Commands using objdump (8)

  • Tired copy paste to get opcode from objdump huh ? Get more @ http://gunslingerc0de.wordpress.com Show Sample Output


    4
    objdump -d ./PROGRAM|grep '[0-9a-f]:'|grep -v 'file'|cut -f2 -d:|cut -f1-6 -d' '|tr -s ' '|tr '\t' ' '|sed 's/ $//g'|sed 's/ /\\x/g'|paste -d '' -s |sed 's/^/"/'|sed 's/$/"/g'
    gunslinger_ · 2010-07-11 15:44:48 4
  • Anyone can make the command smaller & easier? :) Show Sample Output


    3
    for i in $(objdump -d binary -M intel |grep "^ " |cut -f2); do echo -n '\x'$i; done;echo
    arno · 2013-04-09 09:44:31 2
  • The options -b binary and -m are needed for disassembling raw machine code when it is not part of a full binary executable with proper headers. Show Sample Output


    2
    objdump -b binary -m i386 -D shellcode.bin
    recursiverse · 2010-04-27 11:11:36 2
  • Getting shellcode from ARM binaries - @OsandaMalith Show Sample Output


    1
    for i in $(objdump -d binary | grep "^ "|awk -F"[\t]" '{print $2}'); do echo -n ${i:6:2}${i:4:2}${i:2:2}${i:0:2};done| sed 's/.\{2\}/\\x&/g'
    Osanda · 2015-07-02 15:52:27 0
  • Better than the others, and actually works unlike some of them. Show Sample Output


    0
    objdump -d $1 | grep -Po '\s\K[a-f0-9]{2}(?=\s)' | sed 's/^/\\x/g' | perl -pe 's/\r?\n//' | sed 's/$/\n/'
    Daytona · 2015-05-23 01:21:58 0
  • Extracts the binary from the .text section and escapes it. This puts it in a form ready to use in a program. Show Sample Output


    0
    objdump -d -j .text ExeHere | grep -e '^ ' | tr '[[:space:]]' '\n' | egrep '^[[:alnum:]]{2}$' | xargs | sed 's/ /\\x/g' | sed -e 's/^/\\x/g'
    keyboardsage · 2016-09-11 07:15:00 0
  • Seems to work on Ubuntu 14.02 LTS Show Sample Output


    0
    objdump -s ./HelloWorld | grep -v '^ [0-9a-f][0-9a-f][0-9a-f][0-9a-f] \b' | grep -v 'Contents' | grep -v './' | cut -d' ' -f 3-6| sed 's/ //g' | sed '/./!d' | tr -d '\n'| sed 's/.\{2\}/&\\x/g' | sed 's/^/\\x/'|sed 's/..$//'|sed 's/^/"/;s/$/"/g'
    mark20 · 2016-10-05 23:31:05 0
  • use this to avoid executing the target app


    -1
    function ldd(){ objdump -p $1 | grep -i need; }
    jyf · 2010-09-07 02:44:59 0

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Backup with versioning
Apart from an exact copy of your recent contents, also keep all earlier versions of files and folders that were modified or deleted. Inspired by the excellent EVACopy http://evacopy.sourceforge.net

backup system over ssh, exlucde common dirs

Save a file you edited in vim without the needed permissions
Calls sudo tee like all the other lines, but also automatically reloads the file. Optionally you can add command Wq :execute ':W' | :q and command WQ :Wq to make quitting easier

Watch the disk fill up with change highlighting
If you add the -d flag each difference in the command's output will be highlighted. I also monitor individual drives by adding them to df. Makes for a nice thin status line that I can shove to the bottom of the monitor.

Figure out what shell you're running

zsh only: access a file when you don't know the path, if it is in PATH
Say you want to execute 'file' on the command 'top' (to determine what type of file it is); but you don't know where 'top' resides: preface the argument with = and zsh will implicitly prepend the path.

Forget remembered path locations of previously ran commands
i.e.: Useful if you add ~/bin to your $PATH and you want to override locations of previously ran commands and you don't want to log out and log back in to be able to use them.

see the TIME_WAIT and ESTABLISHED nums of the network
see the TIME_WAIT and ESTABLISHED nums of the network

check open ports without netstat or lsof

Clone IDE Hard Disk
This command clone the first partition of the primary master IDE drive to the second partition of the primary slave IDE drive (!!! back up all data before trying anything like this !!!)


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: