Thursday, June 04, 2009

Examining binary files in Linux

A few different tips assembled together for one to find out information about an executable binary in Linux.

To assert that the file is a binary executable (or some other file types):


file file.bin


To see what the legible strings within the binary file is:


strings file.bin


To do a hexdump of the file:


od -tx1 file.bin


To disassemble a compiled binary:


readelf -b file.bin -m i8086


To disassemble an binary object file:


objdump -DaflSx -b file.bin -m i8086


To list the symbols in an object file:


nm file.bin


To see what shared library it's being linked with:


ldd file.bin


To see a trace of what libraries it calls / files open dynamically:


dtrace file.bin


To debug through it's execution:


gdb file.bin


To unmangle function names if code is compiled with C++:


echo "<mangled_symbol_name>" | c++filt


 

1 comments:

Anonymous said...

Thanks, I didn't know some of these commands even existed.

Post a comment