I have binary executable file compiled from C-source and I know that it uses some of UNIX system environment variables. Unfortunately I have no documentation and decompiling/reverse-engineering is very difficult.
我有从C-source编译的二进制可执行文件,我知道它使用了一些UNIX系统环境变量。不幸的是我没有文档,反编译/逆向工程非常困难。
Is there a way to find which env variables the app tries to read in runtime?
有没有办法找到应用程序试图在运行时读取的env变量?
I mean, if C's getenv reads some file to get variable values or does a system call, it is possible. So, can I do it?
我的意思是,如果C的getenv读取某个文件以获取变量值或进行系统调用,则可能。那么,我可以这样做吗?
2 个解决方案
#1
1
strings(1) might help you to identify the names of the envrionment variables. – Blagovest Buyukliev
strings(1)可以帮助您识别envrionment变量的名称。 - Blagovest Buyukliev
#2
1
One can use a debugger, set a breakpoint on getenv, and inspect the function argument. This is possible even without debug information (albeit more difficult, since it requires knowledge of the calling convention).
可以使用调试器,在getenv上设置断点,并检查函数参数。即使没有调试信息,这也是可能的(尽管更难,因为它需要了解调用约定)。
#1
1
strings(1) might help you to identify the names of the envrionment variables. – Blagovest Buyukliev
strings(1)可以帮助您识别envrionment变量的名称。 - Blagovest Buyukliev
#2
1
One can use a debugger, set a breakpoint on getenv, and inspect the function argument. This is possible even without debug information (albeit more difficult, since it requires knowledge of the calling convention).
可以使用调试器,在getenv上设置断点,并检查函数参数。即使没有调试信息,这也是可能的(尽管更难,因为它需要了解调用约定)。