Trees       Indices       Help   
Package Elf
[hide private]
[frames] | no frames]

Package Elf

source code

Kenshoto's Elf parser

This package will let you use programatic ninja-fu when trying to parse Elf binaries. The API is based around several objects representing constructs in the Elf binary format. The Elf object itself contains parsed metadata and lists of things like section headers and relocation entries. Additionally, most of the objects implement repr() in some form or another which allows you a bunch of readelf-like functionality.

*Eventually* this API will allow you to modify Elf binaries and spit them back out in working order (not complete, you may notice some of the initial code).

Send bug reports to Invisigoth or Metr0.

Submodules [hide private]

Classes [hide private]
  ElfReloc
Elf relocation entries consist mostly of "fixup" address which are taken care of by the loader at runtime.
  Elf32Reloc
  Elf32Reloca
  Elf64Reloc
  Elf64Reloca
  ElfDynamic
  Elf32Dynamic
  Elf64Dynamic
  ElfSymbol
  Elf32Symbol
  Elf64Symbol
  ElfPheader
  Elf32Pheader
  Elf64Pheader
  ElfSection
  Elf32Section
  Elf64Section
  Elf
Functions [hide private]
 
getRelocType(val) source code
 
getRelocSymTabIndex(val) source code
Variables [hide private]
  verbose = False
  DT_AUDIT = 1879047932
  DT_AUXILIARY = 2147483645
  DT_BIND_NOW = 24
  DT_CHECKSUM = 1879047672
  DT_CONFIG = 1879047930
  DT_DEBUG = 21
  DT_DEPAUDIT = 1879047931
  DT_ENCODING = 32
  DT_FEATURE_1 = 1879047676
  DT_FILTER = 2147483647
  DT_FINI = 13
  DT_FINI_ARRAY = 26
  DT_FINI_ARRAYSZ = 28
  DT_FLAGS = 30
  DT_FLAGS_1 = 1879048187
  DT_GNU_CONFLICT = 1879047928
  DT_GNU_CONFLICTSZ = 1879047670
  DT_GNU_HASH = 1879047925
  DT_GNU_LIBLIST = 1879047929
  DT_GNU_LIBLISTSZ = 1879047671
  DT_GNU_PRELINKED = 1879047669
  DT_HASH = 4
  DT_HIOS = 1879044096
  DT_HIPROC = 2147483647
  DT_INIT = 12
  DT_INIT_ARRAY = 25
  DT_INIT_ARRAYSZ = 27
  DT_JMPREL = 23
  DT_LOOS = 1610612749
  DT_LOPROC = 1879048192
  DT_MOVEENT = 1879047674
  DT_MOVESZ = 1879047675
  DT_MOVETAB = 1879047934
  DT_NEEDED = 1
  DT_NULL = 0
  DT_NUM = 34
  DT_PLTGOT = 3
  DT_PLTPAD = 1879047933
  DT_PLTPADSZ = 1879047673
  DT_PLTREL = 20
  DT_PLTRELSZ = 2
  DT_POSFLAG_1 = 1879047677
  DT_PREINIT_ARRAY = 32
  DT_PREINIT_ARRAYSZ = 33
  DT_REL = 17
  DT_RELA = 7
  DT_RELACOUNT = 1879048185
  DT_RELAENT = 9
  DT_RELASZ = 8
  DT_RELCOUNT = 1879048186
  DT_RELENT = 19
  DT_RELSZ = 18
  DT_RPATH = 15
  DT_RUNPATH = 29
  DT_SONAME = 14
  DT_STRSZ = 10
  DT_STRTAB = 5
  DT_SYMBOLIC = 16
  DT_SYMENT = 11
  DT_SYMINENT = 1879047679
  DT_SYMINFO = 1879047935
  DT_SYMINSZ = 1879047678
  DT_SYMTAB = 6
  DT_TEXTREL = 22
  DT_TLSDESC_GOT = 1879047927
  DT_TLSDESC_PLT = 1879047926
  DT_VERDEF = 1879048188
  DT_VERDEFNUM = 1879048189
  DT_VERNEED = 1879048190
  DT_VERNEEDNUM = 1879048191
