PWN phase1

• ELF文件相关PWN篇-二进制文件
  ELF header解析器
  查看elf.h中有定义
  则可以从文件流中读入数据到指针中，进而输出ELF Header信息
  以下代码在Windows中编译需要将elf.h文件复制到/include目录下
  32位与64位在文件头有区别：
  64位版本:

#include<bits/stdc++.h>
#include<elf.h>
using namespace std;
signed main()
{
    Elf64_Ehdr e64_hd;//参见elf.h定义
    FILE *pt;//定义FILE类型的指针
    pt=freopen("question_5_x64","r",stdin);//需要判断的文件
    fread(&e64_hd,sizeof(Elf64_Ehdr),1,pt);//从文件流读取数据到e64_hd中
    printf("Magic number and other info: ");
    for(int i=0;i<16;i++)
    {
        printf("%02x ",e64_hd.e_ident[i]);
        // cout<<e64_hd.e_ident[i];
    }
    printf("\n");
    printf("Object file type: %x\n",e64_hd.e_type);
    // cout<<"Object file type: "<<e64_hd.e_type<<endl;
    printf("Architecture: %lu\n",e64_hd.e_machine);
    // cout<<"Architecture: "<<e64_hd.e_machine<<endl;
    printf("Entry point virtual address: 0x%x\n",e64_hd.e_entry);
    printf("Program header table file offset: %d(bytes into file)\n",e64_hd.e_phoff);
    printf("Section header table file offset: %d(bytes into file)\n",e64_hd.e_shoff);
    printf("Processor-specific flags: 0x%x\n",e64_hd.e_flags);
    printf("ELF header size in bytes: %d(bytes)\n",e64_hd.e_ehsize);
    printf("Program header table entry size: %d(bytes)\n",e64_hd.e_phentsize);
    printf("Program header table entry count: %d\n",e64_hd.e_phnum);
    printf("Section header table entry size: %d(bytes)\n",e64_hd.e_shentsize);
    printf("Section header table entry count: %d\n",e64_hd.e_shnum);
    printf("Section header string table index: %d\n",e64_hd.e_shstrndx);
    return 0;
}

截图与readelf -h对比：




32位版本：

#include<bits/stdc++.h>
#include<elf.h>
using namespace std;
signed main()
{
    Elf32_Ehdr e32_hd;//参见elf.h定义
    FILE *pt;//定义FILE类型的指针
    pt=freopen("question_5_x86","r",stdin);//需要判断的文件
    fread(&e32_hd,sizeof(Elf32_Ehdr),1,pt);//从文件流读取数据到e32_hd中
    printf("Magic number and other info: ");
    for(int i=0;i<16;i++)
    {
        printf("%02x ",e32_hd.e_ident[i]);
        // cout<<e32_hd.e_ident[i];
    }
    printf("\n");
    printf("Object file type: %x\n",e32_hd.e_type);
    // cout<<"Object file type: "<<e32_hd.e_type<<endl;
    printf("Architecture: %lu\n",e32_hd.e_machine);
    // cout<<"Architecture: "<<e32_hd.e_machine<<endl;
    printf("Entry point virtual address: 0x%x\n",e32_hd.e_entry);
    printf("Program header table file offset: %d(bytes into file)\n",e32_hd.e_phoff);
    printf("Section header table file offset: %d(bytes into file)\n",e32_hd.e_shoff);
    printf("Processor-specific flags: 0x%x\n",e32_hd.e_flags);
    printf("ELF header size in bytes: %d(bytes)\n",e32_hd.e_ehsize);
    printf("Program header table entry size: %d(bytes)\n",e32_hd.e_phentsize);
    printf("Program header table entry count: %d\n",e32_hd.e_phnum);
    printf("Section header table entry size: %d(bytes)\n",e32_hd.e_shentsize);
    printf("Section header table entry count: %d\n",e32_hd.e_shnum);
    printf("Section header string table index: %d\n",e32_hd.e_shstrndx);
    return 0;
}

截图与readelf -h对比：