binaries

Stuff about binary applications. Information about static vs dynamic linking, file formats, tools, optimization and more.

Formats

ELF

ELF files are Executable Linkable Format which consists of a symbol look-ups and relocatable table, that is, it can be loaded at any memory address by the kernel and automatically, all symbols used, are adjusted to the offset from that memory address where it was loaded into.

• wikipedia

DWARF

DWARF is a widely used, standardized debugging data format. DWARF was originally designed along with Executable and Linkable Format (ELF), although it is independent of object file formats.

DWARF is a way of encoding debuggin symbols, which is information that expresses which programming-language constructs generated a specific piece of machine code in a given executable module.

• DWARF on wikipedia
• Debug symbol on wikipedia

Stripping binaries

• don't strip docker binaries
• strip(1)

Tools

• upx - fast decompression, uncompresses and then JMPs to code
• binwalk - firmware analysis tool (can display entropy)

See Also

• shrink go binaries with this one weird trick
• elf-binaries-on-linux-understanding-and-analysis