| Operating system | Unix and Unix-like |
|---|---|
| Type | Command |
| License | GNU GPL |
objdump is a command-line program for displaying various information about object files on Unix-like operating systems. For instance, it can be used as a disassembler to view an executable in assembly form. It is part of the GNU Binutils for fine-grained control over executables and other binary data. objdump uses the BFD library to read the contents of object files. Similar utilities are Borland TDUMP, Microsoft DUMPBIN and readelf .
Note that on certain platforms (e.g. macOS), the objdump binary may actually be a link to llvm's objdump, with different command-line options and behavior.[ citation needed ]
For example,
$ objdump -D -M intel file.bin | grep main.: -A20
This performs disassembly on the file «file.bin», with the assembly code shown in Intel syntax. We then redirect it to grep, which searches the main function and displays 20 lines of its code.
Example output:
4004ed <main>:4004ed:55 pushrbp4004ee:48 89 e5 movrbp,rsp4004f1:c7 45 ec 00 00 00 00 movDWORDPTR[rbp-0x14],0x04004f8:c7 45 f0 01 00 00 00 movDWORDPTR[rbp-0x10],0x14004ff:c7 45 f4 02 00 00 00 movDWORDPTR[rbp-0xc],0x2400506:c7 45 f8 03 00 00 00 movDWORDPTR[rbp-0x8],0x340050d:c7 45 fc 04 00 00 00 movDWORDPTR[rbp-0x4],0x4400514:c7 45 ec 00 00 00 00 movDWORDPTR[rbp-0x14],0x040051b:eb 13 jmp400530<main+0x43>40051d:8b 05 15 0b 20 00 moveax,DWORDPTR[rip+0x200b15]# 601038 <globalA>400523:83 e8 01 subeax,0x1400526:89 05 0c 0b 20 00 movDWORDPTR[rip+0x200b0c],eax# 601038 <globalA>40052c:83 45 ec 01 addDWORDPTR[rbp-0x14],0x1400530:8b 05 02 0b 20 00 moveax,DWORDPTR[rip+0x200b02]# 601038 <globalA>400536:39 45 ec cmpDWORDPTR[rbp-0x14],eax400539:7c e2 jl40051d<main+0x30>40053b:5d poprbp40053c:c3 ret40053d:0f 1f 00 nopDWORDPTR[rax]  | This Unix-related article is a stub. You can help Wikipedia by expanding it. |
SoftICE is a kernel mode debugger for DOS and Windows up to Windows XP. It is designed to run underneath Windows, so that the operating system is unaware of its presence. Unlike an application debugger, SoftICE is capable of suspending all operations in Windows when instructed. Because of its low-level capabilities, SoftICE is also popular as a software cracking tool.
The Netwide Assembler (NASM) is an assembler and disassembler for the Intel x86 architecture. It can be used to write 16-bit, 32-bit (IA-32) and 64-bit (x86-64) programs. It is considered one of the most popular assemblers for Linux and x86 chips.
Bytecode is a form of instruction set designed for efficient execution by a software interpreter. Unlike human-readable source code, bytecodes are compact numeric codes, constants, and references that encode the result of compiler parsing and performing semantic analysis of things like type, scope, and nesting depths of program objects.
x86 assembly language is the name for the family of assembly languages which provide some level of backward compatibility with CPUs back to the Intel 8008 microprocessor, which was launched in April 1972. It is used to produce object code for the x86 class of processors.
In computing, a bus error is a fault raised by hardware, notifying an operating system (OS) that a process is trying to access memory that the CPU cannot physically address: an invalid address for the address bus, hence the name. In modern use on most architectures these are much rarer than segmentation faults, which occur primarily due to memory access violations: problems in the logical address or permissions.
The archiver, also known simply as ar, is a Unix utility that maintains groups of files as a single archive file. Today, ar is generally used only to create and update static library files that the link editor or linker uses and for generating .deb packages for the Debian family; it can be used to create archives for any purpose, but has been largely replaced by tar for purposes other than static libraries. An implementation of ar is included as one of the GNU Binutils.
The x86 instruction set refers to the set of instructions that x86-compatible microprocessors support. The instructions are usually part of an executable program, often stored as a computer file and executed on the processor.
nm is a Unix command used to dump the symbol table and their attributes from a binary executable file.
The GNU Assembler, commonly known as gas or as, is the assembler developed by the GNU Project. It is the default back-end of GCC. It is used to assemble the GNU operating system and the Linux kernel, and various other software. It is a part of the GNU Binutils package.
In Unix-like and some other operating systems, find is a command-line utility that locates files based on some user-specified criteria and either prints the pathname of each matched object or, if another action is requested, performs that action on each matched object.
In the x86 architecture, the CPUID instruction is a processor supplementary instruction allowing software to discover details of the processor. It was introduced by Intel in 1993 with the launch of the Pentium and SL-enhanced 486 processors.
MKS Toolkit is a software package produced and maintained by PTC that provides a Unix-like environment for scripting, connectivity and porting Unix and Linux software to Microsoft Windows. It was originally created for MS-DOS, and OS/2 versions were released up to version 4.4. Several editions of each version, such as MKS Toolkit for developers, power users, enterprise developers and interoperability are available, with the enterprise developer edition being the most complete.
On many computer operating systems, a computer process terminates its execution by making an exit system call. More generally, an exit in a multithreading environment means that a thread of execution has stopped running. For resource management, the operating system reclaims resources that were used by the process. The process is said to be a dead process after it terminates.
crt0 is a set of execution startup routines linked into a C program that performs any initialization work required before calling the program's main function.
This article describes the calling conventions used when programming x86 architecture microprocessors.
In Unix and Unix-like operating systems, a soname is a field of data in a shared object file. The soname is a string, which is used as a "logical name" describing the functionality of the object. Typically, that name is equal to the filename of the library, or to a prefix thereof, e.g. libc.so.6.
A decompiler is a computer program that translates an executable file to high-level source code. It does therefore the opposite of a typical compiler, which translates a high-level language to a low-level language. While disassemblers translate an executable into assembly language, decompilers go a step further and translate the code into a higher level language such as C or Java, requiring more sophisticated techniques. Decompilers are usually unable to perfectly reconstruct the original source code, thus will frequently produce obfuscated code. Nonetheless, they remain an important tool in the reverse engineering of computer software.
VIA PadLock is a central processing unit (CPU) instruction set extension to the x86 microprocessor instruction set architecture (ISA) found on processors produced by VIA Technologies and Zhaoxin. Introduced in 2003 with the VIA Centaur CPUs, the additional instructions provide hardware-accelerated random number generation (RNG), Advanced Encryption Standard (AES), SHA-1, SHA256, and Montgomery modular multiplication.
JIT spraying is a class of computer security exploit that circumvents the protection of address space layout randomization and data execution prevention by exploiting the behavior of just-in-time compilation. It has been used to exploit the PDF format and Adobe Flash.
ldd is a *nix utility that prints the shared libraries required by each program or shared library specified on the command line. It was developed by Roland McGrath and Ulrich Drepper. If some shared library is missing for any program, that program won't come up.
