所以我想反汇编,然后第一次运行MIPS elf文件。由于我没有MIPS硬件,因此我使用的是mipsel-unknown-linux-gnu工具链。命令文件myelf的输出是:

ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked (uses shared libs), stripped


但是当我尝试反汇编文件时,我得到的是:

mipsel-unknown-linux-gnu-objdump: myelf: File format not recognized


我想运行或调试时遇到相同的错误。但是,如果我在MIPS汇编中编写了一个小程序(使用编辑器和mipsel-unknown-linux-gnu-as作为汇编器,使用mipsel-unknown-linux-gnu-ld作为链接器),我可以运行它并对其进行调试,因此确保问题来自myelf文件。实际上,我可以使用IDA分解myelf,但是我想在linux下使用gdb跟踪执行。

然后我做了一个readelf,这是mipsel-unknown-linux--u-readelf -a的输出myelf:

ELF Header:
  Magic:   7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF32
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           MIPS R3000
  Version:                           0x1
  Entry point address:               0x400670
  Start of program headers:          52 (bytes into file)
  Start of section headers:          4132 (bytes into file)
  Flags:                             0x1007, noreorder, pic, cpic, o32, mips1
  Size of this header:               52 (bytes)
  Size of program headers:           32 (bytes)
  Number of program headers:         9
  Size of section headers:           40 (bytes)
  Number of section headers:         30
  Section header string table index: 29
readelf: Error: Unable to read in 0x69737265 bytes of string table

