# Can we get compiler details from an elf binary?

Exists some opportunity to recognize just how a binary was constructed, under Linux? (and also or various other Unix)

Compiler, version, time, flags and so on.

I considered readelf and also could not locate a lot, yet there could be various other means at assessing the binary code/section and so on.

Anything you recognize just how to extract?

0
2019-05-04 08:53:01
Source Share

There isn't a global means, yet you can make an enlightened hunch by seeking points just done by one compiler.

GCC is the most convenient ; it creates a .comment area which contains the GCC variation string (the very same string you get if you run gcc --version). I do not recognize if there's a means to display it with readelf, yet with objdump it's :

objdump -s --section .comment /path/binary

.

I simply understood I overlooked the remainder of your inquiry. Flags aren't usually conserved anywhere ; they would certainly remain in a comment area more than likely, yet I've never ever seen that done. There's a place in the COFF header for a timestamp, yet there's no equal in ELF, so I do not assume the compile time is readily available either

0
2019-05-08 03:13:31
Source

You can attempt making use of the strings command. It will certainly create a great deal of message result; by examining it you could presume the compiler.

[email protected]:~\$ strings -a a.out |grep -i gcc GCC: (Ubuntu 4.4.3-4ubuntu5) 4.4.3

Here I recognize it's assembled with gcc yet you can constantly reroute strings result to a documents and also analyze it.

There is one great energy called peid for Windows yet I can not locate any kind of choice for it on Linux.

0
2019-05-07 23:29:19
Source