  DT_VERSYM = 1879048176
  EM_386 = 3
  EM_68HC05 = 72
  EM_68HC08 = 71
  EM_68HC11 = 70
  EM_68HC12 = 53
  EM_68HC16 = 69
  EM_68K = 4
  EM_860 = 7
  EM_88K = 5
  EM_960 = 19
  EM_ALPHA = 36902
  EM_ARC = 45
  EM_ARC_A5 = 93
  EM_ARM = 40
  EM_AVR = 83
  EM_COLDFIRE = 52
  EM_CRIS = 76
  EM_D10V = 85
  EM_D30V = 86
  EM_FAKE_ALPHA = 41
  EM_FIREPATH = 78
  EM_FR20 = 37
  EM_FR30 = 84
  EM_FX66 = 66
  EM_H8S = 48
  EM_H8_300 = 46
  EM_H8_300H = 47
  EM_H8_500 = 49
  EM_HUANY = 81
  EM_IA_64 = 50
  EM_JAVELIN = 77
  EM_M32 = 1
  EM_M32R = 88
  EM_ME16 = 59
  EM_MIPS = 8
  EM_MIPS_RS3_LE = 10
  EM_MIPS_X = 51
  EM_MMA = 54
  EM_MMIX = 80
  EM_MN10200 = 90
  EM_MN10300 = 89
  EM_NCPU = 56
  EM_NDR1 = 57
  EM_NONE = 0
  EM_NUM = 95
  EM_OPENRISC = 92
  EM_PARISC = 15
  EM_PCP = 55
  EM_PDSP = 63
  EM_PJ = 91
  EM_PPC = 20
  EM_PPC64 = 21
  EM_PRISM = 82
  EM_RCE = 39
  EM_RH32 = 38
  EM_S370 = 9
  EM_S390 = 22
  EM_SH = 42
  EM_SPARC = 2
  EM_SPARC32PLUS = 18
  EM_SPARCV9 = 43
  EM_ST100 = 60
  EM_ST19 = 74
  EM_ST7 = 68
  EM_ST9PLUS = 67
  EM_STARCORE = 58
  EM_SVX = 73
  EM_TINYJ = 61
  EM_TRICORE = 44
  EM_V800 = 36
  EM_V850 = 87
  EM_VAX = 75
  EM_VPP500 = 17
  EM_X86_64 = 62
  EM_XTENSA = 94
  EM_ZSP = 79
  ET_CORE = 4
  ET_DYN = 3
  ET_EXEC = 2
  ET_HIOS = 65279
  ET_HIPROC = 65535
  ET_LOOS = 65024
  ET_LOPROC = 65280
  ET_NONE = 0
  ET_NUM = 5
  ET_REL = 1
  EV_CURRENT = 1
  EV_NONE = 0
  EV_NUM = 2
  PT_DYNAMIC = 2
  PT_GNU_EH_FRAME = 1685382480
  PT_GNU_RELRO = 1685382482
  PT_GNU_STACK = 1685382481
  PT_HIOS = 1879048191
  PT_HIPROC = 2147483647
  PT_HISUNW = 1879048191
  PT_INTERP = 3
  PT_LOAD = 1
  PT_LOOS = 1610612736
  PT_LOPROC = 1879048192
  PT_LOSUNW = 1879048186
  PT_NOTE = 4
  PT_NULL = 0
  PT_NUM = 8
  PT_PHDR = 6
  PT_SHLIB = 5
  PT_SUNWBSS = 1879048186
  PT_SUNWSTACK = 1879048187
  PT_TLS = 7
  R_386_16 = 20
  R_386_32 = 1
  R_386_32PLT = 11
  R_386_8 = 22
  R_386_COPY = 5
  R_386_GLOB_DAT = 6
  R_386_GOT32 = 3
  R_386_GOTOFF = 9
  R_386_GOTPC = 10
  R_386_JMP_SLOT = 7
  R_386_NONE = 0
  R_386_PC16 = 21
  R_386_PC32 = 2
  R_386_PC8 = 23
  R_386_PLT32 = 4
  R_386_RELATIVE = 8
  R_386_TLS_DTPMOD32 = 35
  R_386_TLS_DTPOFF32 = 36
  R_386_TLS_GD = 18
  R_386_TLS_GD_32 = 24
  R_386_TLS_GD_CALL = 26
  R_386_TLS_GD_POP = 27
  R_386_TLS_GD_PUSH = 25
  R_386_TLS_GOTIE = 16
  R_386_TLS_IE = 15
  R_386_TLS_IE_32 = 33
  R_386_TLS_LDM = 19
  R_386_TLS_LDM_32 = 28
  R_386_TLS_LDM_CALL = 30
  R_386_TLS_LDM_POP = 31
  R_386_TLS_LDM_PUSH = 29
  R_386_TLS_LDO_32 = 32
  R_386_TLS_LE = 17
  R_386_TLS_LE_32 = 34
  R_386_TLS_TPOFF = 14
  R_386_TLS_TPOFF32 = 37
  R_68K_16 = 2
  R_68K_32 = 1
  R_68K_8 = 3
  R_68K_COPY = 19
  R_68K_GLOB_DAT = 20
  R_68K_GOT16 = 8
  R_68K_GOT16O = 11
  R_68K_GOT32 = 7
  R_68K_GOT32O = 10
  R_68K_GOT8 = 9
  R_68K_GOT8O = 12
  R_68K_JMP_SLOT = 21
  R_68K_NONE = 0
  R_68K_PC16 = 5