Section Headers:
  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
  [ 0] <no-name>         LOUSER+6f0fbdbf bdbfefbd bdbfef3b f286821 bfef4abd WAXxMSLOTxxxxxxxxop 1992146927 4022190063 3220159935
readelf: Warning: section 0: sh_link value of 1992146927 is larger than the number of sections
  [ 1] <no-name>         09bdbfef: <unkn bfefbdbf bfef58bd ef3d6ebd ef5d6e20 WAXxSILOGTxxxxxxxop 3220159935 3220134333 1483756221
readelf: Warning: section 1: sh_link value of 3220159935 is larger than the number of sections
  [ 2] <no-name>         LOUSER+3dbfefbd bfef1257 ef1e67bd bfefbdbf efbdbfef WAXIOGTxxxxxxxxop 3183472573 1589493743 3183472479
readelf: Warning: section 2: sh_link value of 3183472573 is larger than the number of sections
  [ 3] <no-name>         LOUSER+3fefbdbf bfef35bd bfef51bd bfef07bd bdbfef38 WXxMSLOGxxxxxxop 4017489853 1393212863 498974703
readelf: Warning: section 3: sh_link value of 4017489853 is larger than the number of sections
  [ 4] <no-name>         LOUSER+3dbfef7c 25bdbfef 44bdbfef efbdbfef efbdbfef WAXOGTxxxxxxxxop 4013997503 4014390719 1532607935
readelf: Warning: section 4: sh_link value of 4013997503 is larger than the number of sections
  [ 5] <no-name>         LOUSER+6f17bdbf bfef1fbd ef3d6dbd 2b4ebdbf ef3a332c WAXxMSLOTxxxxxxxxop 700301295 3183472475 3183472441
readelf: Warning: section 5: sh_link value of 700301295 is larger than the number of sections
  [ 6] <no-name>         LOUSER+6f15bdbf ef0f15bd bfefbdbf bdbfefbd bfef4e90 WAXxMSLOTxxxxxxxxop 3220132880 3220113853 3661197501
readelf: Warning: section 6: sh_link value of 3220132880 is larger than the number of sections
  [ 7] <no-name>         LOUSER+6f1c2e62 64bdbfef 4a3d369 ef603c51 ef40bdbf WAXxMSLOTxxxxxxop 1366867391 700301295 4011659522
readelf: Warning: section 7: sh_link value of 1366867391 is larger than the number of sections
  [ 8] <no-name>         4c2cbdbf: <unkn bdbfefbd bfef3c4f ef476cbd ef1d10bd AXMSIOGTxxxxxxop 386514367 3183472428 3220142970
readelf: Warning: section 8: sh_link value of 386514367 is larger than the number of sections
  [ 9] <no-name>         LOUSER+24c2bdbf 42781f57 efb4a5e5 bfefbdbf 716bdbf WAXxSILOGTxxxxxxxop 3183472573 4012516894 4016422335
readelf: Warning: section 9: sh_link value of 3183472573 is larger than the number of sections
  [10] <no-name>         LOUSER+3fefbdbf 476e0abd 18bdbfef bdbfef32 4bdbfef WXxMSLGxxxxxxop 3183472447 4022190063 525516223
readelf: Warning: section 10: sh_link value of 3183472447 is larger than the number of sections
  [11] <no-name>         LOUSER+3dbfef0f bdbfef35 ef5a2137 5415bdbf efbdbfef AMIOGTxxxxxxxxop 3220117023 3183472573 3183472496
readelf: Warning: section 11: sh_link value of 3220117023 is larger than the number of sections
  [12] <no-name>         LOUSER+3dbfefbd 80dc78ae efbdbfef bfefbdbf bdbfefbd AXxTxxxop 3220115133 4015879101 3220159935
readelf: Warning: section 12: sh_link value of 3220115133 is larger than the number of sections
  [13] <no-name>         LOUSER+3dbfef4a cf6622bd bdbfef89 77bdbfef ef714abd WASIOTxxxxxop 3220122624 3220140989 3220129981
readelf: Warning: section 13: sh_link value of 3220122624 is larger than the number of sections
  [14] <no-name>         LOUSER+6f202b35 5b1a78bd efbdbfef bfefbdbf ef37bdbf WAXxMSLOTxxxxxxxxop 3183472573 3183472489 4022190063
readelf: Warning: section 14: sh_link value of 3183472573 is larger than the number of sections
  [15] <no-name>         2a0e3fbd: <unkn efbdbfef ef3abdbf ef15bdbf bfefbdbf WxOGTxxxxxxxxop 4013014463 4012883391 4014063039
readelf: Warning: section 15: sh_link value of 4013014463 is larger than the number of sections
  [16] <no-name>         LOUSER+6fbdbfef bfefbdbf bdbfefbd 3fbdbfef ef0961bd WAXxMSLOTxxxxxxop 1899399115 3183472494 3220112411
readelf: Warning: section 16: sh_link value of 1899399115 is larger than the number of sections
  [17] <no-name>         185a7404: <unkn 0038bdbf 4abdbfef bdbfef09 9631ebd WAXxMSOGxxxxop 985513967 4010489125 3220159935
readelf: Warning: section 17: sh_link value of 985513967 is larger than the number of sections
  [18] <no-name>         LOUSER+6fa4db38 00bdbfef 000000 000000 bfef0000 WAXxMSLOTxxxxxop  0   0  0
  [19] <no-name>         410c3000: <unkn 00000000 000000 bdbfef00 7000400b     4009771013 1074249151 3183472384
readelf: Warning: section 19: sh_link value of 4009771013 is larger than the number of sections
  [20] <no-name>         0000400b: <unkn ef00400b 4009bdbf 400b4000 00   p 1074475008 1074470912 1074466816
readelf: Warning: section 20: sh_link value of 1074475008 is larger than the number of sections
  [21] <no-name>         LOUSER+3dbfef00 0000400b ef000000 4007bdbf bdbfefbd Wxx 117440512 4022190063 3220159935
readelf: Warning: section 21: sh_link value of 117440512 is larger than the number of sections
  [22] <no-name>         NULL            1d000000 1f000000 ef000000 bfefbdbf   p 1074314687   0 4022190063
readelf: Warning: section 22: sh_link value of 1074314687 is larger than the number of sections
  [23] <no-name>         00bdbfef: <unkn 20000000 1d000000 1f000000 00     4009754624 1074380223  0
readelf: Warning: section 23: sh_link value of 4009754624 is larger than the number of sections
  [24] <no-name>         NULL            00001d00 001f00 bdbfef00 efbdbfef     16393 3220127488 3183472573
readelf: Warning: section 24: sh_link value of 16393 is larger than the number of sections
  [25] <no-name>         000000bd: <unkn 00003800 001d00 001f00 2e34206e     1128482560 1143480378 1634296421
readelf: Warning: section 25: sh_link value of 1128482560 is larger than the number of sections
  [26] <no-name>         34202938: <unkn 000f4100 6e670000 7010075 626174 AXxSTxxxxxop 67108864 1932394497 1920234344
readelf: Warning: section 26: sh_link value of 67108864 is larger than the number of sections
  [27] <no-name>         00707265: <unkn 42412e65 61742d49 722e0067 756e672e AXxSGTxxxxxxxop 1852401509 771780454 1702129518
readelf: Warning: section 27: sh_link value of 1852401509 is larger than the number of sections
  [28] <no-name>         LOOS+92d646c    6d616e79 2e006369 68736168 7274736e XSIxxxop 2036608512 1836675950 2036608512
readelf: Warning: section 28: sh_link value of 2036608512 is larger than the number of sections
  [29] <no-name>         LOOS+5762e75    672e006e 762e756e 69737265 74786574 AMSIOGxxxxxop 1918856815 1852386816 771781737
readelf: Warning: section 29: sh_link value of 1918856815 is larger than the number of sections
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings)
  I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
  O (extra OS processing required) o (OS specific), p (processor specific)

