxxxop 0 0 0
[19] <no-name> 410c3000: <unkn 00000000 000000 bdbfef00 7000400b 4009771013 1074249151 3183472384
readelf: Warning: section 19: sh_link value of 4009771013 is larger than the number of sections
[20] <no-name> 0000400b: <unkn ef00400b 4009bdbf 400b4000 00 p 1074475008 1074470912 1074466816
readelf: Warning: section 20: sh_link value of 1074475008 is larger than the number of sections
[21] <no-name> LOUSER+3dbfef00 0000400b ef000000 4007bdbf bdbfefbd Wxx 117440512 4022190063 3220159935
readelf: Warning: section 21: sh_link value of 117440512 is larger than the number of sections
[22] <no-name> NULL 1d000000 1f000000 ef000000 bfefbdbf p 1074314687 0 4022190063
readelf: Warning: section 22: sh_link value of 1074314687 is larger than the number of sections
[23] <no-name> 00bdbfef: <unkn 20000000 1d000000 1f000000 00 4009754624 1074380223 0
readelf: Warning: section 23: sh_link value of 4009754624 is larger than the number of sections
[24] <no-name> NULL 00001d00 001f00 bdbfef00 efbdbfef 16393 3220127488 3183472573
readelf: Warning: section 24: sh_link value of 16393 is larger than the number of sections
[25] <no-name> 000000bd: <unkn 00003800 001d00 001f00 2e34206e 1128482560 1143480378 1634296421
readelf: Warning: section 25: sh_link value of 1128482560 is larger than the number of sections
[26] <no-name> 34202938: <unkn 000f4100 6e670000 7010075 626174 AXxSTxxxxxop 67108864 1932394497 1920234344
readelf: Warning: section 26: sh_link value of 67108864 is larger than the number of sections
[27] <no-name> 00707265: <unkn 42412e65 61742d49 722e0067 756e672e AXxSGTxxxxxxxop 1852401509 771780454 1702129518
readelf: Warning: section 27: sh_link value of 1852401509 is larger than the number of sections
[28] <no-name> LOOS+92d646c 6d616e79 2e006369 68736168 7274736e XSIxxxop 2036608512 1836675950 2036608512
readelf: Warning: section 28: sh_link value of 2036608512 is larger than the number of sections
[29] <no-name> LOOS+5762e75 672e006e 762e756e 69737265 74786574 AMSIOGxxxxxop 1918856815 1852386816 771781737
readelf: Warning: section 29: sh_link value of 1918856815 is larger than the number of sections
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
There are no section groups in this file.
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000034 0x00400034 0x00400034 0x00120 0x00120 R E 0x4
INTERP 0x000154 0x00400154 0x00400154 0x0000a 0x0000a R 0x1
[Requesting program interpreter: ]
REGINFO 0x1bdbfef 0xbfef0000 0x004001bd 0x1bdbfef 0x180040 0x40000
<unknown>: 400 0x010000 0x00000000 0x00000000 0x00040 0xc300040 0x50000
NULL 0x010001 0x0c300000 0x0c300000 0xc300041 0x2400041 0x60000
NULL 0x020001 0xbfef0000 0x000001bd 0x1bdbfef 0xbfef0040 R E 0xbdbfef
<unknown>: bfe 0x0000bd 0x00000007 0x00000004 0x00004 0x00164 R 0x400164
<unknown>: 20 0x000020 0x00000004 0x00000004 0x00004 0x1bdbfef 0x4001bd
<unknown>: 1bd 0x240040 0x00240000 0x00040000 0x40000 0x00000 0
There is no dynamic section in this file.
There are no relocations in this file.
The decoding of unwind sections for machine type MIPS R3000 is not currently supported.
No version information found in this file.
由于这是一所有关逆向工程的学校的项目,因此elf文件可能已损坏或未损坏。我不知道问题可能来自何处。您可以从此链接下载myelf文件。谢谢。
有人遇到这种错误或任何建议吗?
