executable file formats
play

Executable File Formats Portable Executable (PE) Executable - PowerPoint PPT Presentation

May 03, 2023 •153 likes •330 views

Executable File Formats Portable Executable (PE) Executable file format of choice for Windows Executable and Linkable Format (ELF) Executable file

  2. Executable ¡File ¡Formats ¡ � Portable ¡Executable ¡(PE) ¡ � Executable ¡file ¡format ¡of ¡choice ¡for ¡Windows ¡ � Executable ¡and ¡Linkable ¡Format ¡(ELF) ¡ � Executable ¡file ¡format ¡of ¡choice ¡for ¡Linux ¡ 2

  3. PE ¡ � Portable ¡Executable ¡ � Executable ¡file ¡format ¡of ¡choice ¡for ¡Windows ¡ � Including ¡Windows ¡CE ¡ � Modified ¡version ¡of ¡Unix ¡COFF ¡(Common ¡Object ¡ File ¡Format) ¡ � .cpl, ¡.exe, ¡.dll, ¡.ocx, ¡.sys, ¡.scr, ¡.drv, ¡.tlb ¡ 3

  4. PE ¡Addressing ¡ � Virtual ¡Address ¡(VA) ¡ � Virtual ¡address ¡of ¡an ¡object ¡once ¡it ¡is ¡loaded ¡into ¡ memory ¡ � Relative ¡Virtual ¡Address ¡(RVA) ¡ � Offset ¡from ¡the ¡beginning ¡of ¡the ¡loaded ¡image ¡ 4

  5. PE ¡Tables ¡ � Import ¡Table ¡ � Export ¡Table ¡ � Resource ¡Table ¡ � Exception ¡Table ¡ � Certificate ¡Table ¡ � Base ¡Relocation ¡Table ¡ � Thread ¡Local ¡Storage ¡Table ¡ � … ¡ 5

  6. PE ¡Import ¡and ¡Export ¡Tables ¡ � Import ¡Table ¡(.idata) ¡ � Used ¡as ¡a ¡lookup ¡table ¡for ¡external ¡function ¡ addresses ¡ � Import ¡by ¡ordinal ¡or ¡name ¡ � Export ¡Table ¡(.edata) ¡ � Used ¡as ¡a ¡lookup ¡table ¡for ¡internal ¡function ¡ addresses ¡ � Export ¡by ¡ordinal ¡or ¡name ¡ 6

  7. PE ¡Resource ¡Table ¡ � Resource ¡Table ¡(.rsrc) ¡ � Multi-­‑level ¡binary-­‑sorted ¡tree ¡ � Windows ¡typically ¡uses ¡3 ¡levels ¡ 1. Type ¡ 2. Name ¡ 3. Language ¡ � Leaves ¡contain ¡a ¡description ¡and ¡raw ¡data ¡ 7

  8. msfpescan ¡ 8

  9. OllyDbg ¡PE ¡Parsing ¡ � Click ¡on ¡the ¡“Modules” ¡button ¡ 9

  10. OllyDbg ¡PE ¡Parsing ¡ � Find ¡where ¡the ¡PE ¡header ¡is ¡mapped ¡ 10

  11. OllyDbg ¡PE ¡Parsing ¡ � Double-­‑click ¡to ¡view ¡the ¡PE ¡Header ¡dump ¡ 11

  12. OllyDbg ¡PE ¡Parsing ¡ � In ¡this ¡case, ¡the ¡compressor ¡left ¡behind ¡some ¡ identifying ¡information ¡ 12

  13. ELF ¡ � Executable ¡and ¡Linkable ¡Format ¡ � Executable ¡file ¡format ¡of ¡choice ¡for ¡Linux ¡ � none, ¡.o, ¡.so, ¡.elf, ¡.exe ¡ 13

  14. ELF ¡Construction ¡ � ELF ¡Header ¡ � Program ¡Header ¡Table ¡ � Describes ¡segments ¡ � Section ¡Header ¡Table ¡ � Describes ¡sections ¡ 14

  15. readelf ¡ 15

  16. Questions/Comments? ¡ 16

Recommend

Format (ELF) Why Executable Formats? - All code in one file - But libraries! - We need a way

Format (ELF) Why Executable Formats? - All code in one file - But libraries! - We need a way

Executable and Linkable Format (ELF) Why Executable Formats? - All code in one file - But libraries! - We need a way to combine files Distribute as binary (object files) - - Linkers - We need a way to control how our programs run

281 views • 13 slides
Binarylevel program analysis: Executable File Formats Gang Tan CSE 597 Spring 2019 Penn