There are no section groups in this file.

Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  PHDR           0x000034 0x00400034 0x00400034 0x00120 0x00120 R E 0x4
  INTERP         0x000154 0x00400154 0x00400154 0x0000a 0x0000a R   0x1
      [Requesting program interpreter: ]
  REGINFO        0x1bdbfef 0xbfef0000 0x004001bd 0x1bdbfef 0x180040     0x40000
  <unknown>: 400 0x010000 0x00000000 0x00000000 0x00040 0xc300040     0x50000
  NULL           0x010001 0x0c300000 0x0c300000 0xc300041 0x2400041     0x60000
  NULL           0x020001 0xbfef0000 0x000001bd 0x1bdbfef 0xbfef0040 R E 0xbdbfef
  <unknown>: bfe 0x0000bd 0x00000007 0x00000004 0x00004 0x00164 R   0x400164
  <unknown>: 20  0x000020 0x00000004 0x00000004 0x00004 0x1bdbfef     0x4001bd
  <unknown>: 1bd 0x240040 0x00240000 0x00040000 0x40000 0x00000     0

There is no dynamic section in this file.

There are no relocations in this file.

The decoding of unwind sections for machine type MIPS R3000 is not currently supported.

No version information found in this file.


由于这是一所有关逆向工程的学校的项目,因此elf文件可能已损坏或未损坏。我不知道问题可能来自何处。您可以从此链接下载myelf文件。谢谢。

有人遇到这种错误或任何建议吗?

评论

这里缺少一些信息。您没有MIPS硬件,但是能够在MIPS程序集中编写一个小程序并运行它?无论如何,如果问题中包含指向文件X的链接,则基本上是“文件X有什么问题”的问题更有可能得到回答。

谢谢,您是对的,我在问题的末尾添加了链接文件以及有关mipsel-unknown-linux-gnu工具链的信息。

#1 楼

该文件是完全有效的ELF,但您的工具链存在问题。
应检查其设置的正确性。

此外,如果您没有硬件,则可以使用qemu运行它。
还可以尝试使用原住民的工具链。

readelf的输出应如下:

mips-unknown-nto-qnx6.5.0-readelf -a ~/Downloads/myelf 
ELF Header:
  Magic:   7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF32
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           MIPS R3000
  Version:                           0x1
  Entry point address:               0x400670
  Start of program headers:          52 (bytes into file)
  Start of section headers:          4132 (bytes into file)
  Flags:                             0x1007, noreorder, pic, cpic, o32, mips1
  Size of this header:               52 (bytes)
  Size of program headers:           32 (bytes)
  Number of program headers:         9
  Size of section headers:           40 (bytes)
  Number of section headers:         30
  Section header string table index: 29

