diff options
author | Johannes Stoelp <johannes.stoelp@gmail.com> | 2023-02-05 18:28:23 +0100 |
---|---|---|
committer | Johannes Stoelp <johannes.stoelp@gmail.com> | 2023-02-05 18:28:23 +0100 |
commit | 728d263753b998b8944a66eec1be0e743961fa1c (patch) | |
tree | 5840e4345255959b1cf23cd02e7e62c9aedbb2a2 | |
parent | 10edacaf2401a097bd4508cae55a39d005063e98 (diff) | |
download | notes-728d263753b998b8944a66eec1be0e743961fa1c.tar.gz notes-728d263753b998b8944a66eec1be0e743961fa1c.zip |
objdump: disasm raw binary
-rw-r--r-- | src/binary/objdump.md | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/src/binary/objdump.md b/src/binary/objdump.md index 636db3f..a76a327 100644 --- a/src/binary/objdump.md +++ b/src/binary/objdump.md @@ -16,3 +16,41 @@ For example `.plt` section: ```markdown objdump -j .plt -d <elf> ``` + +## Example: disassemble raw binary +This can be helpful for example as a cheap analysis tool when toying with JIT +generating code. We could just write thee binary code buffer to a file and +disassemble with `objdump`. + +To re-create that case, we just assemble and link some ELF file and then create +a raw binary of the text section with `objcopy`. + +```x86asm +# file: test.s +.section .text, "ax" + +.global _start +_start: + xor %rax, %rax + mov $0x8, %rax +1: + cmp $0, %rax + je 2f + dec %rax + jmp 1b +2: + # x86-64 exit(2) syscall + mov $0, %rdi + mov $60, %rax + syscall +``` +```bash +# Assemble & link. +as -o test.o test.s +ld -o test test.o testc.o +# ELF -> binary (only take .text section). +objcopy -O binary --only-section .text test test-bin + +# Disassemble raw binary. +objdump -D -b binary -m i386:x86-64 test-bin +``` |