  R_68K_PC32 = 4
  R_68K_PC8 = 6
  R_68K_PLT16 = 14
  R_68K_PLT16O = 17
  R_68K_PLT32 = 13
  R_68K_PLT32O = 16
  R_68K_PLT8 = 15
  R_68K_PLT8O = 18
  R_68K_RELATIVE = 22
  R_X86_64_16 = 12
  R_X86_64_32 = 10
  R_X86_64_32S = 11
  R_X86_64_64 = 1
  R_X86_64_8 = 14
  R_X86_64_COPY = 5
  R_X86_64_DTPMOD64 = 16
  R_X86_64_DTPOFF32 = 21
  R_X86_64_DTPOFF64 = 17
  R_X86_64_GLOB_DAT = 6
  R_X86_64_GOT32 = 3
  R_X86_64_GOTPCREL = 9
  R_X86_64_GOTTPOFF = 22
  R_X86_64_JUMP_SLOT = 7
  R_X86_64_NONE = 0
  R_X86_64_NUM = 24
  R_X86_64_PC16 = 13
  R_X86_64_PC32 = 2
  R_X86_64_PC8 = 15
  R_X86_64_PLT32 = 4
  R_X86_64_RELATIVE = 8
  R_X86_64_TLSGD = 19
  R_X86_64_TLSLD = 20
  R_X86_64_TPOFF32 = 23
  R_X86_64_TPOFF64 = 18
  SHF_ALLOC = 2
  SHF_EXCLUDE = 2147483648
  SHF_EXECINSTR = 4
  SHF_GROUP = 512
  SHF_INFO_LINK = 64
  SHF_LINK_ORDER = 128
  SHF_MERGE = 16
  SHF_ORDERED = 1073741824
  SHF_OS_NONCONFORMING = 256
  SHF_STRINGS = 32
  SHF_TLS = 1024
  SHF_WRITE = 1
  SHT_CHECKSUM = 1879048184
  SHT_DYNAMIC = 6
  SHT_DYNSYM = 11
  SHT_FINI_ARRAY = 15
  SHT_GNU_LIBLIST = 1879048183
  SHT_GNU_verdef = 1879048189
  SHT_GNU_verneed = 1879048190
  SHT_GNU_versym = 1879048191
  SHT_GROUP = 17
  SHT_HASH = 5
  SHT_HIOS = 1879048191
  SHT_HIPROC = 2147483647
  SHT_HISUNW = 1879048191
  SHT_HIUSER = 2415919103
  SHT_INIT_ARRAY = 14
  SHT_LOOS = 1610612736
  SHT_LOPROC = 1879048192
  SHT_LOSUNW = 1879048186
  SHT_LOUSER = 2147483648
  SHT_NOBITS = 8
  SHT_NOTE = 7
  SHT_NULL = 0
  SHT_PREINIT_ARRAY = 16
  SHT_PROGBITS = 1
  SHT_REL = 9
  SHT_RELA = 4
  SHT_SHLIB = 10
  SHT_STRTAB = 3
  SHT_SYMTAB = 2
  SHT_SYMTAB_SHNDX = 18
  STB_GLOBAL = 1
  STB_HIOS = 12
  STB_HIPROC = 15
  STB_LOCAL = 0
  STB_LOOS = 10
  STB_LOPROC = 13
  STB_WEAK = 2
  STT_COMMON = 5
  STT_FILE = 4
  STT_FUNC = 2
  STT_HIOS = 12
  STT_HIPROC = 15
  STT_LOOS = 10
  STT_LOPROC = 13
  STT_NOTYPE = 0
  STT_OBJECT = 1
  STT_SECTION = 3
  STT_TLS = 6
  __package__ = 'Elf'
  dt_types = {0: 'Marks end of dynamic section ', 1: 'Name of ne...
  e_flags_68k = {0: 'No reloc', 1: 'Direct 32 bit', 2: 'Direct 1...
  e_machine_32 = (3, 20, 40)
  e_machine_64 = (21, 43, 62)
  e_machine_types = {0: 'No machine', 1: 'AT&T WE 32100', 2: 'SU...
  e_types = {0: 'No file type', 1: 'Relocatable file', 2: 'Execu...
  e_versions = {0: 'Invalid ELF version', 1: 'Current version', ...
  ph_types = {0: 'Program header table entry unused', 1: 'Loadab...
  r_types_386 = {0: 'No reloc', 1: 'Direct 32 bit', 2: 'PC relat...
  r_types_amd64 = {0: 'No reloc', 1: 'Direct 64 bit ', 2: 'PC re...
  sh_flags = {1: 'Writable', 2: 'Occupies memory during executio...
  sh_type = {0: 'Section header table entry unused', 1: 'Program...
  st_info_bind = {0: 'Local symbol', 1: 'Global symbol', 2: 'Wea...
  st_info_type = {0: 'Symbol type is unspecified', 1: 'Symbol is...
Variables Details [hide private]