Section Headers:
  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
  [ 0]                   NULL            00000000 000000 000000 00      0   0  0
  [ 1] .interp           PROGBITS        00400154 000154 00000d 00   A  0   0  1
  [ 2] .note.ABI-tag     NOTE            00400164 000164 000020 00   A  0   0  4
  [ 3] .reginfo          MIPS_REGINFO    00400184 000184 000018 18   A  0   0  4
  [ 4] .note.gnu.build-i NOTE            0040019c 00019c 000024 00   A  0   0  4
  [ 5] .dynamic          DYNAMIC         004001c0 0001c0 0000d8 08   A  8   0  4
  [ 6] .hash             HASH            00400298 000298 0000a4 04   A  7   0  4
  [ 7] .dynsym           DYNSYM          0040033c 00033c 000160 10   A  8   1  4
  [ 8] .dynstr           STRTAB          0040049c 00049c 0000df 00   A  0   0  1
  [ 9] .gnu.version      VERSYM          0040057c 00057c 00002c 02   A  7   0  2
  [10] .gnu.version_r    VERNEED         004005a8 0005a8 000030 00   A  8   1  4
  [11] .init             PROGBITS        004005d8 0005d8 000090 00  AX  0   0  4
  [12] .text             PROGBITS        00400670 000670 000490 00  AX  0   0 16
  [13] .MIPS.stubs       PROGBITS        00400b00 000b00 0000a0 00  AX  0   0  4
  [14] .fini             PROGBITS        00400ba0 000ba0 00004c 00  AX  0   0  4
  [15] .rodata           PROGBITS        00400bec 000bec 000040 00   A  0   0  4
  [16] .eh_frame         PROGBITS        00400c2c 000c2c 000004 00   A  0   0  4
  [17] .ctors            PROGBITS        00410c30 000c30 00000c 00  WA  0   0  4
  [18] .dtors            PROGBITS        00410c3c 000c3c 000008 00  WA  0   0  4
  [19] .jcr              PROGBITS        00410c44 000c44 000004 00  WA  0   0  4
  [20] .data             PROGBITS        00410c50 000c50 0001b0 00  WA  0   0 16
  [21] .rld_map          PROGBITS        00410e00 000e00 000004 00  WA  0   0  4
  [22] .got              PROGBITS        00410e10 000e10 00005c 04 WAp  0   0 16
  [23] .sdata            PROGBITS        00410e6c 000e6c 000004 00 WAp  0   0  4
  [24] .bss              NOBITS          00410e70 000e70 000010 00  WA  0   0 16
  [25] .pdr              PROGBITS        00000000 000e70 000080 00      0   0  4
  [26] .comment          PROGBITS        00000000 000ef0 00001c 01  MS  0   0  1
  [27] .gnu.attributes   LOOS+ffffff5    00000000 000f0c 000010 00      0   0  1
  [28] .mdebug.abi32     PROGBITS        00000070 000f1c 000000 00      0   0  1
  [29] .shstrtab         STRTAB          00000000 000f1c 000107 00      0   0  1
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings)
  I (info), L (link order), G (group), x (unknown)
  O (extra OS processing required) o (OS specific), p (processor specific)

There are no section groups in this file.

Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  PHDR           0x000034 0x00400034 0x00400034 0x00120 0x00120 R E 0x4
  INTERP         0x000154 0x00400154 0x00400154 0x0000d 0x0000d R   0x1
      [Requesting program interpreter: /lib/ld.so.1]
  REGINFO        0x000184 0x00400184 0x00400184 0x00018 0x00018 R   0x4
  LOAD           0x000000 0x00400000 0x00400000 0x00c30 0x00c30 R E 0x10000
  LOAD           0x000c30 0x00410c30 0x00410c30 0x00240 0x00250 RW  0x10000
  DYNAMIC        0x0001c0 0x004001c0 0x004001c0 0x000d8 0x000d8 RWE 0x4
  NOTE           0x000164 0x00400164 0x00400164 0x00020 0x00020 R   0x4
  NOTE           0x00019c 0x0040019c 0x0040019c 0x00024 0x00024 R   0x4
  NULL           0x000000 0x00000000 0x00000000 0x00000 0x00000     0x4

 Section to Segment mapping:
  Segment Sections...
   00     
   01     .interp 
   02     .reginfo 
   03     .interp .note.ABI-tag .reginfo .note.gnu.build-id .dynamic .hash .dynsym .dynstr .gnu.version .gnu.version_r .init .text .MIPS.stubs .fini .rodata .eh_frame 
   04     .ctors .dtors .jcr .data .rld_map .got .sdata .bss 
   05     .dynamic 
   06     .note.ABI-tag 
   07     .note.gnu.build-id 
   08     

