Can we get compiler details from an elf binary?
Exists some opportunity to recognize just how a binary was constructed, under Linux? (and also or various other Unix)
Compiler, version, time, flags and so on.
readelf and also could not locate a lot, yet there could be various other means at assessing the binary code/section and so on.
Anything you recognize just how to extract?
There isn't a global means, yet you can make an enlightened hunch by seeking points just done by one compiler.
GCC is the most convenient ; it creates a
.comment area which contains the GCC variation string (the very same string you get if you run
gcc --version). I do not recognize if there's a means to display it with
readelf, yet with
objdump it's :
objdump -s --section .comment /path/binary
I simply understood I overlooked the remainder of your inquiry. Flags aren't usually conserved anywhere ; they would certainly remain in a comment area more than likely, yet I've never ever seen that done. There's a place in the COFF header for a timestamp, yet there's no equal in ELF, so I do not assume the compile time is readily available either
You can attempt making use of the
strings command. It will certainly create a great deal of message result; by examining it you could presume the compiler.
[email protected]:~$ strings -a a.out |grep -i gcc
GCC: (Ubuntu 4.4.3-4ubuntu5) 4.4.3
Here I recognize it's assembled with
gcc yet you can constantly reroute
strings result to a documents and also analyze it.
There is one great energy called
peid for Windows yet I can not locate any kind of choice for it on Linux.