Find the value of a symbol from an ELF file hex dump

0
votes

I have a hex dump of an ELF file (last page of a past exam). I know the offset of strtab and the offset of symtab and I am asked 2 question:

  1. what is the value of 'ooo' symbol ?
  2. In which section is the string "The Netwide Assembler"?

How can I find this?

1
elf
I got hexedit of an elf file - You do not have the original ELF with you? - ArjunShankar
no, just the hexedit. and I don't find 'ooo' in the hexedit. it is a mistake? - user1462787
I don't think it is a mistake. I would expect a hex dump to be a bunch of lines that look like 'xxxxxx: xxxx xxxx xxxx ...' (i.e. a bunch of hexadecimal digits on each line, starting with an address) - ArjunShankar
yes, I mean the ascii code of o. I add a link to the hexedit - user1462787

1 Answers

1
votes

If you got a full hexedit of the elf you can convert it to elf and use readelf & objdump to find this symbols.

If you can't convert the hex to elf you can try parse the symtab and the tab manualy, just look at this refernce http://www.skyfree.org/linux/references/ELF_Format.pdf