Software Security Notes 4 Basic Binary Analysis in Linux

Basic Binary Analysis in Linux

Tools

GNU Binutils tools:

• c++filt
• objdump
• readelf
• strings
• nm
• base64
• file
• ldd
• strace
• ltrace
• xxd
• hexedit
• dd

CTF Walkthrough

1. Identify the payload

base64:
represent binary in a textual form using “=” as padding

Use $base64$ to encode and decode.
Use $file$ to identify the type of file.
Use $ldd$ to identify dependencies.

2. Finding the missing shared library

Use $xxd$ to find ELF header.
Use $dd$ to extract.

ELF header is 64 bytes.

3. Extracting the shared library

Size of the file = Start of section headers + (Number of section headers * Size of section headers)

---

Share this:

facebook twitter google pinterest tumblr reddit linkedin email