Solved

Identifying Binaries/Executables on GNU Linux/UNIX

Posted on 2006-11-30
4
285 Views
Last Modified: 2010-04-15
Is there a way, perhaps using a stat struct with fstat, to identify whether a certain file is an executable binary?  I looked over the fstat man pages, and it says you can identify the files permissions, or whether it's a directory, but I can't see anything to tell whether it's an executable.  
0
Comment
Question by:chsalvia
  • 2
4 Comments
 
LVL 45

Assisted Solution

by:sunnycoder
sunnycoder earned 125 total points
ID: 18044529
Hi chsalvia,

Look into source code of file command ... They use some heuristics such as magic number to determine file type ...
http://www.die.net/doc/linux/man/man1/file.1.html

Cheers!
sunnycoder
0
 
LVL 22

Expert Comment

by:grg99
ID: 18045332
Do you mean:

(1)  Does the file have executable permissions for user X?

(2)  Is the file in a format this OS can load and execute?

(3)  #2 and are its prerequisite shared libraries around?

(4) #3 are the aforementioned libraries the right versions for this executable?

(5) #4 and are the config and other  files for this executable in the right places?

(6) #5 and are there enough system resources available to user X to run the program?


All very different questions, and they get harder and harder to verify as you go down the list.



0
 

Author Comment

by:chsalvia
ID: 18048603
grg, I meant number 2 on the list.  Is the file in a format the OS can load and execute.
0
 
LVL 22

Accepted Solution

by:
grg99 earned 125 total points
ID: 18048820
okay, you can determine the file format either by using the "file" command, or peeking at the first few bytes of the file.

Search the internet for "a.out file format" which will describe the several magic numbers an a.out format file can have.

Also on Linux most binaries are in ELF format, search for "ELF executable format" for the magic numbers in these files.

Some Unix systems use COFF format, that has its own distinctive header magic words.

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Have you thought about creating an iPhone application (app), but didn't even know where to get started? Here's how: ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Important pre-programming comments: I’ve never tri…
This is a short and sweet, but (hopefully) to the point article. There seems to be some fundamental misunderstanding about the function prototype for the "main" function in C and C++, more specifically what type this function should return. I see so…
The goal of this video is to provide viewers with basic examples to understand opening and writing to files in the C programming language.
The goal of this video is to provide viewers with basic examples to understand recursion in the C programming language.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now