#1 楼
该文件是完全有效的ELF,但您的工具链存在问题。应检查其设置的正确性。
此外,如果您没有硬件,则可以使用qemu运行它。
还可以尝试使用原住民的工具链。
readelf的输出应如下:
mips-unknown-nto-qnx6.5.0-readelf -a ~/Downloads/myelf
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: MIPS R3000
Version: 0x1
Entry point address: 0x400670
Start of program headers: 52 (bytes into file)
Start of section headers: 4132 (bytes into file)
Flags: 0x1007, noreorder, pic, cpic, o32, mips1
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 9
Size of section headers: 40 (bytes)
Number of section headers: 30
Section header string table index: 29
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .interp PROGBITS 00400154 000154 00000d 00 A 0 0 1
[ 2] .note.ABI-tag NOTE 00400164 000164 000020 00 A 0 0 4
[ 3] .reginfo MIPS_REGINFO 00400184 000184 000018 18 A 0 0 4
[ 4] .note.gnu.build-i NOTE 0040019c 00019c 000024 00 A 0 0 4
[ 5] .dynamic DYNAMIC 004001c0 0001c0 0000d8 08 A 8 0 4
[ 6] .hash HASH 00400298 000298 0000a4 04 A 7 0 4
[ 7] .dynsym DYNSYM 0040033c 00033c 000160 10 A 8 1 4
[ 8] .dynstr STRTAB 0040049c 00049c 0000df 00 A 0 0 1
[ 9] .gnu.version VERSYM 0040057c 00057c 00002c 02 A 7 0 2
[10] .gnu.version_r VERNEED 004005a8 0005a8 000030 00 A 8 1 4
[11] .init PROGBITS 004005d8 0005d8 000090 00 AX 0 0 4
[12] .text PROGBITS 00400670 000670 000490 00 AX 0 0 16
[13] .MIPS.stubs PROGBITS 00400b00 000b00 0000a0 00 AX 0 0 4
[14] .fini PROGBITS 00400ba0 000ba0 00004c 00 AX 0 0 4
[15] .rodata PROGBITS 00400bec 000bec 000040 00 A 0 0 4
[16] .eh_frame PROGBITS 00400c2c 000c2c 000004 00 A 0 0 4
[17] .ctors PROGBITS 00410c30 000c30 00000c 00 WA 0 0 4
[18] .dtors PROGBITS 00410c3c 000c3c 000008 00 WA 0 0 4
[19] .jcr PROGBITS 00410c44 000c44 000004 00 WA 0 0 4
[20] .data PROGBITS 00410c50 000c50 0001b0 00 WA 0 0 16
[21] .rld_map PROGBITS 00410e00 000e00 000004 00 WA 0 0 4
[22] .got PROGBITS 00410e10 000e10 00005c 04 WAp 0 0 16
[23] .sdata PROGBITS 00410e6c 000e6c 000004 00 WAp 0 0 4
[24] .bss NOBITS 00410e70 000e70 000010 00 WA 0 0 16
[25] .pdr PROGBITS 00000000 000e70 000080 00 0 0 4
[26] .comment PROGBITS 00000000 000ef0 00001c 01 MS 0 0 1
[27] .gnu.attributes LOOS+ffffff5 00000000 000f0c 000010 00 0 0 1
[28] .mdebug.abi32 PROGBITS 00000070 000f1c 000000 00 0 0 1
[29] .shstrtab STRTAB 00000000 000f1c 000107 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
There are no section groups in this file.
