Linux Reverse Engineering CTFs for Beginners
The “e_shoff” member holds the offset to the section header table. To calculate the size of the entire binary we can use the following calculation
size = e_shoff + (e_shnum * e_shentsize)
size = Start of section headers + (Number of section headers * Size of section headers)
size = 137000 + (29*64) = 138856
As you can see our calculation is correct. However, every section is important to understand in doing cool things in reverse engineering in ELF 🙂
These headers contain the information for the binary’s segments.