Linux Reverse Engineering CTFs for Beginners

The “e_shoff” member holds the offset to the section header table. To calculate the size of the entire binary we can use the following calculation

size = e_shoff + (e_shnum * e_shentsize)

size = Start of section headers + (Number of section headers * Size of section headers)

size = 137000 + (29*64) = 138856

As you can see our calculation is correct. However, every section is important to understand in doing cool things in reverse engineering in ELF 🙂

These headers contain the information for the binary’s segments.

Source: osandamalith.com