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000034 0x00400034 0x00400034 0x00120 0x00120 R E 0x4
INTERP 0x000154 0x00400154 0x00400154 0x0000d 0x0000d R 0x1
[Requesting program interpreter: /lib/ld.so.1]
REGINFO 0x000184 0x00400184 0x00400184 0x00018 0x00018 R 0x4
LOAD 0x000000 0x00400000 0x00400000 0x00c30 0x00c30 R E 0x10000
LOAD 0x000c30 0x00410c30 0x00410c30 0x00240 0x00250 RW 0x10000
DYNAMIC 0x0001c0 0x004001c0 0x004001c0 0x000d8 0x000d8 RWE 0x4
NOTE 0x000164 0x00400164 0x00400164 0x00020 0x00020 R 0x4
NOTE 0x00019c 0x0040019c 0x0040019c 0x00024 0x00024 R 0x4
NULL 0x000000 0x00000000 0x00000000 0x00000 0x00000 0x4
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .reginfo
03 .interp .note.ABI-tag .reginfo .note.gnu.build-id .dynamic .hash .dynsym .dynstr .gnu.version .gnu.version_r .init .text .MIPS.stubs .fini .rodata .eh_frame
04 .ctors .dtors .jcr .data .rld_map .got .sdata .bss
05 .dynamic
06 .note.ABI-tag
07 .note.gnu.build-id
08
Dynamic section at offset 0x1c0 contains 22 entries:
Tag Type Name/Value
0x00000001 (NEEDED) Shared library: [libc.so.6]
0x0000000c (INIT) 0x4005d8
0x0000000d (FINI) 0x400ba0
0x00000004 (HASH) 0x400298
0x00000005 (STRTAB) 0x40049c
0x00000006 (SYMTAB) 0x40033c
0x0000000a (STRSZ) 223 (bytes)
0x0000000b (SYMENT) 16 (bytes)
0x70000016 (MIPS_RLD_MAP) 0x410e00
0x00000015 (DEBUG) 0x0
0x00000003 (PLTGOT) 0x410e10
0x70000001 (MIPS_RLD_VERSION) 1
0x70000005 (MIPS_FLAGS) NOTPOT
0x70000006 (MIPS_BASE_ADDRESS) 0x400000
0x7000000a (MIPS_LOCAL_GOTNO) 7
0x70000011 (MIPS_SYMTABNO) 22
0x70000012 (MIPS_UNREFEXTNO) 29
0x70000013 (MIPS_GOTSYM) 0x6
0x6ffffffe (VERNEED) 0x4005a8
0x6fffffff (VERNEEDNUM) 1
0x6ffffff0 (VERSYM) 0x40057c
0x00000000 (NULL) 0x0
There are no relocations in this file.
There are no unwind sections in this file.
Symbol table '.dynsym' contains 22 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
1: 00000001 0 SECTION GLOBAL DEFAULT ABS _DYNAMIC_LINKING
2: 00400bec 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used
3: 00000000 0 OBJECT WEAK DEFAULT UND environ@GLIBC_2.0 (2)
4: 00000000 0 OBJECT WEAK DEFAULT UND _environ@GLIBC_2.0 (2)
5: 00410e00 0 OBJECT GLOBAL DEFAULT 21 __RLD_MAP
6: 004005d8 0 FUNC GLOBAL DEFAULT 11 _init
7: 004007b0 320 FUNC GLOBAL DEFAULT 12 main
8: 00400b80 0 FUNC GLOBAL DEFAULT UND exit@GLIBC_2.0 (2)
9: 00400b70 0 FUNC GLOBAL DEFAULT UND cbc_crypt@GLIBC_2.2 (3)
10: 00400b60 0 FUNC GLOBAL DEFAULT UND munmap@GLIBC_2.0 (2)
11: 00000000 0 OBJECT GLOBAL DEFAULT UND __environ@GLIBC_2.0 (2)
12: 00400b50 0 FUNC GLOBAL DEFAULT UND puts@GLIBC_2.0 (2)
13: 004009e8 176 FUNC GLOBAL DEFAULT 12 __libc_csu_init
14: 00400b40 0 FUNC GLOBAL DEFAULT UND memcpy@GLIBC_2.0 (2)
15: 00400b30 0 FUNC GLOBAL DEFAULT UND mprotect@GLIBC_2.0 (2)
16: 00400b20 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2)
17: 00400b10 0 FUNC GLOBAL DEFAULT UND ptrace@GLIBC_2.0 (2)
18: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses
