I would like to disassamble / debug an elf file. Is it somehow possible to track the function where a specific string in the elf file is called? So I mean, I have a string where I know it is used to search for that string in a file. Is it somehow possible with e.g. gdb to debug exactly that position in the executable? Or is the position of the string in the elf file, somehow visible in the objdump -d output?
Disassamble ELF file - debugging area where specific string of binary is loaded
1k Views Asked by Manuel At
1
There are 1 best solutions below
Related Questions in DEBUGGING
- How do I customize NSOutlineView to have border color?
- UIWebView Screen Fitting Issue
- How to hide "Now playing url" in control center
- CloudKit: Preventing Duplicate Records
- Image and Text locations in UIButton
- setting OpenGL version in objective-C
- Setup code for xibs in iOS. -awakFromNb:
- realm db, get parent link of object
- CFBundleDocumentType is not working in myproject-Info.plist file
- UIPopoverPresentationController not rendering properly
Related Questions in DISASSEMBLY
- How do I customize NSOutlineView to have border color?
- UIWebView Screen Fitting Issue
- How to hide "Now playing url" in control center
- CloudKit: Preventing Duplicate Records
- Image and Text locations in UIButton
- setting OpenGL version in objective-C
- Setup code for xibs in iOS. -awakFromNb:
- realm db, get parent link of object
- CFBundleDocumentType is not working in myproject-Info.plist file
- UIPopoverPresentationController not rendering properly
Related Questions in OBJDUMP
- How do I customize NSOutlineView to have border color?
- UIWebView Screen Fitting Issue
- How to hide "Now playing url" in control center
- CloudKit: Preventing Duplicate Records
- Image and Text locations in UIButton
- setting OpenGL version in objective-C
- Setup code for xibs in iOS. -awakFromNb:
- realm db, get parent link of object
- CFBundleDocumentType is not working in myproject-Info.plist file
- UIPopoverPresentationController not rendering properly
Related Questions in DBG
- How do I customize NSOutlineView to have border color?
- UIWebView Screen Fitting Issue
- How to hide "Now playing url" in control center
- CloudKit: Preventing Duplicate Records
- Image and Text locations in UIButton
- setting OpenGL version in objective-C
- Setup code for xibs in iOS. -awakFromNb:
- realm db, get parent link of object
- CFBundleDocumentType is not working in myproject-Info.plist file
- UIPopoverPresentationController not rendering properly
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
In order to do that you need a disassembler -
objdumpjust dumps the info - it might not give you enough information as some analysis is needed before you can tell where it is being used. What you need is to get theXREFsfor the string you have in mind.If you open your binary in the disassembler it will probably have the ability to show you strings that are present in the binary with the ability to jump to the place where the string is being used (it might be multiple places).
I'll showcase this using radare2.
Open the binary (I'll use
lshere)and then
to display all the strings. There's a lot of them so here's an extract
let's see where this last one is being used. If we move to the location where it's defined
0x100004b72. We can see this:And here we see where it's being referenced -> DATA XREF. We can move there (
s 0x100001cbe) and there we see how it's being used.Having the location you can put a breakpoint there (r2 is also a debugger) or use it in
gdb.