Dynamic section at offset 0x1c0 contains 22 entries:
  Tag        Type                         Name/Value
 0x00000001 (NEEDED)                     Shared library: [libc.so.6]
 0x0000000c (INIT)                       0x4005d8
 0x0000000d (FINI)                       0x400ba0
 0x00000004 (HASH)                       0x400298
 0x00000005 (STRTAB)                     0x40049c
 0x00000006 (SYMTAB)                     0x40033c
 0x0000000a (STRSZ)                      223 (bytes)
 0x0000000b (SYMENT)                     16 (bytes)
 0x70000016 (MIPS_RLD_MAP)               0x410e00
 0x00000015 (DEBUG)                      0x0
 0x00000003 (PLTGOT)                     0x410e10
 0x70000001 (MIPS_RLD_VERSION)           1
 0x70000005 (MIPS_FLAGS)                 NOTPOT
 0x70000006 (MIPS_BASE_ADDRESS)          0x400000
 0x7000000a (MIPS_LOCAL_GOTNO)           7
 0x70000011 (MIPS_SYMTABNO)              22
 0x70000012 (MIPS_UNREFEXTNO)            29
 0x70000013 (MIPS_GOTSYM)                0x6
 0x6ffffffe (VERNEED)                    0x4005a8
 0x6fffffff (VERNEEDNUM)                 1
 0x6ffffff0 (VERSYM)                     0x40057c
 0x00000000 (NULL)                       0x0

There are no relocations in this file.

There are no unwind sections in this file.

Symbol table '.dynsym' contains 22 entries:
   Num:    Value  Size Type    Bind   Vis      Ndx Name
     0: 00000000     0 NOTYPE  LOCAL  DEFAULT  UND 
     1: 00000001     0 SECTION GLOBAL DEFAULT  ABS _DYNAMIC_LINKING
     2: 00400bec     4 OBJECT  GLOBAL DEFAULT   15 _IO_stdin_used
     3: 00000000     0 OBJECT  WEAK   DEFAULT  UND environ@GLIBC_2.0 (2)
     4: 00000000     0 OBJECT  WEAK   DEFAULT  UND _environ@GLIBC_2.0 (2)
     5: 00410e00     0 OBJECT  GLOBAL DEFAULT   21 __RLD_MAP
     6: 004005d8     0 FUNC    GLOBAL DEFAULT   11 _init
     7: 004007b0   320 FUNC    GLOBAL DEFAULT   12 main
     8: 00400b80     0 FUNC    GLOBAL DEFAULT  UND exit@GLIBC_2.0 (2)
     9: 00400b70     0 FUNC    GLOBAL DEFAULT  UND cbc_crypt@GLIBC_2.2 (3)
    10: 00400b60     0 FUNC    GLOBAL DEFAULT  UND munmap@GLIBC_2.0 (2)
    11: 00000000     0 OBJECT  GLOBAL DEFAULT  UND __environ@GLIBC_2.0 (2)
    12: 00400b50     0 FUNC    GLOBAL DEFAULT  UND puts@GLIBC_2.0 (2)
    13: 004009e8   176 FUNC    GLOBAL DEFAULT   12 __libc_csu_init
    14: 00400b40     0 FUNC    GLOBAL DEFAULT  UND memcpy@GLIBC_2.0 (2)
    15: 00400b30     0 FUNC    GLOBAL DEFAULT  UND mprotect@GLIBC_2.0 (2)
    16: 00400b20     0 FUNC    GLOBAL DEFAULT  UND __libc_start_main@GLIBC_2.0 (2)
    17: 00400b10     0 FUNC    GLOBAL DEFAULT  UND ptrace@GLIBC_2.0 (2)
    18: 00000000     0 NOTYPE  WEAK   DEFAULT  UND _Jv_RegisterClasses
    19: 00000000     0 FUNC    WEAK   DEFAULT  UND __gmon_start__
    20: 004009e0     8 FUNC    GLOBAL DEFAULT   12 __libc_csu_fini
    21: 00400b00     0 FUNC    GLOBAL DEFAULT  UND mmap@GLIBC_2.0 (2)