dt_types

Value:
{0: 'Marks end of dynamic section ',
 1: 'Name of needed library ',
 2: 'Size in bytes of PLT relocs ',
 3: 'Processor defined value ',
 4: 'Address of symbol hash table ',
 5: 'Address of string table ',
 6: 'Address of symbol table ',
 7: 'Address of Rela relocs ',
...

e_flags_68k

Value:
{0: 'No reloc',
 1: 'Direct 32 bit',
 2: 'Direct 16 bit',
 3: 'Direct 8 bit',
 4: 'PC relative 32 bit',
 5: 'PC relative 16 bit',
 6: 'PC relative 8 bit',
 7: '32 bit PC relative GOT entry',
...

e_machine_types

Value:
{0: 'No machine',
 1: 'AT&T WE 32100',
 2: 'SUN SPARC',
 3: 'Intel 80386',
 4: 'Motorola m68k family',
 5: 'Motorola m88k family',
 7: 'Intel 80860',
 8: 'MIPS R3000 big-endian',
...

e_types

Value:
{0: 'No file type',
 1: 'Relocatable file',
 2: 'Executable file',
 3: 'Shared object file',
 4: 'Core file',
 5: 'Number of defined types',
 65024: 'OS-specific range start',
 65279: 'OS-specific range end',
...

e_versions

Value:
{0: 'Invalid ELF version', 1: 'Current version', 2: ''}

ph_types

Value:
{0: 'Program header table entry unused',
 1: 'Loadable program segment',
 2: 'Dynamic linking information',
 3: 'Program interpreter',
 4: 'Auxiliary information',
 5: 'Reserved',
 6: 'Entry for header table itself',
 7: 'Thread-local storage segment',
...

r_types_386

Value:
{0: 'No reloc',
 1: 'Direct 32 bit',
 2: 'PC relative 32 bit',
 3: '32 bit GOT entry',
 4: '32 bit PLT address',
 5: 'Copy symbol at runtime',
 6: 'Create GOT entry',
 7: 'Create PLT entry',
...

r_types_amd64

Value:
{0: 'No reloc',
 1: 'Direct 64 bit ',
 2: 'PC relative 32 bit signed',
 3: '32 bit GOT entry',
 4: '32 bit PLT address',
 5: 'Copy symbol at runtime',
 6: 'Create GOT entry',
 7: 'Create PLT entry',
...

sh_flags

Value:
{1: 'Writable',
 2: 'Occupies memory during execution',
 4: 'Executable',
 16: 'Might be merged',
 32: 'Contains nul-terminated strings',
 64: '`sh_info\' contains SHT index',
 128: 'Preserve order after combining',
 256: 'Non-standard OS specific',
...

sh_type

Value:
{0: 'Section header table entry unused',
 1: 'Program data',
 2: 'Symbol table',
 3: 'String table',
 4: 'Relocation entries with addends',
 5: 'Symbol hash table',
 6: 'Dynamic linking information',
 7: 'Notes',
...

st_info_bind

Value:
{0: 'Local symbol',
 1: 'Global symbol',
 2: 'Weak symbol',
 10: 'Start of OS-specific',
 12: 'End of OS-specific',
 13: 'Start of processor-specific',
 15: 'End of processor-specific'}

st_info_type

Value:
{0: 'Symbol type is unspecified',
 1: 'Symbol is a data object',
 2: 'Symbol is a code object',
 3: 'Symbol associated with a section',
 4: 'Symbol\'s name is file name',
 5: 'Symbol is a common data object',
 6: 'Symbol is thread-local data',
 10: 'Start of OS-specific',
...

   Trees       Indices       Help   
Generated by Epydoc 3.0.1 on Fri Nov 16 18:22:08 2012 http://epydoc.sourceforge.net