Binarylevel program analysis: Executable File Formats Gang Tan CSE 597 Spring 2019 Penn

Binarylevel program analysis: Executable File Formats Gang Tan CSE 597 Spring 2019 Penn State University * Some slides adapted from those by Toms Snchez Lpez at http://www.tomassanchez.com/material/ELF.ppt 1 Executable File

465 views • 20 slides
Sequence File Formats Sequence File Formats Different formats for different uses

Sequence File Formats Sequence File Formats Different formats for different uses

Sequence File Formats Sequence File Formats Different formats for different uses Competing formats developed in parallel Some easy to read, some easy to write programs Dont have to stick to these formats, but parsers

210 views • 18 slides
Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module re, finditer Some fi file formats File extension Content File extension Description .html HyperText Markup Language .exe Windows executable

578 views • 15 slides
Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module re, finditer Some fi file formats File extension Content File extension Description .html HyperText Markup Language .exe Windows executable

413 views • 23 slides
Static instrumentation based on executable file formats About Romain Thomas - Security

Static instrumentation based on executable file formats About Romain Thomas - Security

Romain Thomas - rthomas@quarkslab.com Static instrumentation based on executable file formats About Romain Thomas - Security engineer at Quarkslab Working on various topics: Android, (de)obfuscation, software protection and reverse

1.04k views • 77 slides
Open source software for the keen file formats Ramn photographer: file formats Casero Caas

Open source software for the keen file formats Ramn photographer: file formats Casero Caas

Open source software for the keen photographer: Open source software for the keen file formats Ramn photographer: file formats Casero Caas Introduction Digital workflow Ramn Casero Caas From camera to computer File formats

493 views • 32 slides
Scien&fic Data File Formats Han-Wei Shen The Ohio

Scien&fic Data File Formats Han-Wei Shen The Ohio

Scien&fic Data File Formats Han-Wei Shen The Ohio State University Scien&fic File Format Common scien&fic data file formats VTK

394 views • 25 slides
THE ELF OBJECT FILE FORMAT PROGRAM EXECUTION gcc/cc output an executable in the ELF format

THE ELF OBJECT FILE FORMAT PROGRAM EXECUTION gcc/cc output an executable in the ELF format

THE ELF OBJECT FILE FORMAT PROGRAM EXECUTION gcc/cc output an executable in the ELF format (Linux) Executable and Linkable Format Standard unified binary format for: Relocatable object files (.o), Shared object files (.so)

421 views • 16 slides
beautiful textures: patterns, tiles & formats creating seamless patterns on the example of a

beautiful textures: patterns, tiles & formats creating seamless patterns on the example of a

beautiful textures: patterns, tiles & formats creating seamless patterns on the example of a custom 404 page, with a look at suitable file formats for online use Prisca Schmarsow :: eyelearn.org Steps covered 1. file organisation 2.

722 views • 25 slides
beautiful textures: patterns, tiles & formats creating seamless patterns on the example of a

beautiful textures: patterns, tiles & formats creating seamless patterns on the example of a

beautiful textures: patterns, tiles & formats creating seamless patterns on the example of a custom 404 page, with a look at suitable file formats for online use Prisca Schmarsow :: eyelearn.org Steps covered 1. file organisation 2.

450 views • 21 slides
Graphic Design Year 7 This Lesson Know what is meant by a file extension and to give examples

Graphic Design Year 7 This Lesson Know what is meant by a file extension and to give examples

Graphic Design Year 7 This Lesson Know what is meant by a file extension and to give examples File Formats What are file formats/ extensions? A file format/ extension relates to the last three/ four letters at the end of a file name e.g.

610 views • 14 slides
LIEF: Library to Instrument Executable Formats Table of Contents Introduction Architecture Demo

LIEF: Library to Instrument Executable Formats Table of Contents Introduction Architecture Demo

Romain Thomas - rthomas@quarkslab.com LIEF: Library to Instrument Executable Formats Table of Contents Introduction Architecture Demo Conclusion About Romain Thomas - Security engineer at Quarkslab Working on obfuscation and software

614 views • 27 slides
Dissecting media file formats with Kaitai Struct FOSDEM 2017 Mikhail Yakshin (GreyCat) Kaitai

Dissecting media file formats with Kaitai Struct FOSDEM 2017 Mikhail Yakshin (GreyCat) Kaitai

Dissecting media file formats with Kaitai Struct FOSDEM 2017 Mikhail Yakshin (GreyCat) Kaitai Project http://kaitai.io/ Twitter: @kaitai_io File formats: a problem? Media software developers have to deal with multitude of different

396 views • 25 slides
LIEF: Library to Instrument Executable Formats Table of Contents Introduction Project Overview

