|  |  |  |  | 

C/C++ Cracking Tools Mobile Security Reverse Engineering

Kali Linux 2016.2 64 Bit ARM File Debugging

img-responsive

Quick solution for “ld-linux.so.3” error on kali linux when debugging ELF ARM 32Bit binary…

<br />
[email protected]:~# file ch.bin<br />
ch.bin:<br />
ELF 32-bit LSB executable,<br />
ARM, EABI5 version 1 (SYSV),<br />
dynamically linked,<br />
interpreter /lib/ld-linux.so.3, for GNU/Linux 2.6.26,<br />
BuildID[sha1]=e1b71a8437277ebc3eb417be2bf877b5dfff85c8, stripped<br />

Error Type:

&lt;/pre&gt;<br />
/lib/ld-linux.so.3: No such file or directory<br />

Getting needed packages:

–Adding i386 architecture to system

<br />
 dpkg --add-architecture i386<br />
 apt-get update --ignore-missing -y<br />
 apt-get upgrade --ignore-missing&lt;/pre&gt;<br />
apt-get install build-essential ddd cpio libncurses5-dev libsdl-dev zlib1g-dev<br />
apt-get install -y libc6-i386 lib32stdc++6 lib32gcc1 lib32ncurses5 lib32z1</p>
<p>apt-get install g++-arm-linux-gnueabihf</p>
<p>

*** Optional : apt-get install build-essential git debootstrap u-boot-tools device-tree-compiler
Linking SO.3

</p>
<p>ln -sf ld-linux-armhf.so.3 /lib/ld-linux.so.3</p>
<p>

After installations are completed you should begin debugging with “arm-linux-gnueabihf-gdb”
Samples
Reading Elf Binary

</p>
<p>[email protected]:~# arm-linux-gnueabihf-readelf -e arm.bin<br />
ELF Header:<br />
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00<br />
Class: ELF32<br />
Data: 2s complement, little endian<br />
Version: 1 (current)<br />
OS/ABI: UNIX - System V<br />
ABI Version: 0<br />
Type: DYN (Shared object file)<br />
Machine: ARM<br />
Version: 0x1<br />
Entry point address: 0x495<br />
Start of program headers: 52 (bytes into file)<br />
Start of section headers: 9556 (bytes into file)<br />
Flags: 0x5000400, Version5 EABI, hard-float ABI<br />
Size of this header: 52 (bytes)<br />
Size of program headers: 32 (bytes)<br />
Number of program headers: 9<br />
Size of section headers: 40 (bytes)<br />
Number of section headers: 36<br />
Section header string table index: 35<br />

Dumping Binary

<br />
[email protected]:~# arm-linux-gnueabihf-objdump -d arm.bin</p>
<p>arm.bin: file format elf32-littlearm</p>
<p>Disassembly of section .init:</p>
<p>00000438 :<br />
438: e92d4008 push {r3, lr}<br />
43c: eb000026 bl 4dc<br />
440: e8bd8008 pop {r3, pc}</p>
<p>Disassembly of section .plt:</p>
<p>00000444 :<br />
444: e52de004 push {lr} ; (str lr, [sp, #-4]!)<br />
448: e59fe004 ldr lr, [pc, #4] ; 454 &lt;.plt+0x10&gt;<br />
44c: e08fe00e add lr, pc, lr<br />
450: e5bef008 ldr pc, [lr, #8]!<br />
454: 00010bac .word 0x00010bac<br />

Debugging with GDB

</p>
<p>[email protected]:~# gdb-multiarch -q -nx<br />
(gdb) file arm.bin<br />
Reading symbols from arm.bin...done.<br />
(gdb) set archi arm<br />
The target architecture is assumed to be arm<br />
(gdb) disass main<br />
Dump of assembler code for function main:<br />
0x00000604 &lt;+0&gt;: push {r11, lr}<br />
0x00000608 &lt;+4&gt;: add r11, sp, #4<br />
0x0000060c &lt;+8&gt;: ldr r3, [pc, #20] ; 0x628 &lt;main+36&gt;<br />
0x00000610 &lt;+12&gt;: add r3, pc, r3<br />
0x00000614 &lt;+16&gt;: mov r0, r3<br />
0x00000618 &lt;+20&gt;: bl 0x5d0 &lt;foo&gt;<br />
0x0000061c &lt;+24&gt;: mov r3, #0<br />
0x00000620 &lt;+28&gt;: mov r0, r3<br />
0x00000624 &lt;+32&gt;: pop {r11, pc}<br />
0x00000628 &lt;+36&gt;: andeq r0, r0, r4, rrx<br />
End of assembler dump.<br />
(gdb)</p>
<p>

Installing radare2 for excellent debugging

&lt;/pre&gt;<br />
apt-get install radare2<br />

Installing peda for gdb

&lt;/pre&gt;<br />
git clone https://github.com/longld/peda.git ~/peda<br />
echo &quot;source ~/peda/peda.py&quot; &gt;&gt; ~/.gdbinit</p>
<p>

kali-linux-2016-2-64-bit-arm-file-debugging

ABOUT THE AUTHOR

Application Security , Information and Software Security Specialist Ethical Hacker and Pentester

POST YOUR COMMENTS

Your email address will not be published. Required fields are marked *

Name *

Email *

Website