19: 00000000 0 FUNC WEAK DEFAULT UND __gmon_start__
20: 004009e0 8 FUNC GLOBAL DEFAULT 12 __libc_csu_fini
21: 00400b00 0 FUNC GLOBAL DEFAULT UND mmap@GLIBC_2.0 (2)
Histogram for bucket list length (total of 17 buckets):
Length Number % of total Coverage
0 5 ( 29.4%)
1 7 ( 41.2%) 33.3%
2 3 ( 17.6%) 61.9%
3 1 ( 5.9%) 76.2%
4 0 ( 0.0%) 76.2%
5 1 ( 5.9%) 100.0%
Version symbols section '.gnu.version' contains 22 entries:
Addr: 000000000040057c Offset: 0x00057c Link: 7 (.dynsym)
000: 0 (*local*) 1 (*global*) 1 (*global*) 2 (GLIBC_2.0)
004: 2 (GLIBC_2.0) 1 (*global*) 1 (*global*) 1 (*global*)
008: 2 (GLIBC_2.0) 3 (GLIBC_2.2) 2 (GLIBC_2.0) 2 (GLIBC_2.0)
00c: 2 (GLIBC_2.0) 1 (*global*) 2 (GLIBC_2.0) 2 (GLIBC_2.0)
010: 2 (GLIBC_2.0) 2 (GLIBC_2.0) 0 (*local*) 0 (*local*)
014: 1 (*global*) 2 (GLIBC_2.0)
Version needs section '.gnu.version_r' contains 1 entries:
Addr: 0x00000000004005a8 Offset: 0x0005a8 Link: 8 (.dynstr)
000000: Version: 1 File: libc.so.6 Cnt: 2
0x0010: Name: GLIBC_2.2 Flags: none Version: 3
0x0020: Name: GLIBC_2.0 Flags: none Version: 2
Notes at offset 0x00000164 with length 0x00000020:
Owner Data size Description
GNU 0x00000010 NT_GNU_ABI_TAG (ABI version tag)
Notes at offset 0x0000019c with length 0x00000024:
Owner Data size Description
GNU 0x00000014 NT_GNU_BUILD_ID (unique build ID bitstring)
Attribute Section: gnu
File Attributes
Tag_GNU_MIPS_ABI_FP: Hard float (-mdouble-float)
Primary GOT:
Canonical gp value: 00418e00
Reserved entries:
Address Access Initial Purpose
00410e10 -32752(gp) 00000000 Lazy resolver
00410e14 -32748(gp) 80000000 Module pointer (GNU extension)
Local entries:
Address Access Initial
00410e18 -32744(gp) 00400000
00410e1c -32740(gp) 00410c30
00410e20 -32736(gp) 00000000
00410e24 -32732(gp) 00000000
00410e28 -32728(gp) 00000000
Global entries:
Address Access Initial Sym.Val. Type Ndx Name
00410e2c -32724(gp) 004005d8 004005d8 FUNC 11 _init
00410e30 -32720(gp) 004007b0 004007b0 FUNC 12 main
00410e34 -32716(gp) 00400b80 00400b80 FUNC UND exit
00410e38 -32712(gp) 00400b70 00400b70 FUNC UND cbc_crypt
00410e3c -32708(gp) 00400b60 00400b60 FUNC UND munmap
00410e40 -32704(gp) 00000000 00000000 OBJECT UND __environ
00410e44 -32700(gp) 00400b50 00400b50 FUNC UND puts
00410e48 -32696(gp) 004009e8 004009e8 FUNC 12 __libc_csu_init
00410e4c -32692(gp) 00400b40 00400b40 FUNC UND memcpy
00410e50 -32688(gp) 00400b30 00400b30 FUNC UND mprotect
00410e54 -32684(gp) 00400b20 00400b20 FUNC UND __libc_start_main
00410e58 -32680(gp) 00400b10 00400b10 FUNC UND ptrace
00410e5c -32676(gp) 00000000 00000000 NOTYPE UND _Jv_RegisterClasses
00410e60 -32672(gp) 00000000 00000000 FUNC UND __gmon_start__
00410e64 -32668(gp) 004009e0 004009e0 FUNC 12 __libc_csu_fini
00410e68 -32664(gp) 00400b00 00400b00 FUNC UND mmap
评论
好的,谢谢,我将尝试使用qemu进行操作。祝你今天愉快。
–creuchmeuch
15年4月7日在15:21
评论
这里缺少一些信息。您没有MIPS硬件,但是能够在MIPS程序集中编写一个小程序并运行它?无论如何,如果问题中包含指向文件X的链接,则基本上是“文件X有什么问题”的问题更有可能得到回答。谢谢,您是对的,我在问题的末尾添加了链接文件以及有关mipsel-unknown-linux-gnu工具链的信息。