Last active
September 15, 2018 17:58
-
-
Save grantseltzer/6dfd8ed453e6836ad8dfb4b63cf1dbe6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // extract the .text section | |
| textSection := elfFile.Section(".text") | |
| if textSection == nil { | |
| log.Fatal("No text section") | |
| } | |
| // extract the raw bytes from the .text section | |
| textSectionData, err := textSection.Data() | |
| if err != nil { | |
| log.Fatal(err) | |
| } | |
| // traverse through the symbol table | |
| for _, symbol := range symbolTable { | |
| // skip over any symbols that aren't functinons/methods | |
| if symbol.Info != byte(2) && symbol.Info != byte(18) { | |
| continue | |
| } | |
| // skip over empty symbols | |
| if symbol.Size == 0 { | |
| continue | |
| } | |
| // calculate starting and ending index of the symbol within the text section | |
| symbolStartingIndex := symbol.Value - textSection.Addr | |
| symbolEndingIndex := symbolStartingIndex + symbol.Size | |
| // collect the bytes of the symbol | |
| symbolBytes := textSectionData[symbolStartingIndex:symbolEndingIndex] | |
| // disasemble the symbol | |
| instructions, err := engine.Disasm(symbolBytes, symbol.Value, 0) | |
| if err != nil { | |
| log.Fatalf("could not disasemble symbol: %s", err) | |
| } | |
| // print out each instruction that's part of this symbol | |
| fmt.Printf("\n\nSYMBOL %s\n", symbol.Name) | |
| for _, ins := range instructions { | |
| fmt.Printf("0x%x:\t%s\t\t%s\n", ins.Address, ins.Mnemonic, ins.OpStr) | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment