$ gcc -g -no-pie -o helloworld-no-pie helloworld.c$ readelf -r helloworld-no

1. $ gcc -g -no-pie -o helloworld-no-pie helloworld.c
2.  
3. $ readelf -r helloworld-no-pie | grep puts
4.  
5. 000000601018  000100000007 R_X86_64_JUMP_SLO 0000000000000000 puts@GLIBC_2.2.5 + 0
6.  
7. $ gdb -q helloworld-no-pie
8. Reading symbols from helloworld-no-pie...done.
9. gdb-peda$ set env LD_BIND_NOW
10. Setting environment variable "LD_BIND_NOW" to null value.
11. gdb-peda$ disp/gx 0x601018
12. 1: x/xg 0x601018  0x601018:     0x00000000004003f6
13. gdb-peda$ b main
14. Breakpoint 1 at 0x4004eb: file helloworld.c, line 21.
15. gdb-peda$ r
16. Starting program: /home/ubuntu/Dropbox/Workspace/c/doodle/helloworld-no-pie
17. [----------------------------------registers-----------------------------------]
18. RAX: 0x4004e7 (<main>:  push   rbp)
19. RBX: 0x0
20. RCX: 0x400500 (<__libc_csu_init>:       push   r15)
21. RDX: 0x7fffffffe348 --> 0x7fffffffe608 ("HOME=/home/ubuntu")
22. RSI: 0x7fffffffe338 --> 0x7fffffffe5ce ("/home/ubuntu/Dropbox/Workspace/c/doodle/helloworld-no-pie")
23. RDI: 0x1
24. RBP: 0x7fffffffe250 --> 0x400500 (<__libc_csu_init>:    push   r15)
25. RSP: 0x7fffffffe250 --> 0x400500 (<__libc_csu_init>:    push   r15)
26. RIP: 0x4004eb (<main+4>:        lea    rdi,[rip+0x92]        # 0x400584)
27. R8 : 0x7ffff7dd0d80 --> 0x0
28. R9 : 0x7ffff7dd0d80 --> 0x0
29. R10: 0x0
30. R11: 0x1
31. R12: 0x400400 (<_start>:        xor    ebp,ebp)
32. R13: 0x7fffffffe330 --> 0x1
33. R14: 0x0
34. R15: 0x0
35. EFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow)
36. [-------------------------------------code-------------------------------------]
37.    0x4004e5 <frame_dummy+5>:    jmp    0x400470 <register_tm_clones>
38.    0x4004e7 <main>:     push   rbp
39.    0x4004e8 <main+1>:   mov    rbp,rsp
40. => 0x4004eb <main+4>:   lea    rdi,[rip+0x92]        # 0x400584
41.    0x4004f2 <main+11>:  call   0x4003f0 <puts@plt>
42.    0x4004f7 <main+16>:  mov    eax,0x0
43.    0x4004fc <main+21>:  pop    rbp
44.    0x4004fd <main+22>:  ret
45. [------------------------------------stack-------------------------------------]
46. 0000| 0x7fffffffe250 --> 0x400500 (<__libc_csu_init>:   push   r15)
47. 0008| 0x7fffffffe258 --> 0x7ffff7a05b97 (<__libc_start_main+231>:       mov    edi,eax)
48. 0016| 0x7fffffffe260 --> 0x1
49. 0024| 0x7fffffffe268 --> 0x7fffffffe338 --> 0x7fffffffe5ce ("/home/ubuntu/Dropbox/Workspace/c/doodle/helloworld-no-pie")
50. 0032| 0x7fffffffe270 --> 0x100008000
51. 0040| 0x7fffffffe278 --> 0x4004e7 (<main>:      push   rbp)
52. 0048| 0x7fffffffe280 --> 0x0
53. 0056| 0x7fffffffe288 --> 0x4109919a95c7f178
54. [------------------------------------------------------------------------------]
55. Legend: code, data, rodata, value
56.  
