DipSwitch/resolveentry.sh

## resolveentry.sh
#!/bin/bash

# Get program entry points with the help of objdump and hexdump
# Copyleft dipswitch@ownage4u.nl 2011

if [[ -z $1 ]]; then
    echo "Usage: $0 <elf>" 1>&2;
    exit 1;
fi;

if [[ ! -e "$1" ]]; then
    echo "No file named '$1' found me mate!" 1>&2;
    exit 2;
fi;

if ! file $1 | grep ELF 2>&1 > /dev/null; then
    echo "Arrgggg this no even looks like an ELF to me, me mate!" 1>&2;
    exit 3;
fi;

CTOR_START="0xffffffff";
CTOR_END="0x00000000";
ADDR_FORMAT='"0x%08x "';
BYTE_COUNT=32;

if file $1 | grep 'ELF 64' 2>&1 > /dev/null; then
    CTOR_START="${CTOR_START}ffffffff";
    CTOR_END="${CTOR_END}00000000";
    ADDR_FORMAT='"0x%08x%08x "';
    BYTE_COUNT=64;
fi;

for addr in $(hexdump -e "$ADDR_FORMAT" -n $BYTE_COUNT -s 0x`objdump -x "$1" | grep .ctors | sed -e 's/  */ /g' | cut -d' ' -f 7 | line` "$1"); do
    if [[ $addr == $CTOR_START ]]; then
	continue;
    elif [[ $addr == $CTOR_END ]]; then
	if [[ -n $FIRST ]]; then
	    echo -ne "\n"
	fi;

	break;
    else
	if [[ -z $FIRST ]]; then
	    echo ".ctors:";
	    FIRST=1;
	fi;

	if [[ $BYTE_COUNT -eq 64 ]]; then
	    echo $addr | sed -e 's/\(0x\)\([0-9a-f]\{8\}\)\([0-9a-f]\{8\}\)/\1\3\2/g'
	else
	    echo $addr;
	fi;
    fi;
done;

tmp=`mktemp /tmp/input.XXXX`;
echo "entrypoints:";
if objdump -x "$1" | grep 'start address' | grep -o '0x[0-9a-f]*' > $tmp; then
    echo ".text:   "`cat ${tmp}`;
fi;

if objdump -j .text -M intel -D "$1" | grep '<_start>:' | grep -o '[0-9a-f]* ' > $tmp; then
    echo "_start:  0x"`cat ${tmp}`;
fi;

if objdump -j .text -M intel -D "$1" | grep '<main>:' | grep -o '[0-9a-f]* ' > $tmp; then
    echo "main:    0x"`cat ${tmp}`;
fi;

if objdump -j .text -M intel -D "$1" | grep '<.text>:' -A20 | grep '__libc_start_main' -B1 | line | grep -o '0x[0-9a-z]*' > $tmp; then
    echo "Stripped main:  "`cat ${tmp}`;
elif objdump -j .text -M intel -D "$1" | grep '<.text>:' -A20 | grep 'hlt' -B2 | line | grep -o '0x[0-9a-z]*' > $tmp; then
    echo "Static stripped main: "`cat ${tmp}`;
fi;

unset FIRST

for addr in $(hexdump -e "$ADDR_FORMAT" -n $BYTE_COUNT -s 0x`objdump -x "$1" | grep .dtors | sed -e 's/  */ /g' | cut -d' ' -f 7 | line` "$1"); do
    if [[ $addr == $CTOR_START ]]; then
	continue;
    elif [[ $addr == $CTOR_END ]]; then
	break;
    else
	if [[ -z $FIRST ]]; then
	    echo -e "\n.dtors:";
	    FIRST=1;
	fi;

	if [[ $BYTE_COUNT -eq 64 ]]; then
	    echo $addr | sed -e 's/\(0x\)\([0-9a-f]\{8\}\)\([0-9a-f]\{8\}\)/\1\3\2/g'
	else
	    echo $addr;
	fi;
    fi;
done;

rm $tmp 2> /dev/null
	#!/bin/bash

	# Get program entry points with the help of objdump and hexdump
	# Copyleft dipswitch@ownage4u.nl 2011

	if [[ -z $1 ]]; then
	echo "Usage: $0 <elf>" 1>&2;
	exit 1;
	fi;

	if [[ ! -e "$1" ]]; then
	echo "No file named '$1' found me mate!" 1>&2;
	exit 2;
	fi;

	if ! file $1 \| grep ELF 2>&1 > /dev/null; then
	echo "Arrgggg this no even looks like an ELF to me, me mate!" 1>&2;
	exit 3;
	fi;