Histogram for bucket list length (total of 17 buckets):
 Length  Number     % of total  Coverage
      0  5          ( 29.4%)
      1  7          ( 41.2%)     33.3%
      2  3          ( 17.6%)     61.9%
      3  1          (  5.9%)     76.2%
      4  0          (  0.0%)     76.2%
      5  1          (  5.9%)    100.0%

Version symbols section '.gnu.version' contains 22 entries:
 Addr: 000000000040057c  Offset: 0x00057c  Link: 7 (.dynsym)
  000:   0 (*local*)       1 (*global*)      1 (*global*)      2 (GLIBC_2.0)  
  004:   2 (GLIBC_2.0)     1 (*global*)      1 (*global*)      1 (*global*)   
  008:   2 (GLIBC_2.0)     3 (GLIBC_2.2)     2 (GLIBC_2.0)     2 (GLIBC_2.0)  
  00c:   2 (GLIBC_2.0)     1 (*global*)      2 (GLIBC_2.0)     2 (GLIBC_2.0)  
  010:   2 (GLIBC_2.0)     2 (GLIBC_2.0)     0 (*local*)       0 (*local*)    
  014:   1 (*global*)      2 (GLIBC_2.0)  

Version needs section '.gnu.version_r' contains 1 entries:
 Addr: 0x00000000004005a8  Offset: 0x0005a8  Link: 8 (.dynstr)
  000000: Version: 1  File: libc.so.6  Cnt: 2
  0x0010:   Name: GLIBC_2.2  Flags: none  Version: 3
  0x0020:   Name: GLIBC_2.0  Flags: none  Version: 2

Notes at offset 0x00000164 with length 0x00000020:
  Owner     Data size   Description
  GNU       0x00000010  NT_GNU_ABI_TAG (ABI version tag)

Notes at offset 0x0000019c with length 0x00000024:
  Owner     Data size   Description
  GNU       0x00000014  NT_GNU_BUILD_ID (unique build ID bitstring)
Attribute Section: gnu
File Attributes
  Tag_GNU_MIPS_ABI_FP: Hard float (-mdouble-float)

Primary GOT:
 Canonical gp value: 00418e00

 Reserved entries:
   Address     Access  Initial Purpose
  00410e10 -32752(gp) 00000000 Lazy resolver
  00410e14 -32748(gp) 80000000 Module pointer (GNU extension)

 Local entries:
   Address     Access  Initial
  00410e18 -32744(gp) 00400000
  00410e1c -32740(gp) 00410c30
  00410e20 -32736(gp) 00000000
  00410e24 -32732(gp) 00000000
  00410e28 -32728(gp) 00000000

 Global entries:
   Address     Access  Initial Sym.Val. Type    Ndx Name
  00410e2c -32724(gp) 004005d8 004005d8 FUNC     11 _init
  00410e30 -32720(gp) 004007b0 004007b0 FUNC     12 main
  00410e34 -32716(gp) 00400b80 00400b80 FUNC    UND exit
  00410e38 -32712(gp) 00400b70 00400b70 FUNC    UND cbc_crypt
  00410e3c -32708(gp) 00400b60 00400b60 FUNC    UND munmap
  00410e40 -32704(gp) 00000000 00000000 OBJECT  UND __environ
  00410e44 -32700(gp) 00400b50 00400b50 FUNC    UND puts
  00410e48 -32696(gp) 004009e8 004009e8 FUNC     12 __libc_csu_init
  00410e4c -32692(gp) 00400b40 00400b40 FUNC    UND memcpy
  00410e50 -32688(gp) 00400b30 00400b30 FUNC    UND mprotect
  00410e54 -32684(gp) 00400b20 00400b20 FUNC    UND __libc_start_main
  00410e58 -32680(gp) 00400b10 00400b10 FUNC    UND ptrace
  00410e5c -32676(gp) 00000000 00000000 NOTYPE  UND _Jv_RegisterClasses
  00410e60 -32672(gp) 00000000 00000000 FUNC    UND __gmon_start__
  00410e64 -32668(gp) 004009e0 004009e0 FUNC     12 __libc_csu_fini
  00410e68 -32664(gp) 00400b00 00400b00 FUNC    UND mmap


评论


好的,谢谢,我将尝试使用qemu进行操作。祝你今天愉快。

–creuchmeuch
15年4月7日在15:21