C/C++ Cracking Tools Mobile Security Reverse Engineering
Kali Linux 2016.2 64 Bit ARM File Debugging
Quick solution for “ld-linux.so.3” error on kali linux when debugging ELF ARM 32Bit binary…
root@kalinux:~# file ch.bin ch.bin: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.3, for GNU/Linux 2.6.26, BuildID[sha1]=e1b71a8437277ebc3eb417be2bf877b5dfff85c8, stripped
Error Type:
</pre> /lib/ld-linux.so.3: No such file or directory
Getting needed packages:
–Adding i386 architecture to system
dpkg --add-architecture i386 apt-get update --ignore-missing -y apt-get upgrade --ignore-missing</pre> apt-get install build-essential ddd cpio libncurses5-dev libsdl-dev zlib1g-dev apt-get install -y libc6-i386 lib32stdc++6 lib32gcc1 lib32ncurses5 lib32z1 apt-get install g++-arm-linux-gnueabihf
*** Optional : apt-get install build-essential git debootstrap u-boot-tools device-tree-compiler
Linking SO.3
ln -sf ld-linux-armhf.so.3 /lib/ld-linux.so.3
After installations are completed you should begin debugging with “arm-linux-gnueabihf-gdb”
Samples
Reading Elf Binary
root@kalinux:~# arm-linux-gnueabihf-readelf -e arm.bin ELF Header: Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 Class: ELF32 Data: 2s complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: DYN (Shared object file) Machine: ARM Version: 0x1 Entry point address: 0x495 Start of program headers: 52 (bytes into file) Start of section headers: 9556 (bytes into file) Flags: 0x5000400, Version5 EABI, hard-float ABI Size of this header: 52 (bytes) Size of program headers: 32 (bytes) Number of program headers: 9 Size of section headers: 40 (bytes) Number of section headers: 36 Section header string table index: 35
Dumping Binary
root@kalinux:~# arm-linux-gnueabihf-objdump -d arm.bin arm.bin: file format elf32-littlearm Disassembly of section .init: 00000438 : 438: e92d4008 push {r3, lr} 43c: eb000026 bl 4dc 440: e8bd8008 pop {r3, pc} Disassembly of section .plt: 00000444 : 444: e52de004 push {lr} ; (str lr, [sp, #-4]!) 448: e59fe004 ldr lr, [pc, #4] ; 454 <.plt+0x10> 44c: e08fe00e add lr, pc, lr 450: e5bef008 ldr pc, [lr, #8]! 454: 00010bac .word 0x00010bac
Debugging with GDB
root@kalinux:~# gdb-multiarch -q -nx (gdb) file arm.bin Reading symbols from arm.bin...done. (gdb) set archi arm The target architecture is assumed to be arm (gdb) disass main Dump of assembler code for function main: 0x00000604 <+0>: push {r11, lr} 0x00000608 <+4>: add r11, sp, #4 0x0000060c <+8>: ldr r3, [pc, #20] ; 0x628 <main+36> 0x00000610 <+12>: add r3, pc, r3 0x00000614 <+16>: mov r0, r3 0x00000618 <+20>: bl 0x5d0 <foo> 0x0000061c <+24>: mov r3, #0 0x00000620 <+28>: mov r0, r3 0x00000624 <+32>: pop {r11, pc} 0x00000628 <+36>: andeq r0, r0, r4, rrx End of assembler dump. (gdb)
Installing radare2 for excellent debugging
</pre> apt-get install radare2
Installing peda for gdb
</pre> git clone https://github.com/longld/peda.git ~/peda echo "source ~/peda/peda.py" >> ~/.gdbinit
POST YOUR COMMENTS
You must be logged in to post a comment.