LIEF: Library to Instrument Executable Formats Table of Contents Introduction Project Overview

RMLL 2017 Romain Thomas - rthomas@quarkslab.com LIEF: Library to Instrument Executable Formats Table of Contents Introduction Project Overview Demo Conclusion About Romain Thomas (rthomas@quarkslab.com) - Security engineer Working on

1.12k views • 89 slides
1 Fermion Field File Formats We note at the beginning, that we do not use a different format for

1 Fermion Field File Formats We note at the beginning, that we do not use a different format for

1 Fermion Field File Formats We note at the beginning, that we do not use a different format for source or sink fermion fields. They are both stored using the same lime records. The meta-data stored in the same lime-packed file is supposed to

53 views • 4 slides
CONSTANT INSECURITY: THINGS YOU DIDN'T KNOW ABOUT (PECOFF) PORTABLE EXECUTABLE FILE FORMAT

CONSTANT INSECURITY: THINGS YOU DIDN'T KNOW ABOUT (PECOFF) PORTABLE EXECUTABLE FILE FORMAT

BlackHat USA 2011, Las Vegas Mario Vuksan & Tomislav Pericin, ReversingLabs CONSTANT INSECURITY: THINGS YOU DIDN'T KNOW ABOUT (PECOFF) PORTABLE EXECUTABLE FILE FORMAT Constant Insecurity Maturing Code PE has been on Windows for 18

686 views • 41 slides
Ext3/4 file systems Don Porter CSE 506 Logical Diagram Binary Memory Threads Formats

Ext3/4 file systems Don Porter CSE 506 Logical Diagram Binary Memory Threads Formats

Ext3/4 file systems Don Porter CSE 506 Logical Diagram Binary Memory Threads Formats Allocators User Todays Lecture System Calls Kernel RCU File System Networking Sync Memory CPU Device Management Scheduler Drivers Hardware

598 views • 33 slides
Virtual File System Don Porter CSE 506 Logical Diagram Binary Memory Threads Formats

Virtual File System Don Porter CSE 506 Logical Diagram Binary Memory Threads Formats

Virtual File System Don Porter CSE 506 Logical Diagram Binary Memory Threads Formats Allocators User Todays Lecture System Calls Kernel RCU File System Networking Sync Memory CPU Device Management Scheduler Drivers Hardware

413 views • 39 slides
EXECUTABLE UML AND MBSE What Executable UML does, how it is totally di ff erent from UML, and

EXECUTABLE UML AND MBSE What Executable UML does, how it is totally di ff erent from UML, and

EXECUTABLE UML AND MBSE What Executable UML does, how it is totally di ff erent from UML, and how it fits with other Executable languages Leon Starr leon_starr@modelint.com MODEL INTEGRATION LLC www.modelint.com 1 LiU Seminar xUML MBSE -

527 views • 39 slides
Introduction to CBEA SDK Veselin Dikov 1. Getting started Executable format check utility: #

Introduction to CBEA SDK Veselin Dikov 1. Getting started Executable format check utility: #

Moscow-Bavarian Joint Advanced Student School 19-29 March 2006, Moscow, Russia Introduction to CBEA SDK Veselin Dikov 1. Getting started Executable format check utility: # file <executable> Makefile headers (reside in SDK root

280 views • 4 slides
GIS file formats & Locating geography files in the EFT Collection ACCOLEDS Nov.2013

GIS file formats & Locating geography files in the EFT Collection ACCOLEDS Nov.2013

GIS file formats & Locating geography files in the EFT Collection ACCOLEDS Nov.2013 Edmonton, AB daniel Brendle-Moczuk, UVic Peter Peller, UCalgary 1 ftp software 2 ftp software Hostname: eftftp-ptftef.statcan.gc.ca Username:

593 views • 17 slides
Storage Formats Storage Formats 1 1 Overview We covered storage of unstructured files in HDFS

Storage Formats Storage Formats 1 1 Overview We covered storage of unstructured files in HDFS

Storage Formats Storage Formats 1 1 Overview We covered storage of unstructured files in HDFS Partition into blocks Replicate to data nodes HDFS treats each file as a stream of data, i.e., it is data agnostic This lecture covers an

596 views • 25 slides
Program Generation Workflow C**program compiler assembly*code nd* library*object*code

Program Generation Workflow C**program compiler assembly*code nd* library*object*code

Program Generation Workflow C**program compiler assembly*code nd* library*object*code assembler de. . object*code on* linker bels* executable *how* Sean Barker 1 Linking Schematic Executable*file Object*file main:*****

390 views • 4 slides

More recommend