LinuxCommandLibrary

readelf

Display information about ELF format files

TLDR

Display all information about the ELF file

$ readelf -all [path/to/binary]
copy

Display all the headers present in the ELF file
$ readelf --headers [path/to/binary]
copy

Display the entries in symbol table section of the ELF file, if it has one
$ readelf --symbols [path/to/binary]
copy

Display ELF header information
$ readelf --file-header [path/to/binary]
copy

Display ELF section header information
$ readelf --section-headers [path/to/binary]
copy

SYNOPSIS

readelf option(s) file(s)

PARAMETERS

-a, --all
    Display all information.

-h, --header
    Display the ELF file header.

-l, --program-headers, --segments
    Display the program headers.

-S, --section-headers, --sections
    Display the section headers.

-g, --group-sections
    Display the section group information.

-t, --section-details
    Display the section details.

-s, --syms, --symbols
    Display the symbol table.

-e, --headers
    Display all headers.

-n, --notes
    Display the notes section.

-r, --relocs
    Display the relocations section.

-d, --dynamic
    Display the dynamic section.

-V, --version-info
    Display version sections.

-A, --arch-specific
    Display architecture-specific information.

-I, --histogram
    Display symbol histogram.

-w[liaprhsdtngv] or --debug-[dump|links|addr|aranges|frames|pubnames|str|types|names|vars]
    Dump debugging information from the file.

-W, --wide
    Don't break output lines.

--help
    Display this information.

--version
    Display the version number.

DESCRIPTION

The readelf command displays information about the contents of ELF format object files. This includes executables, shared libraries, and object code. It allows you to examine the structure and contents of these files, such as the headers, sections, program segments, symbol tables, and relocation entries. This information is extremely useful for debugging, reverse engineering, and understanding the underlying structure of ELF files. readelf provides a wealth of information about the file's architecture, dependencies, and layout in memory. It is an invaluable tool for developers and system administrators working with compiled programs. Different options allow to filter and display specific information from the ELF file.
The command supports 32 bit and 64 bit objects, depending on the architecture used for compilation.

CAVEATS

The output format and level of detail may vary slightly depending on the version of binutils used.

EXIT STATUS

readelf exits with a status of 0 if it succeeds, and a non-zero value if it encounters an error.

ELF FORMAT

ELF (Executable and Linkable Format) is a standard file format for executables, shared libraries, object code, and core dumps. It defines the structure of these files, including headers, sections, and program segments. readelf is specifically designed to parse and interpret this format.

HISTORY

readelf is part of the binutils package, a collection of binary tools for manipulating object files. It has been a standard tool for ELF file analysis for many years, evolving with the ELF format itself to support new features and architectures.

SEE ALSO

objdump(1), ld(1), nm(1)

Copied to clipboard