YouTip LogoYouTip

Linux Comm Objdump

[![Image 1: Linux Command Manual](#) Linux Command Manual](#) * * * objdump is an important command-line tool in the GNU Binutils suite, used to display various information about object files and executable files. It is a powerful tool for binary analysis, reverse engineering, and debugging under Linux systems. The main functions of objdump include: * Disassemble binary files * View file header information * Display section contents * View symbol tables * Display relocation information * Analyze file structure * * * ## Basic Syntax The basic command format for objdump is as follows: objdump filename If no options are specified, objdump will display the section header information of the file. * * * ## Detailed Explanation of Common Options ### Disassembly-related Options ## Example -d, --disassemble# Disassemble sections containing code -D, --disassemble-all# Disassemble all sections -S, --source# Display source code and assembly code together (requires -g option during compilation) --prefix-addresses# Display full addresses during disassembly --no-addresses# Do not display address information ### Section Information Options ## Example -h, --section-headers# Display section header information -j, --section= name # Only display the content of the specified section ### Symbol Table Options ## Example -t, --syms# Display symbol table -T, --dynamic-syms# Display dynamic symbol table ### File Header Information -f, --file-headers # Display file header information ### Other Useful Options ## Example -l, --line-numbers# Display line number information (requires debugging information) -r, --reloc# Display relocation entries -R, --dynamic-reloc# Display dynamic relocation entries -s, --full-contents# Display the complete contents of all sections * * * ## Practical Examples ### Example 1: View the Structure of an Executable File objdump -h /bin/ls Output example: /bin/ls: file format elf64-x86-64Sections:Idx Name Size VMA LMA File off Algn 0 .interp 0000001c 0000000000400238 0000000000400238 00000238 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 1 .note.ABI-tag 00000020 0000000000400254 0000000000400254 00000254 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA ... ### Example 2: Disassemble an Executable File objdump -d /bin/ls Output example (partial): 0000000000405a50 : 405a50: 31 ed xor %ebp,%ebp 405a52: 49 89 d1 mov %rdx,%r9 405a55: 5e pop %rsi 405a56: 48 89 e2 mov %rsp,%rdx 405a59: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp ... ### Example 3: View Symbol Table objdump -t myprogram.o Output example: myprogram.o: file format elf64-x86-64 SYMBOL TABLE:0000000000000000 l df *ABS* 0000000000000000 myprogram.c 0000000000000000 l d .text 0000000000000000 .text 0000000000000000 g F .text 0000000000000015 main 0000000000000000 *UND* 0000000000000000 printf ### Example 4: Display Source Code and Assembly Code Together objdump -S myprogram Output example: ## Example int main(){ 400526:55 push %rbp 400527:48 89 e5 mov %rsp,%rbp printf("Hello, World!n"); 40052a: bf d4 05 40 00 mov $0x4005d4,%edi 40052f: e8 cc fe ff ff callq 400400 return 0; 400534: b8 00 00 00 00 mov $0x0,%eax } * * * ## Practical Application Scenarios ### Scenario 1: Debug Program Crashes When a program crashes, you can use objdump to view the code near the crash address: objdump -d --start-address=0x400526 --stop-address=0x400536 myprogram ### Scenario 2: Analyze Library Function Calls View which dynamic library functions the program calls: objdump -T myprogram | grep UND ### Scenario 3: Learn Assembly Language Learn assembly language by disassembling simple C programs: ## Example gcc-o simple simple.c objdump -d simple * * * ## Notes 1. **Debugging Information**: To get source code level information, you need to add the `-g` option during compilation 2. **Optimization Impact**: Compiler optimization will affect the generated assembly code, so pay attention during analysis 3. **Architecture Differences**: Assembly instructions are different for different CPU architectures, make sure to use the correct disassembly options 4. **Permission Issues**: Analyzing system files may require root privileges 5. **File Format**: objdump mainly targets ELF format files, other formats may require special handling * * * ## Advanced Tips ### Combine with Other Tools ## Example # Use grep to filter specific functions objdump -d myprogram |grep-A20"main>:" # Count function sizes objdump -d myprogram |awk'/^+ :/ {print $1,$2}' ### Create Disassembly Scripts ## Example #!/bin/bash # Disassembly script example if[$#-ne 1]; then echo"Usage: $0 " exit 1 fi echo"=== File Header Information ===" objdump -f$1 echo-e"n=== Section Information ===" objdump -h$1 echo-e"n=== Disassembled Code ===" objdump -d$1 * * * ## Summary objdump is a powerful binary analysis tool under Linux systems. Mastering it allows you to: * Gain in-depth understanding of program execution mechanisms * Quickly locate program issues * Learn assembly language and system knowledge * Perform basic reverse engineering analysis Through the basic usage and practical examples introduced in this article, you should be able to start using objdump for basic binary file analysis. As you accumulate practical experience, you will discover more clever uses of it in system programming and debugging. * * Linux Command Manual](#)
← Linux Comm NmLinux Comm Btrfs β†’