Binary Analysis
Challenge Gallery
Quick Reference
Binary Analysis Tools
| Tool | Purpose | Example |
|---|---|---|
file |
Identify binary type and architecture | file mystery |
strings |
Extract readable text from binary | strings mystery \| grep flag |
nm |
List symbols (function/variable names) | nm mystery |
objdump -d |
Disassemble to assembly | objdump -d -M intel mystery |
ltrace |
Trace shared library calls at runtime | ltrace ./mystery |
strace |
Trace system calls at runtime | strace ./mystery |
ldd |
List shared library dependencies | ldd mystery |
readelf -h |
Display ELF header information | readelf -h mystery |
ELF Sections
| Section | Contains | Permissions |
|---|---|---|
.text |
Compiled machine code (your functions) | Read + Execute |
.data |
Initialized global variables (int x = 5;) |
Read + Write |
.bss |
Uninitialized globals (int y;) — zeroed by OS |
Read + Write |
.rodata |
String literals and constants ("hello") |
Read Only |
.plt/.got |
Dynamic linking trampolines | Read + Execute |
.symtab |
Symbol table (stripped binaries lack this) | N/A (metadata) |
nm Symbol Types
| Code | Meaning |
|---|---|
T |
Function defined in this binary (text section) |
t |
Local/static function (text section) |
D |
Initialized global variable (data section) |
B |
Uninitialized global variable (BSS section) |
U |
Undefined — imported from a shared library |
R |
Read-only data (rodata section) |