Get bin info.py
From Attie's Wiki
(Difference between revisions)
m |
m |
||
| Line 18: | Line 18: | ||
# get the symbol information | # get the symbol information | ||
| − | SYM_INFO=$(${CROSS_COMPILE}readelf ${FILE} - | + | SYM_INFO=$(${CROSS_COMPILE}readelf ${FILE} --syms | grep "${SYMBOL}\$" || true) |
| + | if [ "${SYM_INFO}" == "" ]; then | ||
| + | echo "Symbol '${SYMBOL}' does not exist..." >&2 | ||
| + | exit 1 | ||
| + | fi | ||
| + | |||
| + | # validate the symbols (it may have been present in more than one symbol table) | ||
| + | echo "${SYM_INFO}" | awk 'BEGIN{a=-1}{v=strtonum("0x"$2); if (a==-1) a=v; else if (a!=v) exit(1)}' || ( | ||
| + | echo "Symbol '${SYMBOL}' has conflicting definitions..." >&2 | ||
| + | echo "${SYM_INFO}" >&2 | ||
| + | exit 1 | ||
| + | ) | ||
| + | SYM_INFO=$(echo "${SYM_INFO}" | head -n 1) | ||
# get the offset of the symbol's data (in hex), rounded down to the closes 16-byte boundary | # get the offset of the symbol's data (in hex), rounded down to the closes 16-byte boundary | ||
Revision as of 11:38, 15 October 2015
This script helps you extract the data associated with a symbol in a binary. Remember that the output here will not necessarily be correctly ordered (see Endianness).
#!/bin/bash -eu if [ -z ${CROSS_COMPILE+x} ]; then CROSS_COMPILE="" fi FILE=$1; shift SYMBOL=$1; shift if [ ! -e ${FILE} ]; then echo "File '${FILE}' does not exist..." >&2 exit 1 fi # get the symbol information SYM_INFO=$(${CROSS_COMPILE}readelf ${FILE} --syms | grep "${SYMBOL}\$" || true) if [ "${SYM_INFO}" == "" ]; then echo "Symbol '${SYMBOL}' does not exist..." >&2 exit 1 fi # validate the symbols (it may have been present in more than one symbol table) echo "${SYM_INFO}" | awk 'BEGIN{a=-1}{v=strtonum("0x"$2); if (a==-1) a=v; else if (a!=v) exit(1)}' || ( echo "Symbol '${SYMBOL}' has conflicting definitions..." >&2 echo "${SYM_INFO}" >&2 exit 1 ) SYM_INFO=$(echo "${SYM_INFO}" | head -n 1) # get the offset of the symbol's data (in hex), rounded down to the closes 16-byte boundary SYM_OFFSET_ALIGNED=$(echo "${SYM_INFO}" | awk '{v=strtonum("0x"$2); printf("0x%08X", v - (v % 16))}') # get the offset of the symbol's data (in decomal), into this 16-byte aligned data SYM_OFFSET_INTO_ALIGNED_DATA=$(echo "${SYM_INFO}" | awk '{v=strtonum("0x"$2); printf("%d", (v % 16) * 2)}') # get the size of the symbol's data (in decimal), as nibbles / hex digits SYM_SIZE_IN_NIBBLES=$(echo "${SYM_INFO}" | awk '{v=strtonum($3); printf "%d",v * 2}') # get the number of 16-byte rows that this symbol spans SYM_ROWS_SPANNED=$(echo "${SYM_INFO}" | awk '{v=strtonum($3); printf("%d", (v * 16) - 1)}') # get the rows for the interesting region of the file REGION_DATA=$(${CROSS_COMPILE}readelf ${FILE} --hex-dump .rodata | grep "${SYM_OFFSET_ALIGNED}" -A${SYM_ROWS_SPANNED} | cut -b14-48 | tr -d ' \n') # snip out the symbol's data DATA=$(echo -n "${REGION_DATA}" | cut -b $((SYM_OFFSET_INTO_ALIGNED_DATA + 1))-$((SYM_OFFSET_INTO_ALIGNED_DATA + SYM_SIZE_IN_NIBBLES))) # print out the symbol's data... ## ... as hex digits #echo ${DATA} ## ... as raw binary data echo -n ${DATA} | sed -e "s/.\{2\}/&\n/g" | awk -b '{printf "%c", strtonum("0x"$0)}' ## ... rendered by hexdump #echo -n ${DATA} | sed -e "s/.\{2\}/&\n/g" | awk -b '{printf "%c", strtonum("0x"$0)}' | hexdump -C ## ... a nul-terminated C string (without the nul) #echo -n ${DATA} | sed -e "s/.\{2\}/&\n/g" | awk -b '{v=strtonum("0x"$0); if (v==0) exit(0); printf "%c", v}'