57. Breakpoint 1, main () at helloworld.c:21
58. 21          printf("Hello world!\n");
59. 1: x/xg 0x601018  0x601018:     0x00000000004003f6
60. gdb-peda$ set env LD_BIND_NOW=1
61. gdb-peda$ r
62. Starting program: /home/ubuntu/Dropbox/Workspace/c/doodle/helloworld-no-pie
63. [----------------------------------registers-----------------------------------]
64. RAX: 0x4004e7 (<main>:  push   rbp)
65. RBX: 0x0
66. RCX: 0x400500 (<__libc_csu_init>:       push   r15)
67. RDX: 0x7fffffffe348 --> 0x7fffffffe607 ("HOME=/home/ubuntu")
68. RSI: 0x7fffffffe338 --> 0x7fffffffe5cd ("/home/ubuntu/Dropbox/Workspace/c/doodle/helloworld-no-pie")
69. RDI: 0x1
70. RBP: 0x7fffffffe250 --> 0x400500 (<__libc_csu_init>:    push   r15)
71. RSP: 0x7fffffffe250 --> 0x400500 (<__libc_csu_init>:    push   r15)
72. RIP: 0x4004eb (<main+4>:        lea    rdi,[rip+0x92]        # 0x400584)
73. R8 : 0x7ffff7dd0d80 --> 0x0
74. R9 : 0x7ffff7dd0d80 --> 0x0
75. R10: 0x0
76. R11: 0x1
77. R12: 0x400400 (<_start>:        xor    ebp,ebp)
78. R13: 0x7fffffffe330 --> 0x1
79. R14: 0x0
80. R15: 0x0
81. EFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow)
82. [-------------------------------------code-------------------------------------]
83.    0x4004e5 <frame_dummy+5>:    jmp    0x400470 <register_tm_clones>
84.    0x4004e7 <main>:     push   rbp
85.    0x4004e8 <main+1>:   mov    rbp,rsp
86. => 0x4004eb <main+4>:   lea    rdi,[rip+0x92]        # 0x400584
87.    0x4004f2 <main+11>:  call   0x4003f0 <puts@plt>
88.    0x4004f7 <main+16>:  mov    eax,0x0
89.    0x4004fc <main+21>:  pop    rbp
90.    0x4004fd <main+22>:  ret
91. [------------------------------------stack-------------------------------------]
92. 0000| 0x7fffffffe250 --> 0x400500 (<__libc_csu_init>:   push   r15)
93. 0008| 0x7fffffffe258 --> 0x7ffff7a05b97 (<__libc_start_main+231>:       mov    edi,eax)
94. 0016| 0x7fffffffe260 --> 0x1
95. 0024| 0x7fffffffe268 --> 0x7fffffffe338 --> 0x7fffffffe5cd ("/home/ubuntu/Dropbox/Workspace/c/doodle/helloworld-no-pie")
96. 0032| 0x7fffffffe270 --> 0x100008000
97. 0040| 0x7fffffffe278 --> 0x4004e7 (<main>:      push   rbp)
98. 0048| 0x7fffffffe280 --> 0x0
99. 0056| 0x7fffffffe288 --> 0xbb586d33e5a0e758
100. [------------------------------------------------------------------------------]
101. Legend: code, data, rodata, value
102.  
103. Breakpoint 1, main () at helloworld.c:21
104. 21          printf("Hello world!\n");
105. 1: x/xg 0x601018  0x601018:     0x00007ffff7a649c0
106. gdb-peda$ x/4i 0x00007ffff7a649c0
107.    0x7ffff7a649c0 <_IO_puts>:   push   r13
108.    0x7ffff7a649c2 <_IO_puts+2>: push   r12
109.    0x7ffff7a649c4 <_IO_puts+4>: mov    r12,rdi
110.    0x7ffff7a649c7 <_IO_puts+7>: push   rbp