GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hnts → goelftools

hnts / goelftools

Licence: MIT license
Library for parsing ELF files written in pure Go.

Programming Languages

go
31211 projects - #10 most used programming language

Labels

pwnelfgo-libraryelf-parser

Projects that are alternatives of or similar to goelftools

Pwninit
pwninit - automate starting binary exploit challenges
Stars: ✭ 127 (+388.46%)
Mutual labels:  pwn, elf
dwex
DWARF Explorer - a GUI utility for navigating the DWARF debug information
Stars: ✭ 58 (+123.08%)
Mutual labels:  elf, elf-parser
ftrace
Simple Function calls tracer
Stars: ✭ 65 (+150%)
Mutual labels:  elf, elf-parser
ghidra2dwarf
🐉 Export ghidra decompiled code to dwarf sections inside ELF binary
Stars: ✭ 135 (+419.23%)
Mutual labels:  pwn, elf
ocean
Programming language that compiles into a x86 ELF executable.
Stars: ✭ 164 (+530.77%)
Mutual labels:  elf
dynlib
IDA Pro plugin to aid PS4 user mode ELF reverse engineering.
Stars: ✭ 51 (+96.15%)
Mutual labels:  elf
CTF
CTF binary exploit code
Stars: ✭ 37 (+42.31%)
Mutual labels:  pwn
browser-exploitation
A collection of curated resources and CVEs I use for research.
Stars: ✭ 71 (+173.08%)
Mutual labels:  pwn
Pool2020
💼 Pools organized for Epitech's students in 2020.
Stars: ✭ 14 (-46.15%)
Mutual labels:  pwn
ELFDump
ELFDump is a C parser for ELF64 object files.
Stars: ✭ 15 (-42.31%)
Mutual labels:  elf
telegram
📚 Golang bindings for Telegram API
Stars: ✭ 15 (-42.31%)
Mutual labels:  go-library
Linux-Kernel-Exploitation
Linux kernel development & exploitation lab.
Stars: ✭ 130 (+400%)
Mutual labels:  pwn
BinV
👓 Yet another binary vulnerbilities checker. An automated vulnerability scanner for ELF based on symbolic execution.
Stars: ✭ 25 (-3.85%)
Mutual labels:  pwn
random
Random data generator AKA faker
Stars: ✭ 14 (-46.15%)
Mutual labels:  go-library
elftree
ELF library dependency viewer
Stars: ✭ 40 (+53.85%)
Mutual labels:  elf
gocave
Finding code caves in ELF files with GoLang
Stars: ✭ 22 (-15.38%)
Mutual labels:  elf
Cwerg
A light-weight compiler backend
Stars: ✭ 207 (+696.15%)
Mutual labels:  elf
golang-debugger-book
From a debugger's view, Let's explore the computer world! How does compiler, linker and debugger coordinate with each other around the program written in specific programming language? How does a debugger work? If we develop a debugger for go programming language, we must master go type system, runtime... and some Operating System internals. OK,…
Stars: ✭ 49 (+88.46%)
Mutual labels:  elf
winpwn
CTF windows pwntools
Stars: ✭ 137 (+426.92%)
Mutual labels:  pwn
FastPwn
CTF中Pwn的快速利用模板(包含awd pwn)
Stars: ✭ 18 (-30.77%)
Mutual labels:  pwn
View All Similar Projects ➔

goelftools

goelftools is library written in Go for parsing ELF file.

This library is inspired by pyelftools and rbelftools.

Motivation

The motivation to develop this library from scratch is a comprehensive understanding of ELF file structure.

Usage

View section names.

package main

import (
	"fmt"
	"log"
	"os"

	"github.com/hnts/goelftools/elf"
)

func main() {
	file := "testdata/elf_linux_amd64"
	b, err := os.ReadFile(file)
	if err != nil {
		log.Fatalf("failed to read %s: %s", file, err)
	}

	e, err := elf.New(b)
	if err != nil {
		log.Fatalf("failed to new elf file struct: %s", err)
	}

	ss := e.Sections
	for _, s := range ss {
		fmt.Println(s.Name)
	}
}
$ go run section_name.go | head -n10

.text
.rodata
.shstrtab
.typelink
.itablink
.gosymtab
.gopclntab
.go.buildinfo
.noptrdata

View assembly by using goelftools and gapstone.

Please note that the below code will not work without the capstone library installed.

package main

import (
	"fmt"
	"log"
	"os"

	"github.com/hnts/goelftools/elf"
	"github.com/knightsc/gapstone"
)

func main() {
	file := "testdata/elf_linux_amd64"
	b, err := os.ReadFile(file)
	if err != nil {
		log.Fatalf("failed to read %s: %s", file, err)
	}

	e, err := elf.New(b)
	if err != nil {
		log.Fatalf("failed to new elf file struct: %s", err)
	}

	engine, err := gapstone.New(
		gapstone.CS_ARCH_X86,
		gapstone.CS_MODE_64,
	)
	if err != nil {
		log.Fatalf("Failed to initialize engine: %v", err)
	}

	defer engine.Close()
	s := e.SectionByName(".text")
	if s == nil {
		log.Fatal(".text in not found")
	}

	insns, err := engine.Disasm(
		[]byte(s.Raw),
		0x10000,
		0,
	)
	if err != nil {
		log.Fatalf("Disassembly error: %v", err)
	}

	for _, insn := range insns {
		fmt.Printf("0x%x:\t%s\t\t%s\n", insn.Address, insn.Mnemonic, insn.OpStr)
	}
}
$ go run disas.go | head -n10
0x10000:        mov             rcx, qword ptr fs:[0xfffffffffffffff8]
0x10009:        cmp             rsp, qword ptr [rcx + 0x10]
0x1000d:        jbe             0x10047
0x1000f:        sub             rsp, 0x18
0x10013:        mov             qword ptr [rsp + 0x10], rbp
0x10018:        lea             rbp, [rsp + 0x10]
0x1001d:        nop             dword ptr [rax]
0x10020:        call            0x107a0
0x10025:        mov             rax, qword ptr [rsp + 0x20]
0x1002a:        mov             qword ptr [rsp], rax

Precautions

goelftools is under development.

If you want to parse ELF file in earnest by using Go, I recommend that you use debug/elf library.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].