	CTOR_START="0xffffffff";
	CTOR_END="0x00000000";
	ADDR_FORMAT='"0x%08x "';
	BYTE_COUNT=32;

	if file $1 \| grep 'ELF 64' 2>&1 > /dev/null; then
	CTOR_START="${CTOR_START}ffffffff";
	CTOR_END="${CTOR_END}00000000";
	ADDR_FORMAT='"0x%08x%08x "';
	BYTE_COUNT=64;
	fi;

	for addr in $(hexdump -e "$ADDR_FORMAT" -n $BYTE_COUNT -s 0x`objdump -x "$1" \| grep .ctors \| sed -e 's/ */ /g' \| cut -d' ' -f 7 \| line` "$1"); do
	if [[ $addr == $CTOR_START ]]; then
	continue;
	elif [[ $addr == $CTOR_END ]]; then
	if [[ -n $FIRST ]]; then
	echo -ne "\n"
	fi;

	break;
	else
	if [[ -z $FIRST ]]; then
	echo ".ctors:";
	FIRST=1;
	fi;

	if [[ $BYTE_COUNT -eq 64 ]]; then
	echo $addr \| sed -e 's/\(0x\)\([0-9a-f]\{8\}\)\([0-9a-f]\{8\}\)/\1\3\2/g'
	else
	echo $addr;
	fi;
	fi;
	done;

	tmp=`mktemp /tmp/input.XXXX`;
	echo "entrypoints:";
	if objdump -x "$1" \| grep 'start address' \| grep -o '0x[0-9a-f]*' > $tmp; then
	echo ".text: "`cat ${tmp}`;
	fi;

	if objdump -j .text -M intel -D "$1" \| grep '<_start>:' \| grep -o '[0-9a-f]* ' > $tmp; then
	echo "_start: 0x"`cat ${tmp}`;
	fi;

	if objdump -j .text -M intel -D "$1" \| grep '<main>:' \| grep -o '[0-9a-f]* ' > $tmp; then
	echo "main: 0x"`cat ${tmp}`;
	fi;

	if objdump -j .text -M intel -D "$1" \| grep '<.text>:' -A20 \| grep '__libc_start_main' -B1 \| line \| grep -o '0x[0-9a-z]*' > $tmp; then
	echo "Stripped main: "`cat ${tmp}`;
	elif objdump -j .text -M intel -D "$1" \| grep '<.text>:' -A20 \| grep 'hlt' -B2 \| line \| grep -o '0x[0-9a-z]*' > $tmp; then
	echo "Static stripped main: "`cat ${tmp}`;
	fi;

	unset FIRST

	for addr in $(hexdump -e "$ADDR_FORMAT" -n $BYTE_COUNT -s 0x`objdump -x "$1" \| grep .dtors \| sed -e 's/ */ /g' \| cut -d' ' -f 7 \| line` "$1"); do
	if [[ $addr == $CTOR_START ]]; then
	continue;
	elif [[ $addr == $CTOR_END ]]; then
	break;
	else
	if [[ -z $FIRST ]]; then
	echo -e "\n.dtors:";
	FIRST=1;
	fi;

	if [[ $BYTE_COUNT -eq 64 ]]; then
	echo $addr \| sed -e 's/\(0x\)\([0-9a-f]\{8\}\)\([0-9a-f]\{8\}\)/\1\3\2/g'
	else
	echo $addr;
	fi;
	fi;
	done;

	rm $tmp 2> /dev/null